Bitte um Hilfe D: Hartnäckige Chrome Erweiterung mit unbekanntem Ausmaß

BlackOnyx · 06.09.2017, 10:32

Hallo liebes Trojaner-Board!

Ich habe ein mehr oder weniger großes Problem, über dessen ganze Außmaße ich mir noch nicht sicher bin.
Irgendwie habe ich mir in Google Chrome eine hartnäckige Erweiterung eingefangen, die ich einfach nicht loswerde. Ich kann sie weder deaktivieren und noch weniger löschen. Wenn ich auf den Mülleimer drücken will, steht da, dass die Erweiterung (Tabs 2 Grid) durch Unternehmerrichtlinien installiert wurde, weshalb sie wohl auch nicht gelöscht werden kann.

Was ich (erfolglos) versucht habe:

- Google Chrome deinstallieren / neu installieren
- Google Chrome zurücksetzen
- Google Chrome mit Revo Uninstaller deinstallieren
- sämtliche Programme deinstallieren, die zum Zeitpunkt des Auftauchens der Erweiterung installiert wurden
- Windows im abgesicherten Modus starten und manuell versuchen, die Ursache zu finden
- Autostart irgendwie checken
- 360 Security (mein Antiviren-Programm) mehrfach durchlaufen lassen (keine Funde)
- Google Clean Up Tool installiert (ist irgendwo in der Versenkung verschwunden)

Tja, das ist, was ich derzeit alles ausprobiert habe. Ich habe diese Erweiterung seit vorgestern Abend etwa drauf, als ich im Netz nach Spielen gesucht habe.

Da ich nicht weiß, wie weitreichend das Problem ist, wäre mein nächster Schritt, wenn alle Fäden reißen, Windows noch einmal neu zu installieren.

Mein Betriebssystem: Windows 10
Mein Ausweichbrowser: Mozilla Firefox
Mein Antivieren-Programm: 360 Total Security

Wenn ihr weitere Informationen benötigt, bitte schreiben. Ich kenne mich mit PCs nur wenig aus, von daher verstehe ich auch den Fachjargon nicht so wirklich.
Ich bitte also um "kindgerechte" Erklärungen und Anleitungen.

Vielen Dank im Voraus!

M-K-D-B · 06.09.2017, 10:56

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.
Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

BlackOnyx · 06.09.2017, 10:57

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
durchgeführt von hoppe (Administrator) auf BLACKHARMONICS (06-09-2017 11:47:26)
Gestartet von C:\Users\hoppe\Downloads
Geladene Profile: defaultuser0 & hoppe (Verfügbare Profile: defaultuser0 & hoppe)
Platform: Windows 10 Home Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(QIHU 360 SOFTWARE CO. LIMITED) D:\360\Total Security\safemon\QHActiveDefense.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(QIHU 360 SOFTWARE CO. LIMITED) D:\360\Total Security\safemon\QHWatchdog.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(QIHU 360 SOFTWARE CO. LIMITED) D:\360\Total Security\safemon\QHSafeTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM-x32\...\Run: [QHSafeTray] => D:\360\Total Security\safemon\360Tray.exe [345000 2017-08-11] (QIHU 360 SOFTWARE CO. LIMITED)
HKLM-x32\...\RunOnce: [360vpnuninst_37c4c8ff1aa4da97e2cc0ad122e96803] => C:\Users\hoppe\AppData\Local\Temp\37c4c8ff1aa4da97e2cc0ad122e96803_remove360vpn.bat [603 2017-09-06] () <==== ACHTUNG
HKU\S-1-5-21-2502170952-984855085-4023997487-1000\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
GroupPolicy: Beschränkung - Chrome <==== ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2174b39f-ac77-42cd-90ec-3f3c64d2b6a5}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{984abe61-1578-488e-87cb-455ffc6824f6}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-2502170952-984855085-4023997487-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.online/?w=RD4623
SearchScopes: HKLM -> DefaultScope {F39B74E7-D674-4EC5-9B33-5169AACAE37B} URL = hxxp://www1.online/?w=RD4623&q={searchTerms}
SearchScopes: HKLM -> {F39B74E7-D674-4EC5-9B33-5169AACAE37B} URL = hxxp://www1.online/?w=RD4623&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2502170952-984855085-4023997487-1001 -> DefaultScope {F39B74E7-D674-4EC5-9B33-5169AACAE37B} URL = hxxp://www1.online/?w=RD4623&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2502170952-984855085-4023997487-1001 -> {F39B74E7-D674-4EC5-9B33-5169AACAE37B} URL = hxxp://www1.online/?w=RD4623&q={searchTerms}
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-10-01] (Oracle Corporation)

Edge: 
======
Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_2.2.0.0_neutral__c1wakc4j0nefm [2017-07-17]

FireFox:
========
FF DefaultProfile: r8cprlvn.default
FF ProfilePath: C:\Users\hoppe\AppData\Roaming\Mozilla\Firefox\Profiles\r8cprlvn.default [2017-09-06]
FF Extension: (GMX MailCheck) - C:\Users\hoppe\AppData\Roaming\Mozilla\Firefox\Profiles\r8cprlvn.default\Extensions\toolbar@gmx.net [2017-09-05]
FF Extension: (Adblock Plus) - C:\Users\hoppe\AppData\Roaming\Mozilla\Firefox\Profiles\r8cprlvn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-07-14]
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-10-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-10-01] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN)

Chrome: 
=======
CHR Profile: C:\Users\hoppe\AppData\Local\Google\Chrome\User Data\Default [2017-09-06]
CHR Extension: (Google Präsentationen) - C:\Users\hoppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-09-06]
CHR Extension: (Google Docs) - C:\Users\hoppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-09-06]
CHR Extension: (Google Drive) - C:\Users\hoppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-06]
CHR Extension: (YouTube) - C:\Users\hoppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-06]
CHR Extension: (Google Tabellen) - C:\Users\hoppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-09-06]
CHR Extension: (Tabs 2 Grid) - C:\Users\hoppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhhlffidbdcekjjclelmafdgfpekkgeh [2017-09-06]
CHR Extension: (Google Docs Offline) - C:\Users\hoppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\hoppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-06]
CHR Extension: (Google Mail) - C:\Users\hoppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-06]
CHR Extension: (Chrome Media Router) - C:\Users\hoppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-06]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3815712 2016-04-07] (INCA Internet Co., Ltd.)
R2 QHActiveDefense; D:\360\Total Security\safemon\QHActiveDefense.exe [929888 2017-08-11] (QIHU 360 SOFTWARE CO. LIMITED)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-17] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 360AntiHacker; C:\WINDOWS\System32\Drivers\360AntiHacker64.sys [183800 2017-04-21] (360.cn)
R3 360AvFlt; C:\WINDOWS\System32\DRIVERS\360AvFlt.sys [95232 2016-09-15] (360.cn)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [95232 2017-08-11] (360.cn)
R1 360Box64; C:\WINDOWS\System32\DRIVERS\360Box64.sys [339456 2017-08-11] (360.cn)
R1 360Camera; C:\WINDOWS\System32\Drivers\360Camera64.sys [57848 2017-04-21] (360.cn)
R1 360FsFlt; C:\WINDOWS\System32\DRIVERS\360FsFlt.sys [432120 2017-06-09] (360.cn)
R1 BAPIDRV; C:\WINDOWS\System32\DRIVERS\BAPIDRV64.sys [199160 2017-06-09] (360.cn)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-09-04] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-09-04] (Disc Soft Ltd)
S3 MotioninJoyXFilter; C:\WINDOWS\System32\drivers\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [Datei ist nicht signiert]
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2017-03-18] (Intel Corporation)
S3 pwftap; C:\WINDOWS\System32\drivers\pwftap.sys [36736 2016-12-13] (The OpenVPN Project)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [422656 2016-03-09] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [648872 2015-09-03] (Vimicro Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

========================== MD5 Treiber =======================

C:\WINDOWS\System32\drivers\1394ohci.sys AAB860A5E606B9621E130D8C29D3F305
C:\WINDOWS\System32\Drivers\360AntiHacker64.sys 86C58DFAD3663061DB053AF86F30619E
C:\WINDOWS\System32\DRIVERS\360AvFlt.sys A97716E2D5238E451128908952FFD27E
C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys A97716E2D5238E451128908952FFD27E
C:\WINDOWS\System32\DRIVERS\360Box64.sys AD6E28C62138DF9A5DD514B5B4353CBE
C:\WINDOWS\System32\Drivers\360Camera64.sys 9C0515172F5DDC7313604E40822B21E1
C:\WINDOWS\System32\DRIVERS\360FsFlt.sys C76E1DB033557C6196B1321DFE0F1FEF
C:\WINDOWS\System32\drivers\3ware.sys 4140B14929C555E9513D59A2EEB5C471
C:\WINDOWS\System32\drivers\ACPI.sys AC251B31370C1E00F577928260B8939F
C:\WINDOWS\System32\drivers\AcpiDev.sys 3E5E5DAE5CAEC0209C93D3AD8128D8A0
C:\WINDOWS\System32\Drivers\acpiex.sys F72D7CC7E7A97A09757313F3B4C7E17A
C:\WINDOWS\System32\drivers\acpipagr.sys F04B6F53FBDB2B6B0451AE53DE19F0C9
C:\WINDOWS\System32\drivers\acpipmi.sys C347A6095F3BE417D24F1E1349F4AF0F
C:\WINDOWS\System32\drivers\acpitime.sys 686BFFC47454DD2F58795C2EE891CA9F
C:\WINDOWS\System32\drivers\AcpiVpc.sys E13DE7CD2B62254DD4FF658B7798A37D
C:\WINDOWS\System32\drivers\ADP80XX.SYS FBDA59118E59B3722248C66BAD89CAA9
C:\WINDOWS\system32\drivers\afd.sys AC1928C2F7505BD556C552F153B062AB
C:\WINDOWS\System32\DRIVERS\ahcache.sys 1D914C996F2C3134E2344BB74F79BCF6
C:\WINDOWS\System32\drivers\amdk8.sys 9C39FBA94FFEF04561D13ED0D1B50DD0
C:\WINDOWS\System32\drivers\amdppm.sys 395D56FA2E22A10AE4774440D086F559
C:\WINDOWS\System32\drivers\amdsata.sys EB729A9ADCB9F9C406B533F95E2F67D4
C:\WINDOWS\System32\drivers\amdsbs.sys 3B5C5C696F33FE61F1922533B03B9316
C:\WINDOWS\System32\drivers\amdxata.sys A7D45A303FF8A9493C96C4B804051E6E
C:\WINDOWS\System32\drivers\appid.sys 5180537517C27375B1F2CB37ED599FAF
C:\WINDOWS\System32\drivers\applockerfltr.sys EAF36A714E16A69B8B4ED7591CBA77B6
C:\WINDOWS\System32\drivers\arcsas.sys 6E456A94B9BD7F6B4758729BCEDE40C3
C:\WINDOWS\System32\drivers\asyncmac.sys 766F3A7E42AFCF74265FAC78987D1665
C:\WINDOWS\System32\drivers\atapi.sys 01733BEEE02E51F712330D5909BD701C
C:\WINDOWS\System32\drivers\bxvbda.sys 0914A5E66C0775CE11960452A6434FEC
C:\WINDOWS\System32\DRIVERS\BAPIDRV64.sys 05E43AC1A9E9E618367923549B459B06
C:\WINDOWS\System32\drivers\BasicDisplay.sys F8129321B1874D4386F7FEB754BC3380
C:\WINDOWS\System32\drivers\BasicRender.sys E2BFD01BD0ECF2BDE9420022147952A4
C:\WINDOWS\System32\drivers\bcmfn2.sys 739D089777D2B66DBE7201E5EA4BA2D7
C:\Windows\System32\Drivers\Beep.sys ED03D2ACE378C9EB8BB957ABBD85B951
C:\WINDOWS\System32\DRIVERS\bowser.sys 2342B8619193B0D9FAC0D02C69DCE74A
C:\WINDOWS\System32\drivers\BthAvrcpTg.sys AF57F0B0E284BE06860A7B701341324D
C:\WINDOWS\System32\drivers\bthhfenum.sys E1E55BA45510B2B0309E2C77ABEB1BFE
C:\WINDOWS\System32\drivers\BthHFHid.sys 336A9C0254A0178ED50281B6EDF5B836
C:\WINDOWS\System32\drivers\bthmodem.sys 5428242193611BF91DDBF4F58900A55A
C:\WINDOWS\System32\drivers\BTHport.sys 27B7348B88DE2F93C4FB4D53EC469AB0
C:\WINDOWS\System32\drivers\BTHUSB.sys FA5CE6301192DD6ED4AA747B2C88FD42
C:\WINDOWS\System32\drivers\buttonconverter.sys 102CAA11BA89290D48FBFD2E04274BA0
C:\WINDOWS\System32\drivers\CAD.sys 029434AC0A3935F9125ABBD08BF7C30B
C:\WINDOWS\System32\drivers\capimg.sys 307AE8BC9B45772DA02FB952A1D86C35
C:\WINDOWS\System32\DRIVERS\cdfs.sys B6E5AD7C83A5254DEE9D86023C0E5A81
C:\WINDOWS\System32\drivers\cdrom.sys ABE77AD954BC3D72F559CF0C381E50BC
C:\WINDOWS\System32\drivers\cht4sx64.sys 05EA22CFC40EDE05BF6E3BC782E5204C
C:\WINDOWS\System32\drivers\cht4vx64.sys 863E1C9F6750446DFB9EDCAEC3531367
C:\WINDOWS\System32\drivers\circlass.sys 3E416539352B007AD0610BF34AC15D31
C:\WINDOWS\System32\drivers\cldflt.sys 616E1ED94FA7F96D429D985FDB203D2E
C:\WINDOWS\System32\drivers\CLFS.sys AF0BF03C8574DD026FAF9A82A64C2D04
C:\WINDOWS\System32\drivers\registry.sys 5118CFC33BBB51C7E3ED441B7085AD26
C:\WINDOWS\System32\drivers\CmBatt.sys 232F3A3AC3A2FB32C5C46503A6517073
C:\WINDOWS\System32\Drivers\cng.sys 3413CE81E02C091F33C4C3DD3071630F
C:\WINDOWS\System32\DRIVERS\cnghwassist.sys E1BFF774FF67CA951A5DFF0E104FB132
C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys DFDAEDB857BC18764F0D8ECDCC3C1499
C:\WINDOWS\System32\drivers\condrv.sys 04532711732BE9DBC364E88E4A9EC18A
C:\WINDOWS\System32\drivers\dam.sys F51953EC4B9AACD92A3B3CE66E05CEF4
C:\WINDOWS\System32\Drivers\dfsc.sys 185A4519B7764F4DEF714D890A7A9FD2
C:\WINDOWS\System32\drivers\disk.sys 1203EA16F36C5BEB2509FB7CC03DC178
C:\WINDOWS\System32\drivers\dmvsc.sys 038B8B76284BC291EC75B005BB3EB13F
C:\WINDOWS\System32\drivers\drmkaud.sys 3D934A1C02EB6979CF45C70A71F580EC
C:\WINDOWS\System32\drivers\dtlitescsibus.sys 679FF716052109392D870F6A6C4A3535
C:\WINDOWS\System32\drivers\dtliteusbbus.sys E23FDD696839A4790682CA66C48D3F2F
C:\WINDOWS\System32\drivers\dxgkrnl.sys F1D8A5A6C39586717822C2AAB70663F4
C:\WINDOWS\System32\drivers\evbda.sys D64CD3AE93125EDA383190C2AF607E70
C:\WINDOWS\System32\drivers\EhStorClass.sys FFBB37982E6D24AEC7A2E5459098EAC9
C:\WINDOWS\System32\drivers\EhStorTcgDrv.sys ABF38D02E01D6ED87AE1DF65FC5DF62D
C:\WINDOWS\System32\drivers\errdev.sys B9A59B4AD516E38C39FA416398B96CCB
C:\Windows\System32\Drivers\exfat.sys 9C4D88E8614487AD85A6F18A71A7298F
C:\Windows\System32\Drivers\fastfat.sys C61014A176ECAAF97589E6FC979CE786
C:\WINDOWS\System32\drivers\fdc.sys 853081957BA148F38FD8DE4390CFCF4A
C:\WINDOWS\System32\drivers\filecrypt.sys 27E764D6460504B7271AFECE7A59FB76
C:\WINDOWS\System32\drivers\fileinfo.sys 3D6087F51110F3CC0DA89385354F8C5E
C:\WINDOWS\System32\drivers\filetrace.sys 057E95E53C38260C4EF49B3A077770CD
C:\WINDOWS\System32\drivers\flpydisk.sys 90B2983D8495C26345A1DC5F0C3BB07B
C:\WINDOWS\System32\drivers\fltmgr.sys A84261F75F490E45CFEDBA77EFE4F67E
C:\WINDOWS\System32\drivers\FsDepends.sys D2814848206DFC18EB8D3D069FAE703E
C:\Windows\System32\Drivers\Fs_Rec.sys AE7EDF845F41ACA3B74567C3CE20E987
C:\WINDOWS\System32\DRIVERS\fvevol.sys 560AE7760EC108F92D2EA8638CC805CF
C:\WINDOWS\System32\drivers\vmgencounter.sys 4616F61E24B3AEA6E0E4EA7D69531EF4
C:\WINDOWS\System32\drivers\genericusbfn.sys 23174BB6937459B924BB8EF667FB28EF
C:\WINDOWS\System32\Drivers\msgpioclx.sys 4B11CFBE1D9B73A9D865F6AB26F800BA
C:\WINDOWS\System32\drivers\gpuenergydrv.sys 3FC3FCF557D0BE3D724EA10642E1F6FF
C:\WINDOWS\System32\drivers\HdAudio.sys BF14976E8223D334B21792FB8B74D7FF
C:\WINDOWS\System32\drivers\HDAudBus.sys 02B9639D9997E95CDF2F4C4F3BDCC73D
C:\WINDOWS\System32\drivers\HidBatt.sys 9F90819E301C70A3A042FC05D3E41B5F
C:\WINDOWS\System32\drivers\hidbth.sys 3CA3244C45B25F3B3ED9445C195E40EB
C:\WINDOWS\System32\drivers\hidi2c.sys 55DAF856F9633DD2519BA4E942870F02
C:\WINDOWS\System32\drivers\hidinterrupt.sys E34216A190D9BF8EAA666F6903BCD0EF
C:\WINDOWS\System32\drivers\hidir.sys 852DBB5185996AD8C73872A43A453729
C:\WINDOWS\System32\drivers\hidusb.sys C1A608120DE0DF52E51B8BAF86AF19F9
C:\WINDOWS\System32\drivers\HpSAMD.sys 8ADD9CA3E0F18CEA11EA6FAED794A228
C:\WINDOWS\System32\drivers\HTTP.sys BB1AE72906564A6E81B79D73A05AE21F
C:\WINDOWS\System32\drivers\hvservice.sys F60F8390B635156593F7493AE898AFB0
C:\WINDOWS\System32\drivers\hwpolicy.sys 563F5FC3B46A70A91AB6C8822AC8BF25
C:\WINDOWS\System32\drivers\hyperkbd.sys C082249BC3E972C8A132D9EC6AD9EAD5
C:\WINDOWS\System32\drivers\i8042prt.sys C6C8315E3262FAE460529C6DA2951682
C:\WINDOWS\System32\drivers\iagpio.sys C6B8743B213F06AA60943D8366FE968F
C:\WINDOWS\System32\drivers\iai2c.sys 9A2A2F3C69B9A30B6E78536F6D258BAD
C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys 42962355A7911407026E920E7252E3E5
C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys BD47B2FEABFA48C6224D43EE9EA9BC06
C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys 2184CB3A65888F446FCD6DBA9F073F4C
C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys 4126F8DA08CE7924A3AE6F7235F85D5F
C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 16A10CCEDCF5AC4CAAE43DC9FC40392F
C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys EB82A11613326691508D9ED9A4FE29E7
C:\WINDOWS\System32\drivers\iaStorAV.sys D820075D3395BED28FC57AEF8FBA666F
C:\WINDOWS\System32\drivers\iaStorV.sys A243E0CE8644378C9A9D015ABC3EDA27
C:\WINDOWS\System32\drivers\ibbus.sys E16E4FC9F250E48CB2CAD93E59D010E2
C:\WINDOWS\system32\DRIVERS\ibtfltcoex.sys 62F0CB0A54EAF37E15EC385300957BB8
C:\WINDOWS\system32\DRIVERS\igdkmd64.sys 9CE4D3A79D3180AC5A141E2F7E7137F4
C:\WINDOWS\System32\drivers\IndirectKmd.sys 0E33BC018502E7FDE77C343055D9C626
C:\WINDOWS\system32\drivers\intelaud.sys 41CD73C13FCAEA4942F0CF7608B7530F
C:\WINDOWS\system32\DRIVERS\IntcDAud.sys 87871AB7AC797F922A6F3D4C874CED96
C:\WINDOWS\System32\drivers\intelide.sys 4B7F8A1AAC7172DB6918A0E10E1D78A3
C:\WINDOWS\System32\drivers\intelpep.sys 0A3DBE89C965FFB7C0D0E38834E77B90
C:\WINDOWS\System32\drivers\intelppm.sys 64EC687A811DC4F69DF3816F073352AA
C:\WINDOWS\System32\drivers\iorate.sys 549C278119FF539C3B219C55B98B0E87
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys A0F9F2E87F0C751FE164D90EB44A9B63
C:\WINDOWS\System32\drivers\IPMIDrv.sys 656DDB34996A96539BA6E2843B5F2A77
C:\WINDOWS\System32\drivers\ipnat.sys DCC05E5EAA580C97F13B434FAFACED85
C:\WINDOWS\system32\drivers\irda.sys 9035C10C7EB8CF7C87CEA82A62EBB43A
C:\WINDOWS\System32\drivers\irenum.sys E7FD479E3298F3C8852A0D2F092BDB35
C:\WINDOWS\System32\drivers\isapnp.sys 7FE3B3A30FA20F27AF7022A01C2266BA
C:\WINDOWS\System32\drivers\msiscsi.sys 618707F3F742BF67AB578808171F60EB
C:\WINDOWS\System32\drivers\iwdbus.sys 48B904D31F2369D7B0122617038D3F5B
C:\WINDOWS\System32\drivers\kbdclass.sys D36B404BF979297C6572AEF98B2594F2
C:\WINDOWS\System32\drivers\kbdhid.sys 7E2036A846789D6D6A2EE21915017EE1
C:\WINDOWS\System32\drivers\kdnic.sys 4C054B8E901F41F5743DADE8A29FF256
C:\WINDOWS\System32\Drivers\ksecdd.sys BA7A5838866618A4E82FBC05B8923605
C:\WINDOWS\System32\Drivers\ksecpkg.sys 6629CAA1F157088B9EDD1EAD24C6D753
C:\WINDOWS\system32\drivers\ksthunk.sys 9778205F28DC4F2EFFCC146647FE5CF0
C:\WINDOWS\System32\drivers\lltdio.sys FC37745959DFA4871759E4DCC836227A
C:\WINDOWS\System32\drivers\lsi_sas.sys 16C9D4D822CCA795A72DC88B25A577CC
C:\WINDOWS\System32\drivers\lsi_sas2i.sys 920F0CFCED5F28A31B79F1C470649D11
C:\WINDOWS\System32\drivers\lsi_sas3i.sys 0FE63316F1C70A0F759A449FAC64C24B
C:\WINDOWS\System32\drivers\lsi_sss.sys 80E82C46B27A923A3744531069B63857
C:\WINDOWS\system32\drivers\luafv.sys 88F5570C04766EE561FF129B2F93030C
C:\WINDOWS\System32\drivers\mausbhost.sys C3EED732789052C98A2613A7E1C37CDA
C:\WINDOWS\System32\drivers\mausbip.sys 4DCE65116A28488593FF5A6A18B03DB0
C:\WINDOWS\System32\drivers\megasas.sys 0609BF877A2F4DEECC62EEE220AB6242
C:\WINDOWS\System32\drivers\MegaSas2i.sys EEC64C8D498D121607C7615FDFBEE4D0
C:\WINDOWS\System32\drivers\megasr.sys 2B7D3B206833D769218A1F4BE2D73B97
C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys 034338E2F6F123727F7C351152B084AF
C:\WINDOWS\System32\drivers\mlx4_bus.sys 89257B8D3826B5629CF7F73F97DA44F9
C:\WINDOWS\system32\drivers\mmcss.sys 9AE3C0CC0865B1618A3C97744A6A9E9B
C:\WINDOWS\System32\drivers\modem.sys 0CD29540C32C2E2E0E3D7E9832752AF3
C:\WINDOWS\System32\drivers\monitor.sys 534477FCAFDFCA6B841BFA06BD26BCC5
C:\WINDOWS\System32\drivers\MijXfilt.sys C030F9E822A057C1A7A9BB4EA3E8877E
C:\WINDOWS\System32\drivers\mouclass.sys F5D4E18A70BA069D479154442CDEB60D
C:\WINDOWS\System32\drivers\mouhid.sys 5C09868963B0C076AC3BC7759A46B7B1
C:\WINDOWS\System32\drivers\mountmgr.sys 8BF7039787036529B98E50AE86A0E46B
C:\WINDOWS\System32\drivers\mpsdrv.sys AD118EC95E9EF4D5223D681D8F183567
C:\WINDOWS\system32\drivers\mrxdav.sys D14C297933C82B8CB0B5CBBA4DDC830B
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys F2AD1B72C5A6475FB5FF332E1980DF88
C:\WINDOWS\System32\DRIVERS\mrxsmb10.sys 84700F40C0E41AEA91F8F3D6218A8A68
C:\WINDOWS\System32\DRIVERS\mrxsmb20.sys B855479BA6A74349CEF8061808C90201
C:\WINDOWS\System32\drivers\bridge.sys 44A8A52763381E5DCAE122330191493C
C:\Windows\System32\Drivers\Msfs.sys 92C00BD9616F353CA59A755C33269757
C:\WINDOWS\System32\drivers\msgpiowin32.sys F27EC8F7A0A779276E5DA2E70C2B01EE
C:\WINDOWS\System32\drivers\mshidkmdf.sys CBA955A54C9446CAAD28C76789D3B071
C:\WINDOWS\System32\drivers\mshidumdf.sys E8E568EF60677E4534F387C53EE1B35F
C:\WINDOWS\System32\drivers\msisadrv.sys 16376B7B0730C04DD1A2C0CC8E09E420
C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys C2939119A17E52D74191EFC1E4CDEE09
C:\WINDOWS\System32\drivers\mslldp.sys E40B960078A15D4901265D32E071C42D
C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys B4860AB91DC4E73936F0FF504D6B4B07
C:\WINDOWS\system32\DRIVERS\MSPQM.sys 8EDC45C3F7F64A51C98B59E24648F74B
C:\Windows\System32\Drivers\MsRPC.sys 7DA5FAC2A49D30CA5B7B96B8B26281AC
C:\WINDOWS\System32\drivers\mssmbios.sys 7E3365C8BC83DCE88D6226BB5C7170C4
C:\WINDOWS\system32\DRIVERS\MSTEE.sys 09D51564E49181E9928910D6B91C920E
C:\WINDOWS\System32\drivers\MTConfig.sys 793AE56A3946EAD5F906C28D294FEFE6
C:\WINDOWS\System32\Drivers\mup.sys E35F51C7474A26680627477462715206
C:\WINDOWS\System32\drivers\mvumis.sys 74BD1149BF50F1E24934042A3BD17C90
C:\WINDOWS\System32\DRIVERS\nwifi.sys 39C772E20B8C61858F969E4D60699D89
C:\WINDOWS\System32\drivers\ndfltr.sys 0FFE8AF1B94C5FD54E6ACC6DAE990D31
C:\WINDOWS\System32\drivers\ndis.sys 59F3D5FEF4A24871C07C279762DA8624
C:\WINDOWS\System32\drivers\ndiscap.sys 4EA73CFDEE4A628D387D95464A131F29
C:\WINDOWS\System32\drivers\NdisImPlatform.sys EB127689AF6F24091AB73538A556257F
C:\WINDOWS\System32\DRIVERS\ndistapi.sys 73B4C72FB6170A08C64BDA92DE93ECF7
C:\WINDOWS\System32\drivers\ndisuio.sys 6704F27EB15A5B30AA7FA5A4F4D1FD47
C:\WINDOWS\System32\drivers\NdisVirtualBus.sys FE87CCAA89433FC306A80F15E848F4B2
C:\WINDOWS\System32\drivers\ndiswan.sys 94517BC9F29A1B73D377F1BF1C3DCA34
C:\WINDOWS\System32\DRIVERS\ndiswan.sys 94517BC9F29A1B73D377F1BF1C3DCA34
C:\WINDOWS\System32\DRIVERS\NDProxy.sys AC6AC99075732F5C29DB0004DD5B1AC6
C:\WINDOWS\System32\drivers\Ndu.sys 9AC090451D92E6081EB89CDA83D74189
C:\WINDOWS\System32\drivers\NetAdapterCx.sys A115DDB2C7805C41EEC9A5276FF5764E
C:\WINDOWS\System32\drivers\netbios.sys F420B6CAB5151A38E4DBBFFB500C11DA
C:\WINDOWS\System32\DRIVERS\netbt.sys 30C2F67EC84EB11B22011620107E0325
C:\WINDOWS\System32\drivers\netvsc.sys 8C03F2F5A9E93AEB08B3AEE51552394A
C:\WINDOWS\System32\drivers\NETwew01.sys 99C24A7DC1F3D4845553B4BD189274A0
C:\Windows\System32\Drivers\Npfs.sys 6D8F6A9C53CFB0C49E8251A442B7283F
C:\WINDOWS\System32\drivers\npsvctrig.sys BABF7E1757D6908941C9F9CBD66A5EF0
C:\WINDOWS\System32\drivers\nsiproxy.sys 7A6BA778B48DF9FB7AC231D4FF6E3248
C:\Windows\System32\Drivers\NTFS.sys 075F8C81457804BB79DD33FE69A96C57
C:\Windows\System32\Drivers\Null.sys 4FFB2D5655D10700D5B8E205C4DB86BD
C:\WINDOWS\System32\drivers\nvdimmn.sys 99EB6376EC2C03CE5F668577651E3454
C:\WINDOWS\System32\drivers\nvraid.sys 3DB2E9E207358BFBD09B77B5119ECA5B
C:\WINDOWS\System32\drivers\nvstor.sys 4C04BFBD4DB2EECCC47F5FA39D65BB6E
C:\WINDOWS\System32\drivers\parport.sys 2CC6C325B271C7CA60F374F8F868CB45
C:\WINDOWS\System32\drivers\partmgr.sys 664B7DDEE982ADF5EAB480C75B9F6218
C:\WINDOWS\System32\drivers\pci.sys C5B74C6D87E77BC64DEBD1BF57DEB375
C:\WINDOWS\System32\drivers\pciide.sys CFB85CB7A6F6926EA0EB96EDFB3C8A91
C:\WINDOWS\System32\drivers\pcmcia.sys 13B7D84B397A90E82682C47A15C3A98D
C:\WINDOWS\System32\drivers\pcw.sys 76EA512FD9D4673CF7A57775EE8922E2
C:\WINDOWS\System32\drivers\pdc.sys 10E48E45A03A7F4C2B7C11738BE87816
C:\WINDOWS\System32\drivers\peauth.sys 4F190BA3C9BD2F0277BCBF480F396091
C:\WINDOWS\System32\drivers\percsas2i.sys FE52FF97A094609429FEF098EDC6FB08
C:\WINDOWS\System32\drivers\percsas3i.sys FCA143274792F12383C35902E801E83A
C:\WINDOWS\System32\drivers\pmem.sys 414CA4DCC31D795882B25ADC1DACE779
C:\WINDOWS\System32\drivers\raspptp.sys D292D7FADCEE481CC64A9DE8FE9C3347
C:\WINDOWS\System32\drivers\processr.sys D57CF871B3977731A91FE9611A54C7C1
C:\WINDOWS\System32\drivers\pacer.sys B60431D2A046AD97F8427F6E568370F5
C:\WINDOWS\System32\drivers\pwftap.sys 2C1686795B9307265F649249AD11D629
C:\WINDOWS\system32\drivers\qwavedrv.sys A2B0F46FBA2521E7E732BDBDB1238515
C:\WINDOWS\System32\DRIVERS\rasacd.sys EA9EB06EFC325CD2ACF5DF2F26A4894E
C:\WINDOWS\System32\drivers\AgileVpn.sys 4E9379389D0A851DD19D130C8FAEFBD0
C:\WINDOWS\System32\drivers\rasl2tp.sys 5279EC98F6218D29EADDFECCC0D80E9A
C:\WINDOWS\System32\DRIVERS\raspppoe.sys D7FF75ED7A48FD60A573C9E959CF4DB5
C:\WINDOWS\System32\drivers\rassstp.sys 6A4E45A7F17FA0B4B1B48C550E311944
C:\WINDOWS\System32\DRIVERS\rdbss.sys F2C575A9657F7B2E027C6CE7BC8F1A2D
C:\WINDOWS\System32\drivers\rdpbus.sys 9414B22E093243636D362BF8C8C12A67
C:\WINDOWS\System32\drivers\rdpdr.sys 53A01D3FDB701AC5D9DDE4140227E3D9
C:\WINDOWS\System32\drivers\rdpvideominiport.sys DF32ED51DC0C3F6F3B1C4CEF71B8B426
C:\WINDOWS\System32\drivers\rdyboost.sys 2369A5B651308E0C3458143976E9B03B
C:\Windows\System32\Drivers\ReFS.sys 3581FB9529035F8EC6DB681664CA70B1
C:\Windows\System32\Drivers\ReFSv1.sys 79E1ADE19D8B7C56EF29D098EAF57AD0
C:\WINDOWS\System32\drivers\rspndr.sys E87EECED9287C275B6CF30EB598B1D77
C:\WINDOWS\System32\drivers\rt640x64.sys AB7C0639DF052528C2CB06D0EAE115EC
C:\WINDOWS\system32\Drivers\RtsUer.sys 4DBBD2B451A2C45536F14FA972DD3E83
C:\WINDOWS\System32\drivers\vms3cap.sys 6308366D3CDEA5F427CFF4BCF0081B4E
C:\WINDOWS\System32\drivers\sbp2port.sys 33B2DC5C2F19DA89F862484E23D9833D
C:\WINDOWS\System32\DRIVERS\scfilter.sys 5CFEEFCC6FAD1FD09ACCFBD652DDD85B
C:\WINDOWS\System32\drivers\scmbus.sys 5C8620FAC0E3C1658C8EF7AD7BB7EA5F
C:\WINDOWS\System32\drivers\sdbus.sys 71A494A502F24465317E88E80F6C0C2C
C:\WINDOWS\System32\drivers\SDFRd.sys 464B615872981015AC4FEEBDEA83A063
C:\WINDOWS\System32\drivers\sdstor.sys 6BC219F1D9CDE08CEB9084ADB41FBA01
C:\WINDOWS\System32\drivers\SerCx.sys 585329F62195A4B7AAD0A95F6EC89751
C:\WINDOWS\System32\drivers\SerCx2.sys C8F4FDA8B3D039D7947344614FF5BFB2
C:\WINDOWS\System32\drivers\serenum.sys E5B450E4E0DC1591254BF9CCF6C57B40
C:\WINDOWS\System32\drivers\serial.sys 628D8DD136F92316BFEB58FA005338B7
C:\WINDOWS\System32\drivers\sermouse.sys E5BA0B7353ADC5C95AB466D2E4DC89B1
C:\WINDOWS\System32\drivers\sfloppy.sys 15CFCC4692DA8887B977CE5FC5181084
C:\WINDOWS\System32\drivers\SiSRaid2.sys 2339F6B45E1D863B1D327F3AFD75A675
C:\WINDOWS\System32\drivers\sisraid4.sys F520D50AD7266ED31D25DF4C8EA6BC2D
C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys 8A6571231D93C08434A56E19E33A35CB
C:\WINDOWS\System32\drivers\spaceport.sys 2334ED0B61CAE7E7B1B454674206CDAC
C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys F3F0B8CAC1F3E6C3382EAFCE762475AD
C:\WINDOWS\System32\drivers\SpbCx.sys 83E82B0E292DCDE4C75B9241BF0FB300
C:\WINDOWS\System32\DRIVERS\srv.sys 36EAC4FE629FC036632F13EC14788FD1
C:\WINDOWS\System32\DRIVERS\srv2.sys A84B05C7C2A233497BE1D518A662C326
C:\WINDOWS\System32\DRIVERS\srvnet.sys 0351B28EEDFBD6C8CC69A7224A098CFA
C:\WINDOWS\System32\drivers\stexstor.sys D40C589F80EB1C511263D0547C0259AE
C:\WINDOWS\System32\drivers\storahci.sys 576A818562069B1E091CC719C143AED2
C:\WINDOWS\System32\drivers\vmstorfl.sys E5F703788DFA05411F1469E96838F438
C:\WINDOWS\System32\drivers\stornvme.sys 0D0128244FF55EAD3F878D3FE542DBA5
C:\WINDOWS\System32\drivers\storqosflt.sys 3A62FF78619258E6126C5C4B4CC82C8E
C:\WINDOWS\System32\drivers\storufs.sys C6097966F8EA3B288070CDF7C3C8C3E8
C:\WINDOWS\System32\drivers\storvsc.sys 3DC3B17E92DA02E36B4138733DF6C1AC
C:\WINDOWS\System32\drivers\swenum.sys 2BC4D0EBC2467FE90302AE0AFAF23768
C:\WINDOWS\System32\drivers\Synth3dVsc.sys 572F81CF08972D53BAFFC2A110A2A586
C:\WINDOWS\system32\DRIVERS\SynTP.sys 7DC2B34FB6F1798F2D13453E0321D025
C:\WINDOWS\System32\drivers\tcpip.sys 02481DA7952E87F0EF007B54E0216DA8
C:\WINDOWS\System32\drivers\tcpip.sys 02481DA7952E87F0EF007B54E0216DA8
C:\WINDOWS\System32\drivers\tcpipreg.sys 1C35A5C62D110346379C55E39A3D547C
C:\WINDOWS\system32\DRIVERS\tdx.sys D74756DD1518D28A09CDA99696273FA4
C:\WINDOWS\System32\drivers\terminpt.sys 96A35CDBA661D41C5A3914257CA1D200
C:\WINDOWS\System32\drivers\tpm.sys F76A92975340DAA99939DA297D677EA8
C:\WINDOWS\System32\drivers\tsusbflt.sys 9856BCCD1CD5DE4D17E8DBBA7CEFC688
C:\WINDOWS\System32\drivers\TsUsbGD.sys 837AD2B941E721BCCEB7EF137E2DEE18
C:\WINDOWS\System32\drivers\tunnel.sys B3142C6118703E98EB0510CF7B43D0F2
C:\WINDOWS\System32\drivers\uaspstor.sys B4C846ABD462558D45CA578C855759C3
C:\WINDOWS\System32\Drivers\UcmCx.sys 5C2C0296D9EE7DC92A3F14642FBE656D
C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys 8BB64E04CD97AD8C68543181D93E2AFC
C:\WINDOWS\System32\drivers\UcmUcsi.sys F083A400FB9CB8ADD1783848CB1C76F0
C:\WINDOWS\System32\drivers\ucx01000.sys 5D4EAF3D0911338CB8FDB088386D6DCA
C:\WINDOWS\System32\drivers\udecx.sys 384E1F0D84B465820416338E52FE7C2B
C:\WINDOWS\System32\DRIVERS\udfs.sys C82BE75239D412057C9E3DB1785680C6
C:\WINDOWS\System32\drivers\UEFI.sys CCDF6EFF952BF3BF34DC17600F479397
C:\WINDOWS\System32\drivers\ufx01000.sys 00BEF71C45FD6B06E7525E7B31EFA88C
C:\WINDOWS\System32\drivers\UfxChipidea.sys 9450AB15C30CF7D1F23C8A42E778C3A2
C:\WINDOWS\System32\drivers\ufxsynopsys.sys CEE12C7A689BDF448715024A7E0EB9C3
C:\WINDOWS\System32\drivers\umbus.sys F39ED750EDF5948FA8CD99D1F4EC9372
C:\WINDOWS\System32\drivers\umpass.sys 55984D4E64C2F8E4223542CBCC15EDEB
C:\WINDOWS\System32\drivers\urschipidea.sys 4D23214CB8B1C36B82061280EB8FDAB3
C:\WINDOWS\System32\drivers\urscx01000.sys 4329D880DB96B504F0DDC991A7374CCD
C:\WINDOWS\System32\drivers\urssynopsys.sys 93FAD0AC5879F274FA248A49E3F3EA33
C:\WINDOWS\system32\drivers\usbaudio.sys FC318082D0793B76C766A8DFD4C247C5
C:\WINDOWS\System32\drivers\usbccgp.sys 6B09AA6A04C8261E787B6523229E7159
C:\WINDOWS\System32\drivers\usbcir.sys ECE3AD18B4C22ED0C4AB1A2AD9AC32C8
C:\WINDOWS\System32\drivers\usbehci.sys F8BCB536866474C6D8008F4C69B778A1
C:\WINDOWS\System32\drivers\usbhub.sys 1F723DA014062DBF3288B408A7611845
C:\WINDOWS\System32\drivers\UsbHub3.sys 0939AD44244AA9D348187015083E17DF
C:\WINDOWS\System32\drivers\usbohci.sys BE6ED98FD0D3FE5FB11762AD7CCD6C96
C:\WINDOWS\System32\drivers\usbprint.sys CEE43CD5357DB8786CE6E2C430841AE4
C:\WINDOWS\System32\drivers\usbser.sys 99F0738B320B7A8D11351A32F68AA5F1
C:\WINDOWS\System32\drivers\USBSTOR.SYS 67E26F56CF7EACCBD9C9F75343A3D7C2
C:\WINDOWS\System32\drivers\usbuhci.sys 7BA802C9F73A84B75BB22538ADA495BE
C:\WINDOWS\System32\drivers\USBXHCI.SYS 50E70B3A95138AA4A30B095270EE0DE6
C:\WINDOWS\System32\drivers\vdrvroot.sys C1EC9211C7759D2487FD30934AA3EE96
C:\WINDOWS\System32\drivers\VerifierExt.sys C83F3BC00651448DB127D497CF955089
C:\WINDOWS\System32\drivers\vhdmp.sys 0E12F5F6B1C813D17AFDA197C4394423
C:\WINDOWS\System32\drivers\vhf.sys 1AD096A5C00E522398D0092D875A8CB6
C:\WINDOWS\System32\Drivers\vm331avs.sys FF9E47752DE943B35D00E5BC96BDC714
C:\WINDOWS\System32\drivers\vmbus.sys EE9A22CFD9AEDD7B52F98B0272494609
C:\WINDOWS\System32\drivers\VMBusHID.sys BFBD0895926FD98A03AD6BB845B569B7
C:\WINDOWS\System32\drivers\vmgid.sys C123C97D351C56C75FE5335AB18255EE
C:\WINDOWS\System32\drivers\volmgr.sys 0AB9C264F13E2A070A8CF10EDD099ED2
C:\WINDOWS\System32\drivers\volmgrx.sys 6EE608257C1137A25B402EF8FC77E83A
C:\WINDOWS\System32\drivers\volsnap.sys E3429DBBEA3965BB96E24B16EF4A2551
C:\WINDOWS\System32\drivers\volume.sys 86E790B503C771E674C7DF8FFCBFEFDB
C:\WINDOWS\System32\drivers\vpci.sys B25589A0892E6DF8CC07E5CB48BFC954
C:\WINDOWS\System32\drivers\vsmraid.sys AA4466A47D2CA7ECE3DCF5256017DCC3
C:\WINDOWS\System32\drivers\vstxraid.sys 98BB6C9AD39D8F2E883093F28282FAEC
C:\WINDOWS\System32\drivers\vwifibus.sys B47026E109828102266CBE2F5F9AD113
C:\WINDOWS\System32\drivers\vwififlt.sys 799ECD541A9B2764B36A22A095885365
C:\WINDOWS\System32\drivers\vwifimp.sys 82CA088A33517D1C8571D6850CC13D7E
C:\WINDOWS\System32\drivers\wacompen.sys F0F477541F7AF67CC05DA1CF4921A500
C:\WINDOWS\System32\DRIVERS\wanarp.sys FDD16EF9177A8A2EF08A7FA3D3EFAA13
C:\WINDOWS\System32\DRIVERS\wanarp.sys FDD16EF9177A8A2EF08A7FA3D3EFAA13
C:\WINDOWS\system32\drivers\wcifs.sys 923200B78F5284D674A3712204D0FEFA
C:\WINDOWS\system32\drivers\wcnfs.sys 1737BEF60CA384423CE4B32AF1C2BFFC
C:\WINDOWS\system32\drivers\WdBoot.sys 38130C1C5FE0E08820EE57E1B087B659
C:\WINDOWS\System32\drivers\Wdf01000.sys 0C6CBF3490EE5F0D62B5820568CA30B8
C:\WINDOWS\system32\drivers\WdFilter.sys F7B6CB0F9ECD28848E2BDACEAB0D9204
C:\WINDOWS\System32\DRIVERS\wdiwifi.sys BF45B43BA47D0FA769CE5AFBF7104F01
C:\WINDOWS\System32\Drivers\WdNisDrv.sys 82A4F22C884B4BAE8B531640859F9871
C:\WINDOWS\System32\drivers\wfplwfs.sys 3C8F0ABD00E197101DCF43FEF8FB0D76
C:\WINDOWS\System32\drivers\wimmount.sys 75014BF6510D4C6C69EEE5B7743A52AF
C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys C8EBCFED8FD2CDF725E44AF93016621E
C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys D318557F9D7CA3836104F0B8ECB1F32E
C:\WINDOWS\System32\drivers\winmad.sys 31DDF1D001336B2DCE7DF24E99EF1D04
C:\WINDOWS\System32\drivers\winnat.sys 2E1A614EFB0523E20860AE7978DDA0A4
C:\WINDOWS\System32\drivers\WinUsb.sys 03858B18BB6DF6A400D9FC5153FD28A8
C:\WINDOWS\System32\drivers\winverbs.sys 0BF4A43CF1F3A4D50AFA4561C3B4628D
C:\WINDOWS\System32\drivers\wmiacpi.sys 0D6E1347A891607759340B1E55BA2A77
C:\Windows\System32\Drivers\Wof.sys 1AE1076034392218EE89D2744EC2A071
C:\WINDOWS\System32\drivers\WpdUpFltr.sys 1FD80CBB192A20375F3664639DEB57B5
C:\WINDOWS\system32\drivers\ws2ifsl.sys DAF4451760B46CB383D287C4FAFFE97D
C:\WINDOWS\System32\drivers\WudfPf.sys 455609BF60DA3B57EEAB863DEFCCF14D
C:\WINDOWS\System32\drivers\WUDFRd.sys 5068DAA8F67A62E964C9C9F88B159EA9
C:\WINDOWS\System32\drivers\WUDFRd.sys 5068DAA8F67A62E964C9C9F88B159EA9
C:\WINDOWS\System32\drivers\xboxgip.sys B10655A4C2EFDC25483D670EF52A4854
C:\WINDOWS\System32\drivers\xinputhid.sys 2E50A379A8E4F6C5D85E87C26C08D329
C:\WINDOWS\System32\drivers\xusb21.sys 9176C0822FAA649E45121875BE32F5D2

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Drei Monate: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-06 11:47 - 2017-09-06 11:48 - 000036572 _____ C:\Users\hoppe\Downloads\FRST.txt
2017-09-06 11:46 - 2017-09-06 11:47 - 000000000 ____D C:\FRST
2017-09-06 11:46 - 2017-09-06 11:46 - 002395648 _____ (Farbar) C:\Users\hoppe\Downloads\FRST64.exe
2017-09-06 11:24 - 2017-09-06 11:24 - 000002324 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-06 11:23 - 2017-09-06 11:23 - 000003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-09-06 11:23 - 2017-09-06 11:23 - 000003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-09-06 11:14 - 2017-09-06 11:14 - 001130328 _____ (Google Inc.) C:\Users\hoppe\Downloads\ChromeSetup.exe
2017-09-06 11:11 - 2017-09-06 11:11 - 007178424 _____ (VS Revo Group ) C:\Users\hoppe\Downloads\revosetup_v2.0.3.exe
2017-09-06 11:11 - 2017-09-06 11:11 - 000001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-09-06 11:11 - 2017-09-06 11:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-09-06 11:11 - 2017-09-06 11:11 - 000000000 ____D C:\Program Files\VS Revo Group
2017-09-06 10:50 - 2017-09-06 11:24 - 000002336 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-05 20:48 - 2017-08-01 04:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-09-05 20:48 - 2017-08-01 04:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-09-05 20:48 - 2017-08-01 04:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-09-05 20:48 - 2017-08-01 04:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-09-05 20:48 - 2017-08-01 04:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-09-05 20:48 - 2017-08-01 04:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-09-05 20:48 - 2017-08-01 04:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-05 20:48 - 2017-08-01 04:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-09-05 20:48 - 2017-08-01 04:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-09-05 20:48 - 2017-08-01 04:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-09-05 20:48 - 2017-08-01 04:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-09-05 20:48 - 2017-08-01 03:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-09-05 20:48 - 2017-07-28 07:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-09-05 20:48 - 2017-07-28 06:48 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-09-05 20:48 - 2017-07-28 06:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-09-05 20:48 - 2017-07-28 06:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-09-05 20:48 - 2017-07-28 06:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-09-05 20:48 - 2017-07-28 06:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-05 20:48 - 2017-07-28 06:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-09-05 20:48 - 2017-07-28 06:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-09-05 20:48 - 2017-07-28 06:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-09-05 20:48 - 2017-07-28 06:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-09-05 20:48 - 2017-07-28 06:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-09-05 20:48 - 2017-07-28 06:33 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-09-05 20:48 - 2017-07-28 06:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-09-05 20:48 - 2017-07-28 06:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll
2017-09-05 20:48 - 2017-07-28 06:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-09-05 20:48 - 2017-07-28 06:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-09-05 20:48 - 2017-07-28 06:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-09-05 20:48 - 2017-07-28 06:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-09-05 20:48 - 2017-07-28 06:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-09-05 20:48 - 2017-07-28 06:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-09-05 20:48 - 2017-07-28 06:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-09-05 20:48 - 2017-07-28 06:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-09-05 20:48 - 2017-07-28 06:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-09-05 20:48 - 2017-07-28 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-09-05 20:48 - 2017-07-28 06:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-09-05 20:48 - 2017-07-28 06:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-09-05 20:48 - 2017-07-28 06:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-09-05 20:48 - 2017-07-28 06:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-09-05 20:48 - 2017-07-28 06:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-09-05 20:48 - 2017-07-28 06:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-09-05 20:48 - 2017-07-28 06:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-09-05 20:48 - 2017-07-28 06:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-09-05 20:48 - 2017-07-28 06:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-09-05 20:47 - 2017-08-01 04:39 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-09-05 20:47 - 2017-08-01 04:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-09-05 20:47 - 2017-08-01 04:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-09-05 20:47 - 2017-08-01 04:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-09-05 20:47 - 2017-08-01 04:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-09-05 20:47 - 2017-08-01 04:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-09-05 20:47 - 2017-08-01 04:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-09-05 20:47 - 2017-08-01 04:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-09-05 20:47 - 2017-08-01 04:32 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-09-05 20:47 - 2017-08-01 04:31 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-09-05 20:47 - 2017-08-01 04:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-09-05 20:47 - 2017-08-01 04:30 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-09-05 20:47 - 2017-08-01 04:30 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-09-05 20:47 - 2017-08-01 04:30 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-09-05 20:47 - 2017-08-01 04:30 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-09-05 20:47 - 2017-08-01 04:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-09-05 20:47 - 2017-08-01 04:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-09-05 20:47 - 2017-08-01 04:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-09-05 20:47 - 2017-08-01 04:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-09-05 20:47 - 2017-08-01 04:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-09-05 20:47 - 2017-08-01 04:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-09-05 20:47 - 2017-08-01 04:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-09-05 20:47 - 2017-08-01 04:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-09-05 20:47 - 2017-08-01 04:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-09-05 20:47 - 2017-08-01 04:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-09-05 20:47 - 2017-08-01 04:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-09-05 20:47 - 2017-08-01 04:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-09-05 20:47 - 2017-08-01 04:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-09-05 20:47 - 2017-08-01 04:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-09-05 20:47 - 2017-08-01 04:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-09-05 20:47 - 2017-08-01 04:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-09-05 20:47 - 2017-08-01 04:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-09-05 20:47 - 2017-08-01 03:57 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-09-05 20:47 - 2017-08-01 03:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-09-05 20:47 - 2017-08-01 03:36 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-09-05 20:47 - 2017-08-01 03:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-09-05 20:47 - 2017-08-01 03:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-09-05 20:47 - 2017-08-01 03:32 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-09-05 20:47 - 2017-08-01 03:31 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-09-05 20:47 - 2017-08-01 03:30 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-09-05 20:47 - 2017-08-01 03:28 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-09-05 20:47 - 2017-08-01 03:28 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-09-05 20:47 - 2017-07-28 07:25 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-09-05 20:47 - 2017-07-28 07:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-09-05 20:47 - 2017-07-28 07:24 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-09-05 20:47 - 2017-07-28 07:24 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2017-09-05 20:47 - 2017-07-28 07:23 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-05 20:47 - 2017-07-28 07:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2017-09-05 20:47 - 2017-07-28 07:22 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-09-05 20:47 - 2017-07-28 07:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-09-05 20:47 - 2017-07-28 07:17 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-09-05 20:47 - 2017-07-28 07:16 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-09-05 20:47 - 2017-07-28 07:15 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-09-05 20:47 - 2017-07-28 07:15 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-09-05 20:47 - 2017-07-28 07:14 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-05 20:47 - 2017-07-28 07:13 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-05 20:47 - 2017-07-28 07:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-09-05 20:47 - 2017-07-28 07:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-09-05 20:47 - 2017-07-28 07:13 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-09-05 20:47 - 2017-07-28 07:13 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-09-05 20:47 - 2017-07-28 07:12 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-09-05 20:47 - 2017-07-28 07:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-09-05 20:47 - 2017-07-28 07:10 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-09-05 20:47 - 2017-07-28 07:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-09-05 20:47 - 2017-07-28 07:09 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-09-05 20:47 - 2017-07-28 07:09 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-09-05 20:47 - 2017-07-28 06:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2017-09-05 20:47 - 2017-07-28 06:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-09-05 20:47 - 2017-07-28 06:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-09-05 20:47 - 2017-07-28 06:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-09-05 20:47 - 2017-07-28 06:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-09-05 20:47 - 2017-07-28 06:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2017-09-05 20:47 - 2017-07-28 06:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2017-09-05 20:47 - 2017-07-28 06:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
2017-09-05 20:47 - 2017-07-28 06:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2017-09-05 20:47 - 2017-07-28 06:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-09-05 20:47 - 2017-07-28 06:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-09-05 20:47 - 2017-07-28 06:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-09-05 20:47 - 2017-07-28 06:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-09-05 20:47 - 2017-07-28 06:26 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-09-05 20:47 - 2017-07-28 06:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2017-09-05 20:47 - 2017-07-28 06:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-09-05 20:47 - 2017-07-28 06:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-09-05 20:47 - 2017-07-28 06:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-09-05 20:47 - 2017-07-28 06:24 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-09-05 20:47 - 2017-07-28 06:23 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-09-05 20:47 - 2017-07-28 06:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-09-05 20:47 - 2017-07-28 06:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-09-05 20:47 - 2017-07-28 06:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-09-05 20:47 - 2017-07-28 06:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-09-05 20:47 - 2017-07-28 06:21 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-09-05 20:47 - 2017-07-28 06:21 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-09-05 20:47 - 2017-07-28 06:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2017-09-05 20:47 - 2017-07-28 06:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-09-05 20:47 - 2017-07-28 06:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-09-05 20:47 - 2017-07-28 06:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-09-05 20:47 - 2017-07-28 06:19 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-09-05 20:47 - 2017-07-28 06:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-09-05 20:47 - 2017-07-28 06:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-09-05 20:47 - 2017-07-28 06:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2017-09-05 20:47 - 2017-07-28 06:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-09-05 20:47 - 2017-07-28 06:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-09-05 20:47 - 2017-07-28 06:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-09-05 20:47 - 2017-07-28 06:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-09-05 20:47 - 2017-07-28 06:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll
2017-09-05 20:47 - 2017-07-28 06:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-09-05 20:47 - 2017-07-28 06:14 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-05 20:47 - 2017-07-28 06:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-09-05 20:47 - 2017-07-28 06:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-09-05 20:47 - 2017-07-28 06:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-09-05 20:47 - 2017-07-28 06:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-09-05 20:47 - 2017-07-28 06:12 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-09-05 20:47 - 2017-07-28 06:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-09-05 20:47 - 2017-07-28 06:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-09-05 20:47 - 2017-07-28 06:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-09-05 20:47 - 2017-07-28 06:10 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-09-05 20:47 - 2017-07-28 06:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
2017-09-05 20:47 - 2017-07-28 06:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-09-05 20:47 - 2017-07-28 06:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2017-09-05 20:47 - 2017-07-28 06:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2017-09-05 20:47 - 2017-07-28 06:07 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-09-05 20:47 - 2017-07-28 06:07 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-09-05 20:47 - 2017-07-28 06:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-09-05 20:47 - 2017-07-28 06:06 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-09-05 20:47 - 2017-07-28 06:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-09-05 20:47 - 2017-07-28 06:05 - 000538112 _____ (Microsoft Corporation)

BlackOnyx · 06.09.2017, 11:01

Code:

ATTFilter

C:\WINDOWS\SysWOW64\untfs.dll
2017-09-05 20:47 - 2017-07-28 06:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-09-05 20:47 - 2017-07-28 06:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-09-05 20:47 - 2017-07-28 06:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2017-09-05 20:46 - 2017-08-01 04:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-09-05 20:46 - 2017-08-01 04:32 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-09-05 20:46 - 2017-08-01 04:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-09-05 20:46 - 2017-08-01 04:31 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-09-05 20:46 - 2017-08-01 04:31 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-09-05 20:46 - 2017-08-01 04:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-09-05 20:46 - 2017-08-01 04:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-09-05 20:46 - 2017-08-01 04:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-09-05 20:46 - 2017-08-01 03:45 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-09-05 20:46 - 2017-08-01 03:45 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-09-05 20:46 - 2017-08-01 03:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-09-05 20:46 - 2017-08-01 03:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-09-05 20:46 - 2017-08-01 03:44 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-09-05 20:46 - 2017-08-01 03:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-09-05 20:46 - 2017-08-01 03:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-09-05 20:46 - 2017-08-01 03:42 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-05 20:46 - 2017-08-01 03:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2017-09-05 20:46 - 2017-08-01 03:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-09-05 20:46 - 2017-08-01 03:40 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-05 20:46 - 2017-08-01 03:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-09-05 20:46 - 2017-08-01 03:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-09-05 20:46 - 2017-08-01 03:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-09-05 20:46 - 2017-08-01 03:38 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-09-05 20:46 - 2017-08-01 03:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2017-09-05 20:46 - 2017-08-01 03:37 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-09-05 20:46 - 2017-08-01 03:37 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-09-05 20:46 - 2017-08-01 03:33 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-09-05 20:46 - 2017-08-01 03:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-09-05 20:46 - 2017-08-01 03:32 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-05 20:46 - 2017-08-01 03:31 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-09-05 20:46 - 2017-08-01 03:31 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-09-05 20:46 - 2017-08-01 03:30 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-09-05 20:46 - 2017-08-01 03:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-09-05 20:46 - 2017-08-01 03:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-09-05 20:46 - 2017-08-01 03:27 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-09-05 20:46 - 2017-08-01 03:27 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2017-09-05 20:46 - 2017-08-01 03:27 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-09-05 20:46 - 2017-08-01 03:26 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-09-05 20:46 - 2017-08-01 03:25 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2017-09-05 20:46 - 2017-08-01 03:25 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-09-05 20:46 - 2017-08-01 03:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2017-09-05 20:46 - 2017-07-28 07:30 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-09-05 20:46 - 2017-07-28 07:24 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-09-05 20:46 - 2017-07-28 07:16 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-09-05 20:46 - 2017-07-28 07:15 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-09-05 20:46 - 2017-07-28 07:15 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-09-05 20:46 - 2017-07-28 07:14 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-09-05 20:46 - 2017-07-28 07:13 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2017-09-05 20:46 - 2017-07-28 07:13 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll
2017-09-05 20:46 - 2017-07-28 07:12 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-09-05 20:46 - 2017-07-28 07:12 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2017-09-05 20:46 - 2017-07-28 07:10 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-09-05 20:46 - 2017-07-28 06:31 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-09-05 20:46 - 2017-07-28 06:30 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-09-05 20:46 - 2017-07-28 06:29 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-05 20:46 - 2017-07-28 06:29 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-09-05 20:46 - 2017-07-28 06:26 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2017-09-05 20:46 - 2017-07-28 06:26 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll
2017-09-05 20:46 - 2017-07-28 06:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-09-05 20:46 - 2017-07-28 06:25 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-05 20:46 - 2017-07-28 06:24 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-09-05 20:46 - 2017-07-28 06:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-09-05 20:46 - 2017-07-28 06:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-09-05 20:46 - 2017-07-28 06:23 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-09-05 20:46 - 2017-07-28 06:23 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-09-05 20:46 - 2017-07-28 06:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-09-05 20:46 - 2017-07-28 06:22 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-05 20:46 - 2017-07-28 06:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-09-05 20:46 - 2017-07-28 06:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-09-05 20:46 - 2017-07-28 06:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-09-05 20:46 - 2017-07-28 06:21 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-09-05 20:46 - 2017-07-28 06:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-09-05 20:46 - 2017-07-28 06:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
2017-09-05 20:46 - 2017-07-28 06:20 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-09-05 20:46 - 2017-07-28 06:20 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-09-05 20:46 - 2017-07-28 06:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-09-05 20:46 - 2017-07-28 06:19 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-05 20:46 - 2017-07-28 06:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-09-05 20:46 - 2017-07-28 06:19 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-09-05 20:46 - 2017-07-28 06:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-09-05 20:46 - 2017-07-28 06:19 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-09-05 20:46 - 2017-07-28 06:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-09-05 20:46 - 2017-07-28 06:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2017-09-05 20:46 - 2017-07-28 06:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-05 20:46 - 2017-07-28 06:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-09-05 20:46 - 2017-07-28 06:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-09-05 20:46 - 2017-07-28 06:17 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-05 20:46 - 2017-07-28 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-05 20:46 - 2017-07-28 06:17 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-09-05 20:46 - 2017-07-28 06:17 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-09-05 20:46 - 2017-07-28 06:17 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-09-05 20:46 - 2017-07-28 06:16 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-09-05 20:46 - 2017-07-28 06:15 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-09-05 20:46 - 2017-07-28 06:15 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-09-05 20:46 - 2017-07-28 06:15 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll
2017-09-05 20:46 - 2017-07-28 06:14 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-09-05 20:46 - 2017-07-28 06:13 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-09-05 20:46 - 2017-07-28 06:13 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-09-05 20:46 - 2017-07-28 06:13 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-09-05 20:46 - 2017-07-28 06:12 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-09-05 20:46 - 2017-07-28 06:12 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-09-05 20:46 - 2017-07-28 06:12 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-09-05 20:46 - 2017-07-28 06:11 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-09-05 20:46 - 2017-07-28 06:10 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-09-05 20:46 - 2017-07-28 06:09 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-09-05 20:46 - 2017-07-28 06:09 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-09-05 20:46 - 2017-07-28 06:08 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-09-05 20:46 - 2017-07-28 06:06 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-09-05 20:46 - 2017-07-28 06:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2017-09-05 20:46 - 2017-07-28 06:05 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-09-05 20:46 - 2017-07-28 06:05 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-09-05 20:46 - 2017-07-28 06:05 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-09-05 20:46 - 2017-07-28 06:05 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-09-05 20:46 - 2017-07-28 06:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2017-09-05 19:54 - 2017-09-05 19:54 - 000000000 ____D C:\Users\hoppe\AppData\Local\Disc_Soft_Ltd
2017-09-05 19:52 - 2017-09-05 19:52 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2017-09-05 19:50 - 2017-09-05 19:50 - 000000000 ____D C:\ProgramData\DAEMON Tools Ultra
2017-09-05 15:26 - 2017-09-05 18:18 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-09-05 15:25 - 2017-09-06 09:20 - 000266304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-05 15:24 - 2017-09-05 18:24 - 000000000 ____D C:\WINDOWS\pss
2017-09-05 14:42 - 2017-09-05 18:13 - 000000306 __RSH C:\ProgramData\ntuser.pol
2017-09-05 14:28 - 2017-09-05 14:48 - 000000140 _____ C:\WINDOWS\Reimage.ini
2017-09-05 14:08 - 2017-09-05 14:08 - 000000000 ____D C:\Users\hoppe\AppData\Roaming\ParetoLogic
2017-09-04 22:41 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2017-09-04 22:41 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2017-09-04 22:41 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2017-09-04 22:41 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2017-09-04 20:12 - 2017-09-06 09:49 - 000000000 ____D C:\Users\hoppe\AppData\Local\NFS Underground 2
2017-09-04 20:08 - 2017-09-04 20:08 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2017-09-04 20:07 - 2017-09-05 19:54 - 000000000 ____D C:\Users\hoppe\AppData\Roaming\DAEMON Tools Lite
2017-09-04 20:07 - 2017-09-04 20:07 - 000047672 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2017-09-04 20:07 - 2017-09-04 20:07 - 000030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2017-09-04 18:23 - 2017-09-04 18:23 - 000000000 ____D C:\Users\hoppe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-09-04 18:23 - 2017-09-04 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-09-02 17:08 - 2017-09-02 17:08 - 000000000 ____D C:\Users\hoppe\AppData\Local\Steam
2017-08-15 18:27 - 2017-08-15 19:05 - 000000000 ____D C:\Users\hoppe\AppData\Roaming\discord
2017-08-15 18:27 - 2017-08-15 18:27 - 000000000 ____D C:\Users\hoppe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2017-08-15 18:26 - 2017-08-15 18:27 - 000000000 ____D C:\Users\hoppe\AppData\Local\SquirrelTemp
2017-08-15 18:26 - 2017-08-15 18:27 - 000000000 ____D C:\Users\hoppe\AppData\Local\Discord
2017-08-15 08:56 - 2017-08-15 08:56 - 000000000 ____D C:\Users\hoppe\AppData\Local\Pokemon Insurgence
2017-08-14 16:48 - 2017-08-15 14:49 - 000000444 _____ C:\Users\hoppe\AppData\Roaming\CSharpAnalytics-MeasurementSession
2017-08-14 16:48 - 2017-08-14 16:48 - 000000000 ____D C:\Users\hoppe\AppData\Local\InsurgenceLauncher
2017-08-08 19:47 - 2017-09-04 22:57 - 000003500 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-08-07 21:58 - 2017-08-07 21:58 - 000000000 ____D C:\Users\hoppe\AppData\Local\DBG
2017-07-18 11:51 - 2017-09-04 22:57 - 000003816 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-07-18 11:50 - 2017-08-08 19:47 - 000000000 ____D C:\Users\hoppe\AppData\Local\Adobe
2017-07-17 16:17 - 2017-07-17 16:17 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-07-17 16:13 - 2017-07-17 16:13 - 000000020 ___SH C:\Users\hoppe\ntuser.ini
2017-07-17 09:14 - 2017-07-17 09:14 - 032688336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 031652264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 008211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 007596544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 007149056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 006123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 005892096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 004847424 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 004469840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 003803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 003784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 003332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 003139584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 003057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 002873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 002814464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 002679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 002649600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 002597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 002588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 002499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 002475136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 002298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 002171392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 002132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 002077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-07-17 09:14 - 2017-07-17 09:14 - 002021680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 002008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-07-17 09:14 - 2017-07-17 09:14 - 001930320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001703424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 001674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001640448 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001620368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001564576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001451008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001425920 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 001420800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001395152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-07-17 09:14 - 2017-07-17 09:14 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001339352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001301504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-07-17 09:14 - 2017-07-17 09:14 - 001237504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001220072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001214880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 001178528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 001171032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 001142272 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001121928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001106848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-07-17 09:14 - 2017-07-17 09:14 - 001077496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-07-17 09:14 - 2017-07-17 09:14 - 001057832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 001017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-07-17 09:14 - 2017-07-17 09:14 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-07-17 09:14 - 2017-07-17 09:14 - 000949920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 000899824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000833160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-07-17 09:14 - 2017-07-17 09:14 - 000754592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 000734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 000722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2017-07-17 09:14 - 2017-07-17 09:14 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2017-07-17 09:14 - 2017-07-17 09:14 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000629152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000583304 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-07-17 09:14 - 2017-07-17 09:14 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000558920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-07-17 09:14 - 2017-07-17 09:14 - 000544160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-07-17 09:14 - 2017-07-17 09:14 - 000510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-07-17 09:14 - 2017-07-17 09:14 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000443728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000426912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000411992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000406072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000372128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 000354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000346016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000342016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000334240 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-07-17 09:14 - 2017-07-17 09:14 - 000278944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000254168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdmaud.drv
2017-07-17 09:14 - 2017-07-17 09:14 - 000233376 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-07-17 09:14 - 2017-07-17 09:14 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdmaud.drv
2017-07-17 09:14 - 2017-07-17 09:14 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000203168 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000192416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000181656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000179608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000142752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-07-17 09:14 - 2017-07-17 09:14 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000138656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000125344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000117664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-07-17 09:14 - 2017-07-17 09:14 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000102312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialUIBroker.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 000096672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2017-07-17 09:14 - 2017-07-17 09:14 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000058488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000049656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msasn1.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000041376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininitext.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininitext.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000034720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-07-17 09:14 - 2017-07-17 09:14 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-07-17 09:14 - 2017-07-17 09:14 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-07-17 09:14 - 2017-07-17 09:14 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll
2017-07-17 09:14 - 2017-07-17 09:14 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 006726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-07-17 09:03 - 2017-07-17 09:03 - 006535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-07-17 09:03 - 2017-07-17 09:03 - 004709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 004672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 003135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 002765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 002730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-07-17 09:03 - 2017-07-17 09:03 - 002625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 002438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 002347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 002341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 002088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 002085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 001003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-07-17 09:03 - 2017-07-17 09:03 - 000974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-07-17 09:03 - 2017-07-17 09:03 - 000972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-07-17 09:03 - 2017-07-17 09:03 - 000909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-07-17 09:03 - 2017-07-17 09:03 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-07-17 09:03 - 2017-07-17 09:03 - 000730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-07-17 09:03 - 2017-07-17 09:03 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-07-17 09:03 - 2017-07-17 09:03 - 000716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-07-17 09:03 - 2017-07-17 09:03 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-07-17 09:03 - 2017-07-17 09:03 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-07-17 09:03 - 2017-07-17 09:03 - 000543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-07-17 09:03 - 2017-07-17 09:03 - 000523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-07-17 09:03 - 2017-07-17 09:03 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-07-17 09:03 - 2017-07-17 09:03 - 000409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-07-17 09:03 - 2017-07-17 09:03 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-07-17 09:03 - 2017-07-17 09:03 - 000382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-07-17 09:03 - 2017-07-17 09:03 - 000363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-07-17 09:03 - 2017-07-17 09:03 - 000354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-07-17 09:03 - 2017-07-17 09:03 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-07-17 09:03 - 2017-07-17 09:03 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-07-17 09:03 - 2017-07-17 09:03 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-07-17 09:03 - 2017-07-17 09:03 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-07-17 09:03 - 2017-07-17 09:03 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-07-17 09:03 - 2017-07-17 09:03 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-07-17 09:03 - 2017-07-17 09:03 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-07-17 09:03 - 2017-07-17 09:03 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-07-17 09:03 - 2017-07-17 09:03 - 000112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-07-17 09:03 - 2017-07-17 09:03 - 000105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-07-17 09:03 - 2017-07-17 09:03 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-07-17 09:03 - 2017-07-17 09:03 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe
2017-07-17 09:03 - 2017-07-17 09:03 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-07-17 09:03 - 2017-07-17 09:03 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2017-07-17 09:03 - 2017-07-17 09:03 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-07-17 09:03 - 2017-07-17 09:03 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
2017-07-17 09:03 - 2017-07-17 09:03 - 000027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-07-17 09:03 - 2017-07-17 09:03 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-07-17 09:03 - 2017-07-17 09:03 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-07-17 09:03 - 2017-07-17 09:03 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-07-17 09:03 - 2017-07-17 09:03 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-07-17 08:57 - 2017-03-17 23:00 - 005739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2017-07-17 08:57 - 2017-03-17 22:59 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2017-07-17 08:57 - 2017-03-17 22:48 - 006348288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2017-07-17 08:57 - 2017-03-17 22:43 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2017-07-17 08:57 - 2017-03-17 22:35 - 005484544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2017-07-17 08:56 - 2017-07-17 08:56 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-07-17 08:56 - 2017-07-17 08:22 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-07-17 08:54 - 2017-07-17 08:54 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-07-17 08:54 - 2017-07-17 08:54 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-07-17 08:54 - 2017-07-17 08:54 - 000000000 ____D C:\Program Files\MSBuild
2017-07-17 08:54 - 2017-07-17 08:54 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-07-17 08:54 - 2017-07-17 08:54 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-07-17 08:54 - 2017-02-10 12:26 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-07-17 08:54 - 2017-02-10 12:26 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-07-17 08:54 - 2017-02-10 12:26 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-07-17 08:54 - 2017-02-10 12:21 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-07-17 08:54 - 2017-02-10 12:21 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-07-17 08:54 - 2017-02-10 12:21 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-07-17 08:43 - 2017-07-17 08:43 - 000000000 ____D C:\ProgramData\USOShared
2017-07-17 08:41 - 2017-07-17 08:42 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2017-07-17 08:41 - 2017-07-17 08:42 - 000011433 _____ C:\WINDOWS\diagerr.xml
2017-07-17 08:39 - 2017-09-06 09:27 - 002091200 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-17 08:37 - 2017-07-17 08:37 - 000022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-07-17 08:36 - 2017-09-06 09:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-17 08:36 - 2017-07-17 08:36 - 000002830 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-07-17 08:36 - 2017-07-17 08:36 - 000000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2017-07-17 08:30 - 2017-07-17 08:30 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-07-17 08:28 - 2017-07-17 08:31 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-07-17 08:26 - 2017-09-06 09:25 - 000000000 ____D C:\Users\hoppe
2017-07-17 08:26 - 2017-07-17 08:35 - 000000000 ____D C:\Users\defaultuser0
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\hoppe\Vorlagen
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\hoppe\Startmenü
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\hoppe\Netzwerkumgebung
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\hoppe\Lokale Einstellungen
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\hoppe\Eigene Dateien
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\hoppe\Druckumgebung
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\hoppe\Documents\Eigene Videos
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\hoppe\Documents\Eigene Musik
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\hoppe\Documents\Eigene Bilder
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\hoppe\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\hoppe\AppData\Local\Verlauf
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\hoppe\AppData\Local\Anwendungsdaten
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\hoppe\Anwendungsdaten
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\defaultuser0\Vorlagen
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\defaultuser0\Startmenü
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\defaultuser0\Netzwerkumgebung
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\defaultuser0\Lokale Einstellungen
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\defaultuser0\Eigene Dateien
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\defaultuser0\Druckumgebung
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Eigene Videos
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Eigene Musik
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Eigene Bilder
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Local\Verlauf
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Local\Anwendungsdaten
2017-07-17 08:26 - 2017-07-17 08:26 - 000000000 _SHDL C:\Users\defaultuser0\Anwendungsdaten
2017-07-17 08:25 - 2017-07-17 08:25 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2017-07-17 08:25 - 2017-07-17 08:25 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2017-07-17 08:25 - 2017-07-17 08:25 - 000000000 ____D C:\Program Files\Intel
2017-07-17 08:25 - 2017-03-18 22:56 - 002233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-07-17 08:25 - 2016-05-03 23:30 - 000081416 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-07-17 08:25 - 2016-05-03 23:30 - 000077832 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-07-17 08:24 - 2017-07-17 08:24 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-07-17 08:24 - 2017-07-17 08:24 - 000000000 ____D C:\Program Files\Synaptics
2017-07-17 08:24 - 2017-07-17 08:24 - 000000000 ____D C:\Program Files (x86)\USB Camera
2017-07-17 08:22 - 2017-09-05 20:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-07-16 15:01 - 2017-09-04 22:57 - 000000000 ___DC C:\WINDOWS\Panther
2017-07-14 07:40 - 2017-08-16 07:31 - 000000544 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2017-07-07 22:52 - 2017-07-07 22:52 - 000000000 ____D C:\Users\hoppe\AppData\Local\UNP
2017-07-07 22:46 - 2017-07-17 08:31 - 000000000 ____D C:\WINDOWS\system32\UNP
2017-07-07 22:46 - 2017-07-07 22:47 - 000000000 ____D C:\Program Files\UNP
2017-07-05 10:27 - 2017-07-05 10:29 - 000000000 ____D C:\Users\hoppe\AppData\Roaming\Freeplane
2017-06-25 17:40 - 2017-06-25 17:40 - 000000000 ____D C:\Users\hoppe\.TeamSpeak 3
2017-06-16 21:05 - 2017-06-16 21:05 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
==================== Drei Monate: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-06 11:24 - 2016-08-09 20:37 - 000000000 ____D C:\Users\hoppe\AppData\Local\Google
2017-09-06 11:24 - 2016-08-09 20:36 - 000000000 ____D C:\Program Files (x86)\Google
2017-09-06 11:05 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-09-06 10:45 - 2017-01-02 22:34 - 000000000 ____D C:\Users\hoppe\AppData\LocalLow\Mozilla
2017-09-06 09:34 - 2016-08-09 20:44 - 000000000 ____D C:\Users\hoppe\AppData\LocalLow\360WD
2017-09-06 09:31 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-06 09:27 - 2017-03-20 06:35 - 000934290 _____ C:\WINDOWS\system32\perfh007.dat
2017-09-06 09:27 - 2017-03-20 06:35 - 000199012 _____ C:\WINDOWS\system32\perfc007.dat
2017-09-06 09:23 - 2016-08-09 21:06 - 000000000 __SHD C:\Users\hoppe\IntelGraphicsProfiles
2017-09-06 09:23 - 2016-08-09 20:22 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-05 23:23 - 2017-03-18 13:40 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2017-09-05 23:22 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-09-05 23:22 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-09-05 23:22 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-09-05 23:22 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-09-05 23:22 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-09-05 23:22 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-09-05 23:22 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-05 23:22 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-05 23:19 - 2016-08-09 23:57 - 000046592 _____ C:\Users\hoppe\Desktop\Animeliste.xls
2017-09-05 20:54 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-05 20:51 - 2016-08-09 22:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-05 20:49 - 2016-08-09 22:40 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-05 18:32 - 2016-08-09 21:29 - 000000000 ___RD C:\Users\hoppe\Desktop\Stuff
2017-09-05 17:49 - 2017-05-31 21:24 - 000000000 ____D C:\download
2017-09-05 15:45 - 2017-01-02 19:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-05 14:42 - 2016-07-16 13:47 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-09-05 14:41 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-09-04 23:00 - 2016-09-27 22:56 - 000000000 ____D C:\ProgramData\360Quarant
2017-09-04 22:58 - 2017-05-31 21:24 - 000000000 __SHD C:\$360Section
2017-09-04 07:40 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-17 17:07 - 2016-09-28 13:52 - 000000000 ____D C:\Users\hoppe\AppData\Roaming\.minecraft
2017-08-17 16:08 - 2016-08-10 12:44 - 000000000 ____D C:\Users\hoppe\AppData\Roaming\vlc
2017-08-16 07:31 - 2016-08-09 20:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2017-08-11 11:41 - 2016-09-12 11:40 - 000095232 _____ (360.cn) C:\WINDOWS\SysWOW64\Drivers\360AvFlt.sys
2017-08-11 11:41 - 2016-08-09 20:44 - 000339456 _____ (360.cn) C:\WINDOWS\system32\Drivers\360Box64.sys
2017-08-08 19:46 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-08 19:46 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-08-14 16:48 - 2017-08-15 14:49 - 000000444 _____ () C:\Users\hoppe\AppData\Roaming\CSharpAnalytics-MeasurementSession

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\hoppe\AppData\Local\Temp\37c4c8ff1aa4da97e2cc0ad122e96803_remove360vpn.bat


Einige Dateien in TEMP:
====================
2017-09-06 10:54 - 2016-12-13 09:50 - 000260520 _____ (QIHU 360 SOFTWARE CO. LIMITED) C:\Users\hoppe\AppData\Local\Temp\37c4c8ff1aa4da97e2cc0ad122e96803_TaskAgent.exe
2017-09-05 14:28 - 2017-09-05 14:28 - 013482464 _____ (Reimage) C:\Users\hoppe\AppData\Local\Temp\ReimagePackage.exe
2017-09-06 10:57 - 2017-09-04 20:12 - 000085353 _____ () C:\Users\hoppe\AppData\Local\Temp\Uninstall.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

==================== BCD ================================

Start-Manager fr Firmware
--------------------------
Bezeichner              {fwbootmgr}
displayorder            {bootmgr}
                        {b5211383-5e63-11e6-83bd-97a7a096a4ff}
timeout                 0

Windows-Start-Manager
---------------------
Bezeichner              {bootmgr}
device                  partition=\Device\HarddiskVolume4
path                    \EFI\Microsoft\Boot\bootmgfw.efi
description             Windows Boot Manager
locale                  de-DE
inherit                 {globalsettings}
flightsigning           Yes
default                 {current}
resumeobject            {b521137c-5e63-11e6-83bd-97a7a096a4ff}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Firmwareanwendung (101fffff)
----------------------------
Bezeichner              {b5211370-5e63-11e6-83bd-97a7a096a4ff}
description             EFI Network 0 for IPv4 (20-89-84-49-61-F4) 

Firmwareanwendung (101fffff)
----------------------------
Bezeichner              {b5211371-5e63-11e6-83bd-97a7a096a4ff}
description             EFI Network 0 for IPv6 (20-89-84-49-61-F4) 

Firmwareanwendung (101fffff)
----------------------------
Bezeichner              {b5211374-5e63-11e6-83bd-97a7a096a4ff}
description             EFI Network 0 for IPv4 (20-89-84-49-61-F4) 

Firmwareanwendung (101fffff)
----------------------------
Bezeichner              {b5211375-5e63-11e6-83bd-97a7a096a4ff}
description             EFI Network 0 for IPv6 (20-89-84-49-61-F4) 

Firmwareanwendung (101fffff)
----------------------------
Bezeichner              {b5211381-5e63-11e6-83bd-97a7a096a4ff}
description             EFI Network 0 for IPv4 (20-89-84-49-61-F4) 

Firmwareanwendung (101fffff)
----------------------------
Bezeichner              {b5211382-5e63-11e6-83bd-97a7a096a4ff}
description             EFI Network 0 for IPv6 (20-89-84-49-61-F4) 

Firmwareanwendung (101fffff)
----------------------------
Bezeichner              {b5211383-5e63-11e6-83bd-97a7a096a4ff}
description             EFI USB Device

Firmwareanwendung (101fffff)
----------------------------
Bezeichner              {b5211384-5e63-11e6-83bd-97a7a096a4ff}
description             EFI Network 0 for IPv4 (20-89-84-49-61-F4) 

Firmwareanwendung (101fffff)
----------------------------
Bezeichner              {b5211385-5e63-11e6-83bd-97a7a096a4ff}
description             EFI Network 0 for IPv6 (20-89-84-49-61-F4) 

Windows Setup
-------------
Bezeichner              {7254a080-1510-4e85-ac0f-e7fb3d444736}
device                  ramdisk=[C:]\$WINDOWS.~BT\Sources\SafeOS\winre.wim,{b521137b-5e63-11e6-83bd-97a7a096a4ff}
custom:11000043         partition=C:
path                    \windows\system32\winload.efi
description             Windows Rollback
locale                  de-DE
custom:12000044         \$WINDOWS.~BT\Sources\Panther\bootstat.dat
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\$WINDOWS.~BT\Sources\SafeOS\winre.wim,{b521137b-5e63-11e6-83bd-97a7a096a4ff}
custom:21000152         partition=C:
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes

Windows-Startladeprogramm
-------------------------
Bezeichner              {b5211379-5e63-11e6-83bd-97a7a096a4ff}
device                  ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{b521137a-5e63-11e6-83bd-97a7a096a4ff}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
locale                  de-DE
inherit                 {bootloadersettings}
displaymessage          Recovery
displaymessageoverride  Recovery
osdevice                ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{b521137a-5e63-11e6-83bd-97a7a096a4ff}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes

Windows-Startladeprogramm
-------------------------
Bezeichner              {current}
device                  partition=C:
path                    \WINDOWS\system32\winload.efi
description             Windows 10
locale                  de-DE
inherit                 {bootloadersettings}
recoverysequence        {b521137e-5e63-11e6-83bd-97a7a096a4ff}
displaymessageoverride  Recovery
recoveryenabled         Yes
isolatedcontext         Yes
flightsigning           Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \WINDOWS
resumeobject            {b521137c-5e63-11e6-83bd-97a7a096a4ff}
nx                      OptIn
bootmenupolicy          Standard

Windows-Startladeprogramm
-------------------------
Bezeichner              {b521137e-5e63-11e6-83bd-97a7a096a4ff}
device                  ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{b521137f-5e63-11e6-83bd-97a7a096a4ff}
path                    \windows\system32\winload.efi
description             Windows Recovery Environment
locale                  de-DE
inherit                 {bootloadersettings}
displaymessage          Recovery
osdevice                ramdisk=[\Device\HarddiskVolume7]\Recovery\WindowsRE\Winre.wim,{b521137f-5e63-11e6-83bd-97a7a096a4ff}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {b5211377-5e63-11e6-83bd-97a7a096a4ff}
device                  partition=C:
path                    \Windows\system32\winresume.efi
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
recoverysequence        {b5211379-5e63-11e6-83bd-97a7a096a4ff}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {b521137c-5e63-11e6-83bd-97a7a096a4ff}
device                  partition=C:
path                    \WINDOWS\system32\winresume.efi
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
recoverysequence        {b521137e-5e63-11e6-83bd-97a7a096a4ff}
recoveryenabled         Yes
isolatedcontext         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No

Windows-Speichertestprogramm
----------------------------
Bezeichner              {memdiag}
device                  partition=\Device\HarddiskVolume4
path                    \EFI\Microsoft\Boot\memtest.efi
description             Windows-Speicherdiagnose
locale                  de-DE
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS-Einstellungen
-----------------
Bezeichner              {emssettings}
bootems                 No

Debuggereinstellungen
---------------------
Bezeichner              {dbgsettings}
debugtype               Local

RAM-Defekte
-----------
Bezeichner              {badmemory}

Globale Einstellungen
---------------------
Bezeichner              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Startladeprogramm-Einstellungen
-------------------------------
Bezeichner              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisoreinstellungen
-----------------------
Bezeichner              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner              {resumeloadersettings}
inherit                 {globalsettings}

Ger„teoptionen
--------------
Bezeichner              {b521137a-5e63-11e6-83bd-97a7a096a4ff}
description             Windows Recovery
ramdisksdidevice        partition=\Device\HarddiskVolume3
ramdisksdipath          \Recovery\WindowsRE\boot.sdi

Ger„teoptionen
--------------
Bezeichner              {b521137b-5e63-11e6-83bd-97a7a096a4ff}
description             Windows Setup
ramdisksdidevice        partition=C:
ramdisksdipath          \$WINDOWS.~BT\Sources\SafeOS\boot.sdi

Ger„teoptionen
--------------
Bezeichner              {b521137f-5e63-11e6-83bd-97a7a096a4ff}
description             Windows Recovery
ramdisksdidevice        partition=\Device\HarddiskVolume7
ramdisksdipath          \Recovery\WindowsRE\boot.sdi


LastRegBack: 2017-09-03 11:23

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-08-2017
durchgeführt von hoppe (06-09-2017 11:49:10)
Gestartet von C:\Users\hoppe\Downloads
Windows 10 Home Version 1703 (X64) (2017-07-17 06:44:04)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2502170952-984855085-4023997487-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2502170952-984855085-4023997487-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2502170952-984855085-4023997487-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-2502170952-984855085-4023997487-501 - Limited - Disabled)
hoppe (S-1-5-21-2502170952-984855085-4023997487-1001 - Administrator - Enabled) => C:\Users\hoppe

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 360 Total Security (Enabled - Up to date) {0371CA44-3F80-A1D3-BECE-910620B58D50}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 360 Total Security (Enabled - Up to date) {B8102BA0-19BA-AE5D-847E-AA745B32C7ED}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 9.2.0.1124 - 360 Security Center)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
AutoREALM Version 2.2.1 (HKLM-x32\...\AutoREALM_is1) (Version:  - )
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version:  - Cheat Engine)
Discord (HKU\S-1-5-21-2502170952-984855085-4023997487-1001\...\Discord) (Version: 0.0.298 - Discord Inc.)
Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.79 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
Microsoft OneDrive (HKU\S-1-5-21-2502170952-984855085-4023997487-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1 - Mozilla)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
Project64 version 2.2.0.3 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.2.0.3 - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
WinRAR 5.50 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2502170952-984855085-4023997487-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\hoppe\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2502170952-984855085-4023997487-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\hoppe\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2502170952-984855085-4023997487-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ContextMenuHandlers1: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => D:\360\Total Security\MenuEx64.dll [2017-08-11] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Winrar\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Winrar\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers4: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => D:\360\Total Security\MenuEx64.dll [2017-08-11] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation)
ContextMenuHandlers6: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => D:\360\Total Security\MenuEx64.dll [2017-08-11] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Winrar\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Winrar\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2F01892E-7E19-4380-86FC-71AEA56BAE4F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-06] (Google Inc.)
Task: {7989CFF0-F2ED-4D6F-99A5-1D2F597CD98E} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_151_pepper.exe [2017-08-08] (Adobe Systems Incorporated)
Task: {8892460A-715A-4706-B9D5-B213DB997992} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-08] (Adobe Systems Incorporated)
Task: {FBD75506-8A59-4C90-9FB1-E2016FA08010} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-06] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-07-17 16:25 - 2017-08-11 11:41 - 000791136 _____ () D:\360\Total Security\MenuEx64.dll
2017-03-18 22:59 - 2017-03-20 06:36 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-07-17 16:25 - 2017-08-11 11:41 - 000099240 _____ () D:\360\Total Security\deepscan\qutmload.dll
2017-07-17 16:25 - 2017-08-11 11:41 - 000499296 _____ () D:\360\Total Security\safemon\wdui2.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2502170952-984855085-4023997487-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2502170952-984855085-4023997487-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\hoppe\OneDrive\Bilder\Creepy\fcba139e5064c8e11cce742d2ed429bf.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "331BigDog"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{BC01A7B5-58D0-4687-AFED-8EDB29F60059}] => (Allow) C:\Users\hoppe\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{1604BF30-2566-40AD-BDE5-51234939D246}] => (Allow) C:\Users\hoppe\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [UDP Query User{6CD42DFF-4D14-4EC4-9E45-6463479EBEEF}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [TCP Query User{5B818941-119F-46E8-A544-D90F41ABE117}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [{9254EEC0-5926-4300-8099-20D16A8E3A8F}] => (Allow) C:\Users\hoppe\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{710F6A93-287E-48EC-AF70-70569C2C0BDF}] => (Allow) C:\Users\hoppe\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{D8B21F6A-617F-4225-A7A6-95880AFA55A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1394769F-C173-4B13-8343-436E5F71A435}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B333C503-9176-4CD9-956B-90381CEB9EC7}] => (Allow) C:\Users\hoppe\360\Total Security\LiveUpdate360.exe
FirewallRules: [{5B575C8D-9AA8-4CDE-AEBD-70674FA2E1EA}] => (Allow) C:\Users\hoppe\360\Total Security\LiveUpdate360.exe
FirewallRules: [UDP Query User{0FBEEF90-4E3B-43D7-9F34-9DAC6FFDC941}D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{7FF923A6-B411-413C-8335-16811F40A45D}D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{927E6533-27EA-44C3-AB6C-A124D3CF61F0}] => (Allow) C:\Users\hoppe\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{F19F6019-320C-477A-AAE9-18DB2AA9784D}] => (Allow) C:\Users\hoppe\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{6B8C4024-B119-4B73-8551-D78A52254403}] => (Allow) C:\Users\hoppe\360\Total Security\LiveUpdate360.exe
FirewallRules: [{D7251173-B444-46BD-9685-6C639ED829AE}] => (Allow) C:\Users\hoppe\360\Total Security\LiveUpdate360.exe
FirewallRules: [UDP Query User{F0D89397-D730-450F-BC4D-05D07F954AB4}D:\vlc\vlc.exe] => (Block) D:\vlc\vlc.exe
FirewallRules: [TCP Query User{A9F4F469-0278-45EC-9113-2EAC133D4060}D:\vlc\vlc.exe] => (Block) D:\vlc\vlc.exe
FirewallRules: [{C92D8FBC-7558-41AC-A425-AD7D86AA7957}] => (Allow) C:\Users\hoppe\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{290C8602-5D8D-4181-BB83-E16DC27112AD}] => (Allow) C:\Users\hoppe\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{7FA04874-D8EA-4647-819B-8566CC1C0616}] => (Allow) D:\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{D03CE87D-D813-4F08-A594-0AC4E3241C88}] => (Allow) D:\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{AA78FC5B-7784-4466-9452-58926436AF02}] => (Allow) D:\360\Total Security\LiveUpdate360.exe
FirewallRules: [{400AB802-CD84-4AC7-AEAF-94652CE462E8}] => (Allow) D:\360\Total Security\LiveUpdate360.exe
FirewallRules: [{84678429-9A96-4782-9C4B-054571C5309D}] => (Allow) D:\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{0602538A-2478-45C6-B64C-4BA33299FFA4}] => (Allow) D:\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{FB98DB5A-BC1E-4225-AA88-13714E4A8784}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{80E8E410-9AD7-4345-90DD-0630F36945C3}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{CAC972D7-0A86-4A53-9657-5B8A2B90F1CE}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{43236745-BF1B-468F-BFDC-BD91970F98FE}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D979F00A-1CA6-495E-9F7F-F443573CF795}] => (Allow) D:\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{F3C9A51E-0F6D-4640-A475-17A113D2C0AB}] => (Allow) D:\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{778C68A6-1442-43FF-93A8-E73AD15836AD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E4A9D8EB-5D7F-4431-A723-1CD7E6EC85A6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{66AA39F9-5C86-4B9E-BE6F-3346B1CB4426}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/06/2017 10:50:38 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BLACKHARMONICS)
Description: Bei der Aktivierung der App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/06/2017 09:23:44 AM) (Source: MsiInstaller) (EventID: 11310) (User: BLACKHARMONICS)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\hoppe\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (09/06/2017 09:23:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BLACKHARMONICS)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/06/2017 09:23:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_AppReadiness, Version: 10.0.15063.0, Zeitstempel: 0x02799ef5
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.447, Zeitstempel: 0xa329d3a8
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f775f
ID des fehlerhaften Prozesses: 0xdd4
Startzeit der fehlerhaften Anwendung: 0x01d326e0c4fc2fe3
Pfad der fehlerhaften Anwendung: c:\windows\system32\svchost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 9055d150-675c-4638-bbc9-a2d7c4936166
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/05/2017 10:37:45 PM) (Source: MsiInstaller) (EventID: 11310) (User: BLACKHARMONICS)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\hoppe\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (09/05/2017 08:51:04 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (09/05/2017 08:08:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SPEED2.EXE, Version: 0.0.0.0, Zeitstempel: 0x214d4c48
Name des fehlerhaften Moduls: SPEED2.EXE, Version: 0.0.0.0, Zeitstempel: 0x214d4c48
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002f6af9
ID des fehlerhaften Prozesses: 0x11fc
Startzeit der fehlerhaften Anwendung: 0x01d326700a327637
Pfad der fehlerhaften Anwendung: D:\Need for Speed Underground 2\SPEED2.EXE
Pfad des fehlerhaften Moduls: D:\Need for Speed Underground 2\SPEED2.EXE
Berichtskennung: 9536c610-0bc1-470a-9648-6dfb713ff63f
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/05/2017 06:23:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: BLACKHARMONICS)
Description: Das Paket „Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy+CortanaUI“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (09/05/2017 06:21:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: BLACKHARMONICS)
Description: Das Paket „Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy+CortanaUI“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (09/05/2017 06:08:35 PM) (Source: MsiInstaller) (EventID: 11310) (User: BLACKHARMONICS)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\hoppe\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.


Systemfehler:
=============
Error: (09/06/2017 10:50:38 AM) (Source: DCOM) (EventID: 10010) (User: BLACKHARMONICS)
Description: Der Server "windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/06/2017 09:23:24 AM) (Source: DCOM) (EventID: 10001) (User: BLACKHARMONICS)
Description: Ein DCOM-Server konnte nicht gestartet werden: Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy!CortanaUI als Nicht verfügbar/Nicht verfügbar. Fehler:
"15616"
Aufgetreten beim Start dieses Befehls:
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca

Error: (09/06/2017 09:23:04 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "App-Vorbereitung" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/06/2017 09:22:53 AM) (Source: DCOM) (EventID: 10016) (User: BLACKHARMONICS)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "BLACKHARMONICS\hoppe" (SID: S-1-5-21-2502170952-984855085-4023997487-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 und der APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/06/2017 09:20:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (09/05/2017 06:25:19 PM) (Source: DCOM) (EventID: 10016) (User: BLACKHARMONICS)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "BLACKHARMONICS\hoppe" (SID: S-1-5-21-2502170952-984855085-4023997487-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 und der APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/05/2017 06:25:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (09/05/2017 06:24:31 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1084" in DCOM, als der Dienst "dps" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}

Error: (09/05/2017 06:24:31 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1084" in DCOM, als der Dienst "dps" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}

Error: (09/05/2017 06:23:12 PM) (Source: DCOM) (EventID: 10005) (User: BLACKHARMONICS)
Description: Fehler "1084" in DCOM, als der Dienst "TokenBroker" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
Windows.Internal.Security.Authentication.Web.TokenBrokerInternal


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-3227U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 3960.25 MB
Verfügbarer physikalischer RAM: 2026.01 MB
Summe virtueller Speicher: 4664.25 MB
Verfügbarer virtueller Speicher: 2536.57 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:98.96 GB) (Free:76.55 GB) NTFS
Drive d: (VOLUME) (Fixed) (Total:22.34 GB) (Free:19.49 GB) FAT32
Drive e: (Volume) (Fixed) (Total:365.76 GB) (Free:322.2 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 22.4 GB) (Disk ID: 2ADC09CE)

Partition: GPT.

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 2ADC09C7)

Partition: GPT.

==================== Ende von Addition.txt ============================

BlackOnyx · 06.09.2017, 11:08

Code:

ATTFilter

12:03:10.0502 0x139c  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
12:03:10.0502 0x139c  UEFI system
12:03:15.0847 0x139c  ============================================================
12:03:15.0848 0x139c  Current date / time: 2017/09/06 12:03:15.0847
12:03:15.0852 0x139c  SystemInfo:
12:03:15.0852 0x139c  
12:03:15.0852 0x139c  OS Version: 10.0.15063 ServicePack: 0.0
12:03:15.0852 0x139c  Product type: Workstation
12:03:15.0852 0x139c  ComputerName: BLACKHARMONICS
12:03:15.0852 0x139c  UserName: hoppe
12:03:15.0853 0x139c  Windows directory: C:\WINDOWS
12:03:15.0853 0x139c  System windows directory: C:\WINDOWS
12:03:15.0853 0x139c  Running under WOW64
12:03:15.0853 0x139c  Processor architecture: Intel x64
12:03:15.0853 0x139c  Number of processors: 4
12:03:15.0853 0x139c  Page size: 0x1000
12:03:15.0853 0x139c  Boot type: Normal boot
12:03:15.0853 0x139c  CodeIntegrityOptions = 0x00000201
12:03:15.0853 0x139c  ============================================================
12:03:17.0136 0x139c  KLMD registered as C:\WINDOWS\system32\drivers\06013117.sys
12:03:17.0136 0x139c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 15063.0, osProperties = 0x19
12:03:17.0295 0x139c  System UUID: {9A760775-3373-FB07-16E4-1412E018F282}
12:03:17.0811 0x139c  Drive \Device\Harddisk0\DR0 - Size: 0x5976F6000 ( 22.37 Gb ), SectorSize: 0x200, Cylinders: 0xB67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:03:17.0822 0x139c  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:03:17.0854 0x139c  ============================================================
12:03:17.0854 0x139c  \Device\Harddisk0\DR0:
12:03:17.0854 0x139c  GPT partitions:
12:03:17.0856 0x139c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {B5524A6C-7A1F-49C0-BAE5-6FDB09CD81B2}, Name: Microsoft reserved partition, StartLBA 0x800, BlocksNum 0x8000
12:03:17.0856 0x139c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {232811B2-60F2-473D-961C-C5DC688AB25F}, Name: Basic data partition, StartLBA 0x8800, BlocksNum 0x2CB2800
12:03:17.0856 0x139c  MBR partitions:
12:03:17.0856 0x139c  \Device\Harddisk1\DR1:
12:03:17.0857 0x139c  GPT partitions:
12:03:17.0858 0x139c  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {93C3346A-8FE7-4BA4-9A73-D367653945A8}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xE1000
12:03:17.0858 0x139c  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {9A0F8C5C-E3C2-4E89-829D-33BD88DA6C5B}, Name: EFI system partition, StartLBA 0xE1800, BlocksNum 0x32000
12:03:17.0858 0x139c  \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {CCAD3E5B-13E8-4ADB-8878-008F339308F1}, Name: Microsoft reserved partition, StartLBA 0x113800, BlocksNum 0x8000
12:03:17.0858 0x139c  \Device\Harddisk1\DR1\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {5250B1B3-A74A-4CA2-A31C-180D7409FD4B}, Name: Basic data partition, StartLBA 0x11B800, BlocksNum 0xC5EA0B2
12:03:17.0858 0x139c  \Device\Harddisk1\DR1\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {2331E95B-02C5-422B-9BF6-BDC0346B2B60}, Name: , StartLBA 0xC706000, BlocksNum 0xFA000
12:03:17.0858 0x139c  \Device\Harddisk1\DR1\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {FD5C381F-9670-42DE-A87B-89F6C5CDD258}, Name: Basic data partition, StartLBA 0xC800800, BlocksNum 0x2DB85800
12:03:17.0858 0x139c  MBR partitions:
12:03:17.0858 0x139c  ============================================================
12:03:17.0890 0x139c  C: <-> \Device\Harddisk1\DR1\Partition4
12:03:17.0890 0x139c  D: <-> \Device\Harddisk0\DR0\Partition2
12:03:17.0931 0x139c  E: <-> \Device\Harddisk1\DR1\Partition6
12:03:17.0931 0x139c  ============================================================
12:03:17.0931 0x139c  Initialize success
12:03:17.0931 0x139c  ============================================================
12:03:20.0326 0x0bb8  ============================================================
12:03:20.0326 0x0bb8  Scan started
12:03:20.0326 0x0bb8  Mode: Manual; 
12:03:20.0326 0x0bb8  ============================================================
12:03:20.0326 0x0bb8  KSN ping started
12:03:20.0420 0x0bb8  KSN ping finished: true
12:03:23.0692 0x0bb8  ================ Scan system memory ========================
12:03:23.0692 0x0bb8  System memory - ok
12:03:23.0694 0x0bb8  ================ Scan services =============================
12:03:23.0878 0x0bb8  [ AAB860A5E606B9621E130D8C29D3F305, 93466620433B27F3BCFECDA26DD420AD1E5219034BA3B4E930EDED6D6728AE5C ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
12:03:23.0889 0x0bb8  1394ohci - ok
12:03:23.0938 0x0bb8  [ 86C58DFAD3663061DB053AF86F30619E, DD15CEFD09138C4597CE3F198469FEC2BFA68AD02771FD84CF83A02204D43FE9 ] 360AntiHacker   C:\WINDOWS\system32\Drivers\360AntiHacker64.sys
12:03:23.0943 0x0bb8  360AntiHacker - ok
12:03:23.0974 0x0bb8  [ A97716E2D5238E451128908952FFD27E, 078CEBCE0BFFD98AB5E9EA833D55C0D00BC541B4D6358C2E53C2EF27324A1C53 ] 360AvFlt        C:\WINDOWS\system32\DRIVERS\360AvFlt.sys
12:03:23.0977 0x0bb8  360AvFlt - ok
12:03:24.0004 0x0bb8  [ AD6E28C62138DF9A5DD514B5B4353CBE, AB67A2D042B92878BED0EA516C6BF5BE4DCC3DC4AC6AD8E31A45D7FC82A9A1A9 ] 360Box64        C:\WINDOWS\system32\DRIVERS\360Box64.sys
12:03:24.0012 0x0bb8  360Box64 - ok
12:03:24.0037 0x0bb8  [ 9C0515172F5DDC7313604E40822B21E1, C60FBBF05E63A72D9DF67A633B8AB831DEB2F125549921BED8E662A4BB0BA428 ] 360Camera       C:\WINDOWS\system32\Drivers\360Camera64.sys
12:03:24.0039 0x0bb8  360Camera - ok
12:03:24.0088 0x0bb8  [ C76E1DB033557C6196B1321DFE0F1FEF, CAA14F7D000FA7CC0678DF367F67513571F44950513B40A111B82B76263DA7A3 ] 360FsFlt        C:\WINDOWS\system32\DRIVERS\360FsFlt.sys
12:03:24.0103 0x0bb8  360FsFlt - ok
12:03:24.0131 0x0bb8  [ 4140B14929C555E9513D59A2EEB5C471, 39A8400B3AA7FB1D8EBE87E65F89881AB23B6AE911BECAEC1FD86C7DADD4F1AA ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
12:03:24.0137 0x0bb8  3ware - ok
12:03:24.0215 0x0bb8  [ AC251B31370C1E00F577928260B8939F, D60946F1C43A8C2B9C989A1E259FDA44055F94766615F344CF8E28A7F104BC70 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
12:03:24.0232 0x0bb8  ACPI - ok
12:03:24.0256 0x0bb8  [ 3E5E5DAE5CAEC0209C93D3AD8128D8A0, 5CFA4D715AE8D928EA11F213C5A7B0B1C1705D2A8FF041E0A1988E645E669C54 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
12:03:24.0257 0x0bb8  AcpiDev - ok
12:03:24.0280 0x0bb8  [ F72D7CC7E7A97A09757313F3B4C7E17A, 36E3363380C51A2DB58D3177655A0A75DAA977C00C5A9C60A189068C0AFDC643 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
12:03:24.0283 0x0bb8  acpiex - ok
12:03:24.0300 0x0bb8  [ F04B6F53FBDB2B6B0451AE53DE19F0C9, 41A8C314A46867BAA45CD9666AAF734AD45B74E2033A8E66D93E17CDDAD66578 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
12:03:24.0301 0x0bb8  acpipagr - ok
12:03:24.0328 0x0bb8  [ C347A6095F3BE417D24F1E1349F4AF0F, 72C9D759BB132985AF55860658DC01F08590A2BD7E976FCF25E1314C5AA1D37B ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
12:03:24.0329 0x0bb8  AcpiPmi - ok
12:03:24.0339 0x0bb8  [ 686BFFC47454DD2F58795C2EE891CA9F, 6CC4B6679914742D700A8373DED2DD9A821CA5284D4D73493BA0855DB8E6520A ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
12:03:24.0339 0x0bb8  acpitime - ok
12:03:24.0382 0x0bb8  [ E13DE7CD2B62254DD4FF658B7798A37D, 9FCCC90DEF6BE83F8C41D4552D235A7BB5534954D2E7CB7B1C336A31FCCAB3AD ] ACPIVPC         C:\WINDOWS\System32\drivers\AcpiVpc.sys
12:03:24.0385 0x0bb8  ACPIVPC - ok
12:03:24.0523 0x0bb8  [ FAE473043FC45F5A8CAECBA72BFD865A, BDC4A581909F2027C5851ECA911154677BEBFC938E5F57534BDD4C3D6E8D9DED ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:03:24.0537 0x0bb8  AdobeFlashPlayerUpdateSvc - ok
12:03:24.0629 0x0bb8  [ FBDA59118E59B3722248C66BAD89CAA9, 11AB83499757E3143834348DE39E85D56EC853071C96337C3ADD8A1E374C6CBC ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
12:03:24.0656 0x0bb8  ADP80XX - ok
12:03:24.0693 0x0bb8  [ AC1928C2F7505BD556C552F153B062AB, B48EA30F76DEA57868CA74CC775DD60257021A3DE10CE101B8BEFA1CE9D22CF4 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
12:03:24.0706 0x0bb8  AFD - ok
12:03:24.0743 0x0bb8  [ 1D914C996F2C3134E2344BB74F79BCF6, D27AF01BA29784555AF7D2E89A3A65E81D6AFE1D3C7E8F9367F06D9DF5F88069 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
12:03:24.0749 0x0bb8  ahcache - ok
12:03:24.0785 0x0bb8  [ 41856B40EE15F96DEC8755AB01FA3CF7, 33C3C899AF9CA15BE5A4CF097FF43DF3F0DBA0E48B6F1E28AE3E76AD76A1C361 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
12:03:24.0786 0x0bb8  AJRouter - ok
12:03:24.0819 0x0bb8  [ F485CA5559DB37A4882467A4F7D58BEA, A1C648EFE12A5A3356BC0949372ADD0FF0CA2F5A8F992EB71C87E9C0D5C92BB2 ] ALG             C:\WINDOWS\System32\alg.exe
12:03:24.0822 0x0bb8  ALG - ok
12:03:24.0842 0x0bb8  [ 9C39FBA94FFEF04561D13ED0D1B50DD0, 53FA118DEF37F0BA6030B9CB4C17019E6B5934941514756D66143B7BB66D7CA1 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
12:03:24.0846 0x0bb8  AmdK8 - ok
12:03:24.0868 0x0bb8  [ 395D56FA2E22A10AE4774440D086F559, 24D7CBE9B82DC8900D9A5E345347FEC330D47FDBD1517A2AC10218BA2A9DFAA9 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
12:03:24.0872 0x0bb8  AmdPPM - ok
12:03:24.0888 0x0bb8  [ EB729A9ADCB9F9C406B533F95E2F67D4, EDCB8E39C503FF30ECB82F368242179E2788C12B4FD9B557F38380A934E7D8E7 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
12:03:24.0891 0x0bb8  amdsata - ok
12:03:24.0910 0x0bb8  [ 3B5C5C696F33FE61F1922533B03B9316, C9BAAA9B02547C66A276A31958DFD2A289C5963A4EE3FF306535565240D816CC ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
12:03:24.0916 0x0bb8  amdsbs - ok
12:03:24.0934 0x0bb8  [ A7D45A303FF8A9493C96C4B804051E6E, 6074C264876A398039D3F89905A486ABA5BDACA038B79920A34323B38CFCB358 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
12:03:24.0935 0x0bb8  amdxata - ok
12:03:24.0969 0x0bb8  [ 5180537517C27375B1F2CB37ED599FAF, 121BF0E3BDE068CC1E1E9B24DC334BA29348725E9BFB790699E4CC66664A4C3D ] AppID           C:\WINDOWS\system32\drivers\appid.sys
12:03:24.0974 0x0bb8  AppID - ok
12:03:25.0007 0x0bb8  [ F7FEBF66A705F18DC063DFD259F15102, 394DA8A7355573C4D81C375450DF5C5B2FA6360E246B06FDE8E7F9ADF21360FA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
12:03:25.0010 0x0bb8  AppIDSvc - ok
12:03:25.0031 0x0bb8  [ 13D7FEA71091D1EAD8ADDD10BFFEA06D, A707CAC76CBF0334E2FCE3220147B382F5E44DEF9E23DD459CF7C40F27771695 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
12:03:25.0034 0x0bb8  Appinfo - ok
12:03:25.0052 0x0bb8  [ EAF36A714E16A69B8B4ED7591CBA77B6, 11FE2A5D991FB8AF78F4E78FB6DF02005EC5404DC298FE2D4E7774BB0011AB52 ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
12:03:25.0053 0x0bb8  applockerfltr - ok
12:03:25.0096 0x0bb8  [ 91DB5775249920FD245851E0BC97D8C4, FCB53766AB377EF2E385CD2F6D0D2CEF485C07A5EAAB68FB1C798E6264832386 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
12:03:25.0109 0x0bb8  AppReadiness - ok
12:03:25.0218 0x0bb8  [ A61222D41CE44B0C3592CEB57AB20B71, F7A136EF4850D76AF1868A8C93C201B3B00FCA1D9EDE77F65BAD04530CC84221 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
12:03:25.0279 0x0bb8  AppXSvc - ok
12:03:25.0300 0x0bb8  [ 6E456A94B9BD7F6B4758729BCEDE40C3, 2F3146AC960992FA947A8E8C4D5497624A5BC69B7A3EECA117AD599C70DDE8E3 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
12:03:25.0304 0x0bb8  arcsas - ok
12:03:25.0315 0x0bb8  [ 766F3A7E42AFCF74265FAC78987D1665, 8FE82913DF5CF79B49B28B3CD782AF09FF30585A37473AE3E518A26C5D6453D0 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
12:03:25.0316 0x0bb8  AsyncMac - ok
12:03:25.0359 0x0bb8  [ 01733BEEE02E51F712330D5909BD701C, A583B482DBE701A752EDFDEAE2EF16D7160DFEA6077E0C8EF013828E285D960A ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
12:03:25.0362 0x0bb8  atapi - ok
12:03:25.0420 0x0bb8  [ 329F315D04B64BC185A59FE17A2AD6CE, B9721AD1641E3E96D1C07294884506EBED5D05921A9F9FC263711C28AD040693 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
12:03:25.0433 0x0bb8  AudioEndpointBuilder - ok
12:03:25.0486 0x0bb8  [ 67ADB26CC1B504E9566B9106277DE92B, AF137C9FE9B3A231C7662F2E59EF12482396CFD8AC020DF6BDBFDD9A1209A98D ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
12:03:25.0516 0x0bb8  Audiosrv - ok
12:03:25.0554 0x0bb8  [ 6086B5EE0DA4600B2EC2725D82DEB74E, C67CA7021D710CFDCF62B17A2B2890E61E4F1E3D956312688454FD85738C303F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
12:03:25.0557 0x0bb8  AxInstSV - ok
12:03:25.0594 0x0bb8  [ 0914A5E66C0775CE11960452A6434FEC, 978C1E20023841FBFEF0CEAFE09EDB679612C8E5986C6E40C1F6D0835112D13E ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
12:03:25.0605 0x0bb8  b06bdrv - ok
12:03:25.0634 0x0bb8  [ 05E43AC1A9E9E618367923549B459B06, 17800299DABAC13ADB30FAA2C99D1D2CE90982E3352E2C4273CD42140BE8AF9E ] BAPIDRV         C:\WINDOWS\system32\DRIVERS\BAPIDRV64.sys
12:03:25.0639 0x0bb8  BAPIDRV - ok
12:03:25.0658 0x0bb8  [ F8129321B1874D4386F7FEB754BC3380, 7264E7E2A339E456C0A1A40FDFAE0D202905467400B93FA0700498B86172337F ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
12:03:25.0660 0x0bb8  BasicDisplay - ok
12:03:25.0692 0x0bb8  [ E2BFD01BD0ECF2BDE9420022147952A4, 7798211996143067787881A1362D07B95CF688E96192E3627D30347C719D40CB ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
12:03:25.0694 0x0bb8  BasicRender - ok
12:03:25.0717 0x0bb8  [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
12:03:25.0719 0x0bb8  bcmfn2 - ok
12:03:25.0743 0x0bb8  [ C3B27514035315E3C1FCE64E69E253ED, 03AF100927077AD608C5EA47A17081CEA849F44C471AF978F410B83E2ABA5AE7 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
12:03:25.0752 0x0bb8  BDESVC - ok
12:03:25.0786 0x0bb8  [ ED03D2ACE378C9EB8BB957ABBD85B951, E9AE3025DC4956B736651B20AEA665909C2B468F9AE3E317F545DD4EEEA7D9E8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
12:03:25.0787 0x0bb8  Beep - ok
12:03:25.0839 0x0bb8  [ 1FDC6CB56572203E6F4BF4E3FB30B886, 81D5C77C823DC078EEEB2DABEE5203D542C824E04FEDD96AA58F96037C065155 ] BFE             C:\WINDOWS\System32\bfe.dll
12:03:25.0857 0x0bb8  BFE - ok
12:03:25.0940 0x0bb8  [ 5C0D4DBACB90D9ECE77907F4F6CF9EF6, FC29F03FB7E58A9ED17A34BC2D8E39533070B8B23D1A110622C3A213BF48CD2D ] BITS            C:\WINDOWS\System32\qmgr.dll
12:03:25.0967 0x0bb8  BITS - ok
12:03:25.0983 0x0bb8  [ 2342B8619193B0D9FAC0D02C69DCE74A, 06A1512C9750ACD154DE8873DE6628355B7195759CE54FA96097EA6D56BE320E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
12:03:25.0986 0x0bb8  bowser - ok
12:03:26.0041 0x0bb8  [ 06373FF017097FD40D60219980871FA0, 9366823AA3C248DD06FBFA237DCFDB2A9B7F93BA7115D235792DD81DDDA79C1F ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
12:03:26.0060 0x0bb8  BrokerInfrastructure - ok
12:03:26.0096 0x0bb8  [ 9C7F445B018AB4744B6E0C657B5D1833, 83D04F5E3D4BA46BBD8A67764A60F5731F86B0BE3A85C2858E002ABCC362F592 ] Browser         C:\WINDOWS\System32\browser.dll
12:03:26.0100 0x0bb8  Browser - ok
12:03:26.0167 0x0bb8  [ AF57F0B0E284BE06860A7B701341324D, F94E44C777FDC049158B7BF73DAFCDB103D08493AC898D1C928771650F664412 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
12:03:26.0172 0x0bb8  BthAvrcpTg - ok
12:03:26.0213 0x0bb8  [ E1E55BA45510B2B0309E2C77ABEB1BFE, EA7BDEC354190F1033B14847606220D414C1A52C938C9327A4765032D28B6960 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
12:03:26.0217 0x0bb8  BthHFEnum - ok
12:03:26.0267 0x0bb8  [ 336A9C0254A0178ED50281B6EDF5B836, C9C454C6EC4FF5897B1873A7E90D1CE8122E43783E978A570CEA75E15F65DE97 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
12:03:26.0270 0x0bb8  bthhfhid - ok
12:03:26.0329 0x0bb8  [ D8428BEF4033C7BFCD981074E2318F89, 9C0692F8387BAD94CCA4E36B59701A7A7B8FDCB5377B4C2CA75424583835E112 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
12:03:26.0349 0x0bb8  BthHFSrv - ok
12:03:26.0371 0x0bb8  [ 5428242193611BF91DDBF4F58900A55A, 91D59B0D0C7CA3DBBA8CA7CAD1E24845A224F451FC1880BE8CB7C1585AC79080 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
12:03:26.0373 0x0bb8  BTHMODEM - ok
12:03:26.0434 0x0bb8  [ 27B7348B88DE2F93C4FB4D53EC469AB0, 6B36724956C6A8AC453F279AF4CF70FD12BD57DFC68D880EBD84DFFDABF499BD ] BTHPORT         C:\WINDOWS\System32\drivers\BTHport.sys
12:03:26.0455 0x0bb8  BTHPORT - ok
12:03:26.0477 0x0bb8  [ 6927D295017E9F1A5D655A8F3A122672, 4B686C93056924580390440B49C721BD9039D5C972994D8EA96CA848B786B693 ] bthserv         C:\WINDOWS\system32\bthserv.dll
12:03:26.0481 0x0bb8  bthserv - ok
12:03:26.0527 0x0bb8  [ FA5CE6301192DD6ED4AA747B2C88FD42, F06A7748FCB6BBF0BB0A8348F505A1703EF2D1B59DC5BA6B600951200463F876 ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
12:03:26.0532 0x0bb8  BTHUSB - ok
12:03:26.0560 0x0bb8  [ 102CAA11BA89290D48FBFD2E04274BA0, 9C6786AD6C8BE5AF7538BAD553C401B0D7443E533CDE59E975CF3E07EF262F0C ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
12:03:26.0563 0x0bb8  buttonconverter - ok
12:03:26.0580 0x0bb8  [ 029434AC0A3935F9125ABBD08BF7C30B, 742338B882488CA83F502ACEBFEDC2783B8D9D6C391FE1088988276315A065F6 ] CAD             C:\WINDOWS\System32\drivers\CAD.sys
12:03:26.0584 0x0bb8  CAD - ok
12:03:26.0622 0x0bb8  [ 307AE8BC9B45772DA02FB952A1D86C35, 4983AC71C8E164D9E6669D345925B4FBEDD0A0A4566887E7ECC56C996B66DBD4 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
12:03:26.0626 0x0bb8  CapImg - ok
12:03:26.0646 0x0bb8  [ B6E5AD7C83A5254DEE9D86023C0E5A81, 40F297406A025378A6273535475C1FF8C99BC6502B17C0E161131DA754D7974B ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
12:03:26.0650 0x0bb8  cdfs - ok
12:03:26.0721 0x0bb8  [ A0E5905465CBCCB63FE915F5B08752A8, 435B39A8B1684FFE9F2720A2CD11AF5A5F55E701709939756322C2CD6A22E0FA ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
12:03:26.0747 0x0bb8  CDPSvc - ok
12:03:26.0797 0x0bb8  [ 618DA70D0D90DF3602259C1B121794DD, D2AF7967DE38F3B7C10824A1C900A145F45C57C0F179753A85989406600C4279 ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
12:03:26.0809 0x0bb8  CDPUserSvc - ok
12:03:26.0862 0x0bb8  [ ABE77AD954BC3D72F559CF0C381E50BC, D0F24B023D7CADD4893AAF223A9BAC00B2C58D552E0C314B506C01767FB74133 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
12:03:26.0866 0x0bb8  cdrom - ok
12:03:26.0904 0x0bb8  [ 62E13528B9F900A5662E243D4315F10B, B3F4868E80A3A2EDEC19E5AA32C96FF90B08D6B9BD35B80EA01E6A098D46040B ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
12:03:26.0909 0x0bb8  CertPropSvc - ok
12:03:26.0942 0x0bb8  [ 05EA22CFC40EDE05BF6E3BC782E5204C, F0C9C692FC31387E9D19426D3253317B6BA86D7118E3884C11E3287695006443 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
12:03:26.0950 0x0bb8  cht4iscsi - ok
12:03:27.0028 0x0bb8  [ 863E1C9F6750446DFB9EDCAEC3531367, 88C5EE76FD85640EB1440DEFC7B6CB918E18DC09507BA91FAE285370B8C7D56A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
12:03:27.0073 0x0bb8  cht4vbd - ok
12:03:27.0105 0x0bb8  [ 3E416539352B007AD0610BF34AC15D31, E2041129770B24AE95C5EC4B507477C72DFE8CB08D412E2621BF67207F9DEB8C ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
12:03:27.0106 0x0bb8  circlass - ok
12:03:27.0117 0x0bb8  [ 616E1ED94FA7F96D429D985FDB203D2E, EA681C442AA0F7D424C8DABD8D1C14653E61BDE740C0BC4C6C308B5FB4FE67AA ] CldFlt          C:\WINDOWS\system32\drivers\cldflt.sys
12:03:27.0118 0x0bb8  CldFlt - ok
12:03:27.0154 0x0bb8  [ AF0BF03C8574DD026FAF9A82A64C2D04, 363BF0C42181FA4CFBC3DB504F48496D62023F0E4A858DC8F739C08CC5AFA228 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
12:03:27.0163 0x0bb8  CLFS - ok
12:03:27.0204 0x0bb8  [ F34283DE289AF82A97BCE6563D1E2BB4, 9725D041322AF70030E11EEF0FDB7D01FF2CF105FD90A4AF08F71E54725234C9 ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
12:03:27.0223 0x0bb8  ClipSVC - ok
12:03:27.0230 0x0bb8  [ 5118CFC33BBB51C7E3ED441B7085AD26, 8D33864FF750926C4B95827FFAD24C558DE8A90FC5B2663084DEAB5ADBBFAFD2 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
12:03:27.0231 0x0bb8  clreg - ok
12:03:27.0258 0x0bb8  [ 232F3A3AC3A2FB32C5C46503A6517073, 9E0232E095471E6C8825E870F5842838F1AE515E56410F6A5CC3D58A9A4AF33A ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
12:03:27.0259 0x0bb8  CmBatt - ok
12:03:27.0283 0x0bb8  [ 3413CE81E02C091F33C4C3DD3071630F, 4758A2BB2FD453E9867C04CC420D12B279BB97E3C4E664A7058EA5F1EC63D04C ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
12:03:27.0297 0x0bb8  CNG - ok
12:03:27.0310 0x0bb8  [ E1BFF774FF67CA951A5DFF0E104FB132, 68809C4B72C54CEDE3AD33F5634E15A0225A67B391F9012EC7CEBA8AFC6EC3D5 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
12:03:27.0312 0x0bb8  cnghwassist - ok
12:03:27.0378 0x0bb8  [ DFDAEDB857BC18764F0D8ECDCC3C1499, AE12E908BAF53C605A17A9FB1AFD6BFBEC75EBE45D893541281473C197C71FED ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys
12:03:27.0380 0x0bb8  CompositeBus - ok
12:03:27.0388 0x0bb8  COMSysApp - ok
12:03:27.0398 0x0bb8  [ 04532711732BE9DBC364E88E4A9EC18A, FCEB1F486E146A3FE7307397C1EB6760BFD8A327545F81C546F7134B08615B9E ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
12:03:27.0400 0x0bb8  condrv - ok
12:03:27.0458 0x0bb8  [ 9B7A6AD43CAA322C4E04B4E52FD7CDAD, D59F55602C273372F8787B35AC62192ED99CAD72BFF8BF03DF7BDD9E9BC37EE4 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
12:03:27.0481 0x0bb8  CoreMessagingRegistrar - ok
12:03:27.0580 0x0bb8  [ A28D6FA203CE094BDE7ED8CEC6079E42, 5DCA8BA21F5FD0D9F00620E7592949ABCF3BA202CF7AF3D84F93DF7C13E2D4C9 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
12:03:27.0587 0x0bb8  cphs - ok
12:03:27.0619 0x0bb8  [ 1F7F1A15B807BC7B241BB2FEEA79BC92, D756E2247757C274F3470B46FCDBB63317C05E8E66FDA9DB7ABF3A6820933D4C ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
12:03:27.0621 0x0bb8  CryptSvc - ok
12:03:27.0664 0x0bb8  [ F51953EC4B9AACD92A3B3CE66E05CEF4, D39C9696213F53F89209000F245AC178B342A84E46EE766B634BB8DB86A26BB8 ] dam             C:\WINDOWS\system32\drivers\dam.sys
12:03:27.0667 0x0bb8  dam - ok
12:03:27.0718 0x0bb8  [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
12:03:27.0744 0x0bb8  DcomLaunch - ok
12:03:27.0777 0x0bb8  [ 1175E107082287A58A756239F48E1A73, 0DB2017061D94FAC95CEBD7C4729E42018A92698D72CEE3EA412A9D14DB8D552 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
12:03:27.0788 0x0bb8  defragsvc - ok
12:03:27.0846 0x0bb8  [ BBCAC50027D030E07EC7E5C36469FAFF, FEF39659F21D2AE676E4882FBAF5A881C534BB7EA26E5EFF9F7B5F8B952D6532 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
12:03:27.0857 0x0bb8  DeviceAssociationService - ok
12:03:27.0890 0x0bb8  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
12:03:27.0895 0x0bb8  DeviceInstall - ok
12:03:27.0928 0x0bb8  [ 5B84093D490A6B060C8BE60BA52C876F, D34A854418A66529B18313A50E6D7EAB982611AD9AB0335245AE764FE0602C22 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
12:03:27.0944 0x0bb8  DevicesFlowUserSvc - ok
12:03:28.0002 0x0bb8  [ F08F70BBD833BAA3BF0D5E500CBEE6CC, 8BB99E6D96CB8B25036549030986EC267C26BF1FC66E4EB00A3E41FE3BB5DE70 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
12:03:28.0004 0x0bb8  DevQueryBroker - ok
12:03:28.0035 0x0bb8  [ 185A4519B7764F4DEF714D890A7A9FD2, 9805D9DB42D11582583EA3F0FFEE9EF2B0C536DA99A9A3D3863B2669B1CC34A7 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
12:03:28.0039 0x0bb8  Dfsc - ok
12:03:28.0078 0x0bb8  [ BC5188B3F35BB8070888441A2A740465, 05C18A3DC1BD96C6751E76DBF57C47E526A1F9DF5E013B20B69EA0159CD6CE56 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
12:03:28.0087 0x0bb8  Dhcp - ok
12:03:28.0144 0x0bb8  [ 5DF493C7954890EEC65CC2A21D479F76, 67087AAAC2AF93F265077AA392444E32DC299918A843A8AECFBE73636A5F2314 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
12:03:28.0149 0x0bb8  diagnosticshub.standardcollector.service - ok
12:03:28.0274 0x0bb8  [ 7AA8614A390EE2FB79BDD11154CF1A61, 32B27D6C010AAB3FF9E1FBCE2E750042A1EBB0736821B1EF3BB8D979892F85B5 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
12:03:28.0328 0x0bb8  DiagTrack - ok
12:03:28.0338 0x0bb8  [ 1203EA16F36C5BEB2509FB7CC03DC178, 195209CB711E5BDE24A50C88AA62F32E8AE26F6A83B423374FCA41444F55D1CE ] Disk            C:\WINDOWS\system32\drivers\disk.sys
12:03:28.0341 0x0bb8  Disk - ok
12:03:28.0381 0x0bb8  [ 8BCFD0A4900E197DFA8679A13128EC79, DF09F3996F25F025E171DF3EF068BB9AC2DEC79BFCBCA5D58E9158CD7AD785B6 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
12:03:28.0395 0x0bb8  DmEnrollmentSvc - ok
12:03:28.0403 0x0bb8  [ 038B8B76284BC291EC75B005BB3EB13F, FE7BD7CF833C4A96ABF4FD6EBAB829CC4D8096780A22A313035D7E49BBA12D36 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
12:03:28.0404 0x0bb8  dmvsc - ok
12:03:28.0432 0x0bb8  [ 32C76DFE2586EBECFFA4112E9196591C, 190C294F50B96B13D0B776F7C19DCB47EAACBEE999CBA50236CF8C856CF38B17 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
12:03:28.0434 0x0bb8  dmwappushservice - ok
12:03:28.0469 0x0bb8  [ FC3AA34608A69BDAC67E31FB70C8A720, 38815F527DF963B4A7D93895776DDD618BD29782B1FA74EB1A7319AE58739A06 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
12:03:28.0476 0x0bb8  Dnscache - ok
12:03:28.0504 0x0bb8  [ F08CB37830A1F9950E8B2F7B1F78CC7E, E4E75645893597F6A02B98DC4F126A664F5DEF7B1CD4C2DEE5CA8ED18DB64C9C ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
12:03:28.0510 0x0bb8  dot3svc - ok
12:03:28.0526 0x0bb8  [ 3425E26D0A7792F2EE7745C0336C2062, 54A3AFFC31C2641BCE1877F2CBA61D2CD7191BA39FD5B3659491E4E307570C1E ] DPS             C:\WINDOWS\system32\dps.dll
12:03:28.0531 0x0bb8  DPS - ok
12:03:28.0576 0x0bb8  [ 3D934A1C02EB6979CF45C70A71F580EC, 279B325E18ABF82FF523095D8D5958A3A48C7B7A4F64BD562DDED1D0662B608A ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
12:03:28.0579 0x0bb8  drmkaud - ok
12:03:28.0623 0x0bb8  [ 5E92CB292D676634058E6C62653C9227, CE35C51B444664641306B4C2E21978B3418B58B2A973B19B908D86FE723FB4C4 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
12:03:28.0630 0x0bb8  DsmSvc - ok
12:03:28.0647 0x0bb8  [ E479C2656A3A47F5D4FAD10AE6EAED52, B17D18D5440CF131EEADA385989A8ED0DB7728CAAC4E745720947DD1BC4F9EF6 ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
12:03:28.0652 0x0bb8  DsSvc - ok
12:03:28.0683 0x0bb8  [ 679FF716052109392D870F6A6C4A3535, BEF1784448CCA4AF1D67ED68BD0C7CFE01A7719E98CACF92C2DCBFAA916DC57E ] dtlitescsibus   C:\WINDOWS\System32\drivers\dtlitescsibus.sys
12:03:28.0684 0x0bb8  dtlitescsibus - ok
12:03:28.0699 0x0bb8  [ E23FDD696839A4790682CA66C48D3F2F, F5F0721BDA751968224E52E75D0C309A3E084C430CD98E85A55AF622D16B9A44 ] dtliteusbbus    C:\WINDOWS\System32\drivers\dtliteusbbus.sys
12:03:28.0700 0x0bb8  dtliteusbbus - ok
12:03:28.0722 0x0bb8  [ 682D7DF9704217DD8716307F9E2EEC05, A8D36414A7316C59995CF9689DD84B2FD3FECE47E39F515C81BC3C439890E993 ] DusmSvc         C:\WINDOWS\System32\dusmsvc.dll
12:03:28.0729 0x0bb8  DusmSvc - ok
12:03:28.0824 0x0bb8  [ F1D8A5A6C39586717822C2AAB70663F4, 527CC5D18DF9B114352B49AC0645831C6C4F3FFA76692BDC2D9A90E9D14E5000 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
12:03:28.0876 0x0bb8  DXGKrnl - ok
12:03:28.0910 0x0bb8  [ ECA1628436628362856ACF239E6AFD29, 19051DC348918B863E0A272CF56891B8CB49E7E705B8BAC7663D36C797A7B962 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
12:03:28.0913 0x0bb8  EapHost - ok
12:03:29.0047 0x0bb8  [ D64CD3AE93125EDA383190C2AF607E70, 3D180B96C6A2318842FA03AE5F703320A93CF1F440FF7D0E6F6F9BAD98F2FA02 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
12:03:29.0120 0x0bb8  ebdrv - ok
12:03:29.0157 0x0bb8  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] EFS             C:\WINDOWS\System32\lsass.exe
12:03:29.0160 0x0bb8  EFS - ok
12:03:29.0180 0x0bb8  [ FFBB37982E6D24AEC7A2E5459098EAC9, E89DD74540088ECAC9E802D7A059C0A6E3E5412BD42E5E9F26258724458EF8DB ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
12:03:29.0183 0x0bb8  EhStorClass - ok
12:03:29.0206 0x0bb8  [ ABF38D02E01D6ED87AE1DF65FC5DF62D, 57D48609DA30F60016D2ADEB9A772942FB39A117247EB63FAE3FCF50D726B698 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
12:03:29.0209 0x0bb8  EhStorTcgDrv - ok
12:03:29.0245 0x0bb8  [ 5E4AB60D50F368A09275F4055D621EDC, C840F5DF3C0813EC6CB9BA0C3C91F2C6410227A6255DEF5FA94C8AC1E43E36A0 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
12:03:29.0255 0x0bb8  embeddedmode - ok
12:03:29.0305 0x0bb8  [ CA966CED8970A60FB00A3592564EF093, 4BD904032445235EE69DAA0024E0FB3D8B2325D897A683E334754EB3CA90AB39 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
12:03:29.0321 0x0bb8  EntAppSvc - ok
12:03:29.0332 0x0bb8  [ B9A59B4AD516E38C39FA416398B96CCB, 4630A9AD414476B47F634F2EB5659597797222A8938B68847B97FECCE1A1B5F8 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
12:03:29.0333 0x0bb8  ErrDev - ok
12:03:29.0395 0x0bb8  [ 1541374239F33512D7F4D24ED1E9238C, 8B1548D4052A72175EB6ADA9FD4286ACD5041E1CE071DCAC3760BB227FCD3621 ] EventSystem     C:\WINDOWS\system32\es.dll
12:03:29.0409 0x0bb8  EventSystem - ok
12:03:29.0449 0x0bb8  [ 9C4D88E8614487AD85A6F18A71A7298F, EE6F48C89D6379C7361484EAE7C7FAAA477D48032BFDD0D363E48642E62EADF4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
12:03:29.0456 0x0bb8  exfat - ok
12:03:29.0482 0x0bb8  [ C61014A176ECAAF97589E6FC979CE786, FB913AC647B68DB9854367BB1E53A504A85833966211279C8D7171698F743B27 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
12:03:29.0490 0x0bb8  fastfat - ok
12:03:29.0535 0x0bb8  [ ECC5AEFEA31F1A078E954305B8CA6373, 15948D017E3B52D3B4BBEC047F963BD77247E24A59F0532B6A023B0C4159FC84 ] Fax             C:\WINDOWS\system32\fxssvc.exe
12:03:29.0549 0x0bb8  Fax - ok
12:03:29.0565 0x0bb8  [ 853081957BA148F38FD8DE4390CFCF4A, 37C92C7ABA55A5FF7094F77F8EBEEE1F4BEE161CEC6B01A50FC0D0C39E36C142 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
12:03:29.0567 0x0bb8  fdc - ok
12:03:29.0607 0x0bb8  [ 885C06C35CC8FAEDDE3CDA36B72CA2A9, FF6584E7AF2FB540B2183665C3E216BE98DE953CEA6A7E4C5F13514BE4AAC9D3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
12:03:29.0609 0x0bb8  fdPHost - ok
12:03:29.0622 0x0bb8  [ 367E878C79D9F391E3D53B6BBC1B6386, 739D89F6954E17B73F53702CFF8EE985FB241255D962A83BAF1A20E783CAF466 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
12:03:29.0624 0x0bb8  FDResPub - ok
12:03:29.0648 0x0bb8  [ 514F6A0B83527DD6ACCC8B21A57B10E3, EA3D401E42D05BA39E5874513DFB895A086BECE4D69FC1AC12F85F326A435A4B ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
12:03:29.0652 0x0bb8  fhsvc - ok
12:03:29.0693 0x0bb8  [ 27E764D6460504B7271AFECE7A59FB76, A32B08142068BF042B3E47C0CA7F4FCFD07A37807B1B8DAAE614F3A132475D52 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
12:03:29.0694 0x0bb8  FileCrypt - ok
12:03:29.0713 0x0bb8  [ 3D6087F51110F3CC0DA89385354F8C5E, 49FF976C3391A257BCD4B048BF6D1273F8537005E32D65E5F272AF3294639F05 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
12:03:29.0716 0x0bb8  FileInfo - ok
12:03:29.0733 0x0bb8  [ 057E95E53C38260C4EF49B3A077770CD, 7008E71663046FF1D91D9DC3570094561C812067E1CA07715A1D2E4F787207AE ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
12:03:29.0735 0x0bb8  Filetrace - ok
12:03:29.0766 0x0bb8  [ 90B2983D8495C26345A1DC5F0C3BB07B, 50D834D40C27EEF5023556A77B13D3335789333E302A73DF221CD86D156FDEE9 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
12:03:29.0767 0x0bb8  flpydisk - ok
12:03:29.0783 0x0bb8  [ A84261F75F490E45CFEDBA77EFE4F67E, 292BA04D8996140255E4B6105015C2A640890BEFB6C022E30E0D9CBF45D5F4DB ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
12:03:29.0792 0x0bb8  FltMgr - ok
12:03:29.0911 0x0bb8  [ 3020F526B7E94A178D3EBF958397F7BC, DD0105BBEFFA7E1F54BC2199C7DB60F9C650D76DA36598E934F45D44BCE1DE3A ] FontCache       C:\WINDOWS\system32\FntCache.dll
12:03:29.0952 0x0bb8  FontCache - ok
12:03:30.0078 0x0bb8  [ B282011D13BBEEA0273DF33C5E776D55, B4AF068BBB09D0F546F5590FCDD745250CFD58DD3A8ABF5DC26670FA32D181FB ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:03:30.0081 0x0bb8  FontCache3.0.0.0 - ok
12:03:30.0153 0x0bb8  [ 58811D00A582A89B7839B4B2CE7302BE, D2B6C197BD257B462FC3E8E7A8E7C3F910282FDAA61DB00ADB64DA0698C203C7 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
12:03:30.0169 0x0bb8  FrameServer - ok
12:03:30.0196 0x0bb8  [ D2814848206DFC18EB8D3D069FAE703E, A62263CDF9261B692423473F4FF23B01AC864C05850BA5591EB9019906B4A08B ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
12:03:30.0198 0x0bb8  FsDepends - ok
12:03:30.0208 0x0bb8  [ AE7EDF845F41ACA3B74567C3CE20E987, 6159C227C85912B03D8C35A1EF91705AE6C1C23C7228D6FCC0A9529844798E1B ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:03:30.0210 0x0bb8  Fs_Rec - ok
12:03:30.0265 0x0bb8  [ 560AE7760EC108F92D2EA8638CC805CF, 6DA48D05641367477315B26A4466EF41BBB3896EF3DB0C050B86033C39C38C4E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
12:03:30.0287 0x0bb8  fvevol - ok
12:03:30.0344 0x0bb8  [ 4616F61E24B3AEA6E0E4EA7D69531EF4, 34CB16F68E4A4D19346C7FEC29BB5FE09BAAEC19EA730C9B93450F940D124D49 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
12:03:30.0347 0x0bb8  gencounter - ok
12:03:30.0383 0x0bb8  [ 23174BB6937459B924BB8EF667FB28EF, 6675B87F4DE9CCA96B6BAB9F77C4E0B377828613D9FFB03F7D443AF11321F157 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
12:03:30.0384 0x0bb8  genericusbfn - ok
12:03:30.0402 0x0bb8  [ 4B11CFBE1D9B73A9D865F6AB26F800BA, BD76CB5AF0EE6DD404875A4C36622C6BC8CCF2975C47E28DD305EB041C6C0B91 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
12:03:30.0408 0x0bb8  GPIOClx0101 - ok
12:03:30.0483 0x0bb8  [ CF22C0941409C772AA1568DC4F89A111, ED5895F024E64B672EB3FAE6C456FA0D30A068CF2B475A7EE988DEA4DCD6D8DE ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
12:03:30.0512 0x0bb8  gpsvc - ok
12:03:30.0524 0x0bb8  [ 3FC3FCF557D0BE3D724EA10642E1F6FF, 744D0DDE748A1B681087668CB893F9A60A2BBE80A71098944E75B6A9AA934C82 ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
12:03:30.0524 0x0bb8  GpuEnergyDrv - ok
12:03:30.0637 0x0bb8  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:03:30.0646 0x0bb8  gupdate - ok
12:03:30.0682 0x0bb8  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:03:30.0688 0x0bb8  gupdatem - ok
12:03:30.0769 0x0bb8  [ BF14976E8223D334B21792FB8B74D7FF, 0939B6605E9BCE2EC888AF3F3DA953351AB56E993B2C8BC6A6DC577D287811FD ] HdAudAddService C:\WINDOWS\System32\drivers\HdAudio.sys
12:03:30.0789 0x0bb8  HdAudAddService - ok
12:03:30.0835 0x0bb8  [ 02B9639D9997E95CDF2F4C4F3BDCC73D, 612F472A72E44199E0B1ECEE6FF2836359039402212CBD26D1A1CDDAC61052A9 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
12:03:30.0840 0x0bb8  HDAudBus - ok
12:03:30.0857 0x0bb8  [ 9F90819E301C70A3A042FC05D3E41B5F, D2175786775D08686264001ABAA4B61DC08A847666F6B9A2A64D10BFC022F646 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
12:03:30.0860 0x0bb8  HidBatt - ok
12:03:30.0880 0x0bb8  [ 3CA3244C45B25F3B3ED9445C195E40EB, 9C43B31DAB473D29069D0D6BC130660424FE2414BA519107641FA1561C10C76D ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
12:03:30.0883 0x0bb8  HidBth - ok
12:03:30.0898 0x0bb8  [ 55DAF856F9633DD2519BA4E942870F02, 5283548CB93EB46C5FD3B08E45C97BBFB33D47F11F89560508775889FBF2F754 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
12:03:30.0899 0x0bb8  hidi2c - ok
12:03:30.0917 0x0bb8  [ E34216A190D9BF8EAA666F6903BCD0EF, DA8529DAF903B447CC5FF2D112F670696549A4B66F54DF9A8C8C615D969CD477 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
12:03:30.0918 0x0bb8  hidinterrupt - ok
12:03:30.0954 0x0bb8  [ 852DBB5185996AD8C73872A43A453729, 8C20331AE99E280799407CC5FCF88F8F645C331604230876A2CD7C253B9BD633 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
12:03:30.0955 0x0bb8  HidIr - ok
12:03:30.0989 0x0bb8  [ 6339CC87F0F610D1575C9A419940602A, B2A054ED0B669FA54E250EC2926955B1D944FA1FB2AF5B590C181CB2E9D297BA ] hidserv         C:\WINDOWS\system32\hidserv.dll
12:03:30.0991 0x0bb8  hidserv - ok
12:03:31.0007 0x0bb8  [ C1A608120DE0DF52E51B8BAF86AF19F9, F3529822E78CFCA2E323A75926A833529889E40BB9602B287CC343C496CB2062 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
12:03:31.0009 0x0bb8  HidUsb - ok
12:03:31.0049 0x0bb8  [ BD1CF47172B97707DFC66ADA741AE2BE, 9607AB7074FC54D88FDF6E2A31506BCF8ECBF8FD651BB5CEA2421471C24BCED1 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
12:03:31.0056 0x0bb8  HomeGroupListener - ok
12:03:31.0114 0x0bb8  [ A004895B838003BAE2281DAF193B6A09, 587FCDCEF769B2AED12551B6426477B764CB8A025E692D4EC8B24E1CBA1C06E3 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
12:03:31.0128 0x0bb8  HomeGroupProvider - ok
12:03:31.0175 0x0bb8  [ 8ADD9CA3E0F18CEA11EA6FAED794A228, B46BA885ED8253A253B1C87C331CA145F7F397AF49853038B3F1EDAF81B2C4BA ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
12:03:31.0177 0x0bb8  HpSAMD - ok
12:03:31.0226 0x0bb8  [ BB1AE72906564A6E81B79D73A05AE21F, 9BAC18FE0F99479E7B2AB804A0B4C286E55155A8C051CC7D20CE94798EEA0721 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
12:03:31.0250 0x0bb8  HTTP - ok
12:03:31.0286 0x0bb8  [ D3C45F1B5BB3EE772CDA416A4A3EEB9B, 97CD988CF307EBCC34F37F130F4F2C989DD17E70B2498DB1929B566A3387887B ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
12:03:31.0289 0x0bb8  HvHost - ok
12:03:31.0335 0x0bb8  [ F60F8390B635156593F7493AE898AFB0, AC5E58CDA12072C5FDBFEA0FA009CE2E251D143FC0878B2658ECCCF797B8B0EC ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
12:03:31.0340 0x0bb8  hvservice - ok
12:03:31.0363 0x0bb8  [ 563F5FC3B46A70A91AB6C8822AC8BF25, 43E647A7752D7444BF306E38571130AB778AA2A6892782C6C1112E47FBEFBC87 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
12:03:31.0364 0x0bb8  hwpolicy - ok
12:03:31.0389 0x0bb8  [ C082249BC3E972C8A132D9EC6AD9EAD5, D69EEFD97CF5E0BD64D11DE1C331D02A9BE522BB93A40FF32ED434D960B85D39 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
12:03:31.0391 0x0bb8  hyperkbd - ok
12:03:31.0411 0x0bb8  [ C6C8315E3262FAE460529C6DA2951682, 4ADBFA6601209BF6F5A9797721CBE2011905775CF4E266D7B42F89915D477E95 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
12:03:31.0415 0x0bb8  i8042prt - ok
12:03:31.0438 0x0bb8  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
12:03:31.0440 0x0bb8  iagpio - ok
12:03:31.0461 0x0bb8  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
12:03:31.0464 0x0bb8  iai2c - ok
12:03:31.0479 0x0bb8  [ 42962355A7911407026E920E7252E3E5, 4A4016A53ED61354C81C594968339E6F3CCCFF4A64F8F28AD008ED8137E05AD2 ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
12:03:31.0482 0x0bb8  iaLPSS2i_GPIO2 - ok
12:03:31.0505 0x0bb8  [ BD47B2FEABFA48C6224D43EE9EA9BC06, 304628CA458AA7B1B8B1CFF12074AD75C1CE7BD41820B99607D7FA99A817D007 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
12:03:31.0509 0x0bb8  iaLPSS2i_GPIO2_BXT_P - ok
12:03:31.0531 0x0bb8  [ 2184CB3A65888F446FCD6DBA9F073F4C, 0B3D63EC7F61BFAD490C123084965A9F38DBFE587AC9DAE6F4E6B68AD8093DB2 ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
12:03:31.0538 0x0bb8  iaLPSS2i_I2C - ok
12:03:31.0552 0x0bb8  [ 4126F8DA08CE7924A3AE6F7235F85D5F, 668DC1D09496A95F44C07C5C1F6ED7D3EFC6F89523B2744A86B460E5BECAEFB5 ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
12:03:31.0556 0x0bb8  iaLPSS2i_I2C_BXT_P - ok
12:03:31.0577 0x0bb8  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
12:03:31.0578 0x0bb8  iaLPSSi_GPIO - ok
12:03:31.0600 0x0bb8  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
12:03:31.0603 0x0bb8  iaLPSSi_I2C - ok
12:03:31.0638 0x0bb8  [ D820075D3395BED28FC57AEF8FBA666F, 7589CCCD355D2685C0E6D317AB39F0DB061153E6859A0F53834B001643CFDF57 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
12:03:31.0652 0x0bb8  iaStorAV - ok
12:03:31.0676 0x0bb8  [ A243E0CE8644378C9A9D015ABC3EDA27, 0C72F6D39DD64A16F54BCE185F4D8E670D386823F6364E9ED284F7F8DE11CBF5 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
12:03:31.0685 0x0bb8  iaStorV - ok
12:03:31.0715 0x0bb8  [ E16E4FC9F250E48CB2CAD93E59D010E2, EFF558EDD63DB0FD8BA240E94BD5999106233B95BF86BFB99EE9B897F41C542B ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
12:03:31.0727 0x0bb8  ibbus - ok
12:03:31.0760 0x0bb8  [ 62F0CB0A54EAF37E15EC385300957BB8, 55FCF7068D84D5AEEAF3149A5349BF13F1D18E34956217916ED7C1950885E63C ] ibtfltcoex      C:\WINDOWS\system32\DRIVERS\ibtfltcoex.sys
12:03:31.0763 0x0bb8  ibtfltcoex - ok
12:03:31.0808 0x0bb8  [ E3061D5ABA80394D29E26EA58AF7F69A, 9BCF1AD2CC9C7E48FD350F9D59797E17F355C840EDE428143764F93716159C20 ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
12:03:31.0824 0x0bb8  icssvc - ok
12:03:32.0006 0x0bb8  [ 9CE4D3A79D3180AC5A141E2F7E7137F4, 1D717D2156B78632895281779D2646AB066619EA1DB293A9505BF7C174F53271 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
12:03:32.0087 0x0bb8  igfx - ok
12:03:32.0127 0x0bb8  [ 6A9C613D0F5F9676D128F39B63ACE45B, 027B9568C740E336C7CBBE952309E2719E8FFA14E7DFC2B85B49E0C0CE7D2149 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
12:03:32.0136 0x0bb8  igfxCUIService1.0.0.0 - ok
12:03:32.0215 0x0bb8  [ E9E4BB312F6B544392F44D513FAA2243, 3E6917BCE9F1AF554D57FED9E76B33F36D92145B0090A5F8F64E2A53EB4C54A4 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
12:03:32.0240 0x0bb8  IKEEXT - ok
12:03:32.0277 0x0bb8  [ 0E33BC018502E7FDE77C343055D9C626, CD1C60E8EDAA044E03E5776962E091C1288204033A57A799D446F9B058D6AD59 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
12:03:32.0279 0x0bb8  IndirectKmd - ok
12:03:32.0312 0x0bb8  [ 41CD73C13FCAEA4942F0CF7608B7530F, 835BF370E6624975E3CB7106D4835488D6F527C545E7B0ECD26A161D36CABABB ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
12:03:32.0315 0x0bb8  intaud_WaveExtensible - ok
12:03:32.0362 0x0bb8  [ 87871AB7AC797F922A6F3D4C874CED96, 2BCD89911E42827CD294DD7D1486A7845D1F98019E51958E0F488384401B2944 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
12:03:32.0373 0x0bb8  IntcDAud - ok
12:03:32.0414 0x0bb8  [ 4B7F8A1AAC7172DB6918A0E10E1D78A3, 1E9922AF9B5458F23A379EDCD61B615B6E53BAF8927237C1C7DCC04122CCF417 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
12:03:32.0415 0x0bb8  intelide - ok
12:03:32.0430 0x0bb8  [ 0A3DBE89C965FFB7C0D0E38834E77B90, 0166BE79228ED6B3D7AA1BACB4F1BB68357DBF70DF778B2F8A3776E374EE690C ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
12:03:32.0433 0x0bb8  intelpep - ok
12:03:32.0455 0x0bb8  [ 64EC687A811DC4F69DF3816F073352AA, F70942B67448DF9848F32F88D37E1E0C548CE9FEFC4376628D7CBEF62494D8E1 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
12:03:32.0459 0x0bb8  intelppm - ok
12:03:32.0478 0x0bb8  [ 549C278119FF539C3B219C55B98B0E87, B4C15AB0C77EAB6C5ADEBD014F610BBFC537EAEB0E3960636624001C8A5DE56E ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
12:03:32.0479 0x0bb8  iorate - ok
12:03:32.0495 0x0bb8  [ A0F9F2E87F0C751FE164D90EB44A9B63, BE816F17E43E5F80AC65E913AB7F9E77B8D6B70B90A784CB00C907D3DAFFD4DB ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:03:32.0498 0x0bb8  IpFilterDriver - ok
12:03:32.0553 0x0bb8  [ 57A93FCF94FAB8C2161335E56C81CD16, 4A642E4FF70DA209074B78EC50B76A024DB5D01B8C9FCC405A64AF0F1A7EA389 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
12:03:32.0577 0x0bb8  iphlpsvc - ok
12:03:32.0597 0x0bb8  [ 656DDB34996A96539BA6E2843B5F2A77, EDC3F1A2BA38A9655361A20B6C8001984AEB1A530C5385CF6EC0AF595305DBC7 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
12:03:32.0599 0x0bb8  IPMIDRV - ok
12:03:32.0633 0x0bb8  [ DCC05E5EAA580C97F13B434FAFACED85, 5C6CFD3D9FAEB7274E05F3D19D3AA064624500C616650DE227B849B505662BB4 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
12:03:32.0638 0x0bb8  IPNAT - ok
12:03:32.0655 0x0bb8  [ 9A6B993A95CCA15502DE3C980508DC44, 370A1A4531A72CFBF331ED274913925A269115A13E3A6B5E1821FB48DD7242AE ] IpxlatCfgSvc    C:\WINDOWS\System32\IpxlatCfg.dll
12:03:32.0658 0x0bb8  IpxlatCfgSvc - ok
12:03:32.0680 0x0bb8  [ 9035C10C7EB8CF7C87CEA82A62EBB43A, A0DA94E80E503DB3C2877CE1BCDC70B3FCC6861ADFBCCE66C6D2592BD63F27DC ] irda            C:\WINDOWS\system32\drivers\irda.sys
12:03:32.0683 0x0bb8  irda - ok
12:03:32.0704 0x0bb8  [ E7FD479E3298F3C8852A0D2F092BDB35, 07F2E779268EBBF4F32ED1C8423493B36BA823905E71B524C6AEBA0093193307 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
12:03:32.0706 0x0bb8  IRENUM - ok
12:03:32.0721 0x0bb8  [ 65B145143F6E5E1B5A213F0D9F4C4C44, 0E390BD8D7B4B9562E8FEE0D109DCE0D9EA823FD2D20B39FFACE3331F30FE5BC ] irmon           C:\WINDOWS\System32\irmon.dll
12:03:32.0723 0x0bb8  irmon - ok
12:03:32.0755 0x0bb8  [ 7FE3B3A30FA20F27AF7022A01C2266BA, 8AB924F08ABF1DCB154B6A3BDB7E3E5A863008B5AFF8E3DB9759848774E00E8A ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
12:03:32.0756 0x0bb8  isapnp - ok
12:03:32.0792 0x0bb8  [ 618707F3F742BF67AB578808171F60EB, AC9322483A450856B60F61D0CC58380148C52451863364C6FF3A2FAB4173A7A5 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
12:03:32.0799 0x0bb8  iScsiPrt - ok
12:03:32.0813 0x0bb8  [ 48B904D31F2369D7B0122617038D3F5B, 8A43CB37667929CCCC37B6E79E82509BBCA6C8884B44059DC87BCA7C21BE7FE1 ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
12:03:32.0814 0x0bb8  iwdbus - ok
12:03:32.0825 0x0bb8  [ D36B404BF979297C6572AEF98B2594F2, CB2F4E6589936D35D59CA70B39A29D091540EA125BE4B937AF92CEA0C6D0AAEB ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
12:03:32.0827 0x0bb8  kbdclass - ok
12:03:32.0833 0x0bb8  [ 7E2036A846789D6D6A2EE21915017EE1, 82AF85CA30B440E453F7694C7EDABB5D2DB213AD2FE8620B92667DFB492229A1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
12:03:32.0834 0x0bb8  kbdhid - ok
12:03:32.0850 0x0bb8  [ 4C054B8E901F41F5743DADE8A29FF256, 1009CC2503E08AFEA849BA83135C2D75C573FC4D6EFB5DBCDCC7ACB17AF83152 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
12:03:32.0851 0x0bb8  kdnic - ok
12:03:32.0863 0x0bb8  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] KeyIso          C:\WINDOWS\system32\lsass.exe
12:03:32.0866 0x0bb8  KeyIso - ok
12:03:32.0881 0x0bb8  [ BA7A5838866618A4E82FBC05B8923605, 96E898C7768BED66487A00E02B2E50516602BCF54E6648F5528E3334AE8527EB ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
12:03:32.0885 0x0bb8  KSecDD - ok
12:03:32.0895 0x0bb8  [ 6629CAA1F157088B9EDD1EAD24C6D753, 3E5F3BCB34F4B52BE46B96F9F720FE5FB37A01D4E408875F6BB89F5B5C5A3900 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
12:03:32.0899 0x0bb8  KSecPkg - ok
12:03:32.0928 0x0bb8  [ 9778205F28DC4F2EFFCC146647FE5CF0, 6B7EFFB08C7757A2830745920A624F89DBD5B323E0A884932FECF06471894F9D ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
12:03:32.0929 0x0bb8  ksthunk - ok
12:03:32.0981 0x0bb8  [ 08F9C3F7FE3019BF53B1405B1820528F, E90940533F88A33C396E1DF9D186E945F030315FB2201E479F144E27387333CA ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
12:03:32.0991 0x0bb8  KtmRm - ok
12:03:33.0033 0x0bb8  [ ECFFCC67C47A86CA32D0953428699210, F5A06E82FDC092549623FD41C82B082092529808BA12339DE5B1D72B9B12072D ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
12:03:33.0043 0x0bb8  LanmanServer - ok
12:03:33.0074 0x0bb8  [ B82D6C634638534E41748FCEC909E55D, C286EB7B3E780549F77E75B4B9F053861D82EFDCD43B1308848A08D23EFADDCA ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
12:03:33.0083 0x0bb8  LanmanWorkstation - ok
12:03:33.0123 0x0bb8  [ AF1077E89AD4458EC9B1CABB35595346, 762AE3218B7B05032C4199F0AE9ABCC822C3DF88BBB09536202B6B26A7944024 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
12:03:33.0127 0x0bb8  lfsvc - ok
12:03:33.0144 0x0bb8  [ C0CB3B9F1F92C36B91309FDACCDF918B, 5D40C11388A48323D9D9AC18A950B09E2654092BC2F9DE45779A9354668BA18E ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
12:03:33.0146 0x0bb8  LicenseManager - ok
12:03:33.0185 0x0bb8  [ FC37745959DFA4871759E4DCC836227A, 8B63F798440FD0A34E2F2940B2598238BC852EF3EFD22147A77AB4BA6FB9E704 ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
12:03:33.0187 0x0bb8  lltdio - ok
12:03:33.0218 0x0bb8  [ 1797F544956D46966C67A2F7879403A9, D7820D2F8E936FF13D709BA1BD0541AABA8402F38698FE96DAE70B4E7A730835 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
12:03:33.0227 0x0bb8  lltdsvc - ok
12:03:33.0255 0x0bb8  [ AE561CB0813D4DFA7D3E4471B2B70F5F, 344EA5E02D04098F032353962C1B70B0F578BCCD2843C70D6330B3F967D2FDB5 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
12:03:33.0259 0x0bb8  lmhosts - ok
12:03:33.0276 0x0bb8  [ 16C9D4D822CCA795A72DC88B25A577CC, AEF93AA4E815F90C1A42D574C6DE7EF31FE69AD7B78B8E1AC7C27304F3CD7959 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
12:03:33.0280 0x0bb8  LSI_SAS - ok
12:03:33.0308 0x0bb8  [ 920F0CFCED5F28A31B79F1C470649D11, 5A5F390F2FD7C26807E7896E9F8F94EE7E69FE3C4B247BEA515588EB076148EF ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
12:03:33.0311 0x0bb8  LSI_SAS2i - ok
12:03:33.0327 0x0bb8  [ 0FE63316F1C70A0F759A449FAC64C24B, CF99D62FDA862095BA1EB57DD58CEC070E0552E15B6F454B87D593707132636B ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
12:03:33.0329 0x0bb8  LSI_SAS3i - ok
12:03:33.0349 0x0bb8  [ 80E82C46B27A923A3744531069B63857, C73A200FC2A009D19F2C26FAC07489EA0F4329CD7A1D80EB3200B19DFC883F8D ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
12:03:33.0352 0x0bb8  LSI_SSS - ok
12:03:33.0385 0x0bb8  [ A69A59CD52D26443FF728FD52283598C, E416481B23CDADBB9E608E49C9DC9A520D14935E92CA9B63E7763692DB382D7D ] LSM             C:\WINDOWS\System32\lsm.dll
12:03:33.0402 0x0bb8  LSM - ok
12:03:33.0423 0x0bb8  [ 88F5570C04766EE561FF129B2F93030C, A36F7FF563F813EC0F69E5BFB76C58A1C9824F54BA1729C4096E8B7B7C8D90EC ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
12:03:33.0427 0x0bb8  luafv - ok
12:03:33.0479 0x0bb8  [ D365217A6D4528ABB41B40C8FBD227E8, 340129785A5788A8FFE0E1B339A616D290F7504F3658F63E1A3B169B38460FBF ] MapsBroker      C:\WINDOWS\System32\moshost.dll
12:03:33.0483 0x0bb8  MapsBroker - ok
12:03:33.0532 0x0bb8  [ C3EED732789052C98A2613A7E1C37CDA, D71735C8FB772EEB7F3F304CD79D8D774A9A285A94365DE0E635F61357EC9F0F ] mausbhost       C:\WINDOWS\System32\drivers\mausbhost.sys
12:03:33.0543 0x0bb8  mausbhost - ok
12:03:33.0565 0x0bb8  [ 4DCE65116A28488593FF5A6A18B03DB0, AAFA7E7C1C9A38B8CF5CE530F96028191F52B1FDD2790246E413B63CF7C5F02A ] mausbip         C:\WINDOWS\System32\drivers\mausbip.sys
12:03:33.0566 0x0bb8  mausbip - ok
12:03:33.0584 0x0bb8  [ 0609BF877A2F4DEECC62EEE220AB6242, 393268836EB055669997BD05866487497AFC396C9516DA4C4F143679B1DDCA6E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
12:03:33.0586 0x0bb8  megasas - ok
12:03:33.0610 0x0bb8  [ EEC64C8D498D121607C7615FDFBEE4D0, B605B9886C1A05C999B005AEA6D0677DF632E2F34F4FF03F09C2E6C05F554D50 ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
12:03:33.0612 0x0bb8  megasas2i - ok
12:03:33.0649 0x0bb8  [ 2B7D3B206833D769218A1F4BE2D73B97, 25901A5E931DC3659993448E59ABC3601B7B0ED9AFEF0F5ECC139D0D0442F73B ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
12:03:33.0663 0x0bb8  megasr - ok
12:03:33.0704 0x0bb8  [ 034338E2F6F123727F7C351152B084AF, B1E120E838CC8A882FC0C4C5F6D6016E11DD3D067E31B27E532BAD11A5976230 ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
12:03:33.0710 0x0bb8  MEIx64 - ok
12:03:33.0738 0x0bb8  [ 4F708DA590EDBCC124FB79066D44759B, B8DA803299AF5FDE1594CF958EA6B99D4B99E8163438A70A692CA33A96DBF8DE ] MessagingService C:\WINDOWS\System32\MessagingService.dll
12:03:33.0742 0x0bb8  MessagingService - ok
12:03:33.0821 0x0bb8  [ 89257B8D3826B5629CF7F73F97DA44F9, F056D67EC82072BA209FF7942862862FDF562F8C038F3128861C387F8F63B494 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
12:03:33.0841 0x0bb8  mlx4_bus - ok
12:03:33.0886 0x0bb8  [ 9AE3C0CC0865B1618A3C97744A6A9E9B, BF72AEF0360AC278B36ED31E5BFC2E8F72136B0952490A105CB6929654C97F6C ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
12:03:33.0888 0x0bb8  MMCSS - ok
12:03:33.0928 0x0bb8  [ 0CD29540C32C2E2E0E3D7E9832752AF3, E64C3F5323C59D53409E33E88989FDD2A38B5B602336FC1D8C3702CA9B5EBFC7 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
12:03:33.0930 0x0bb8  Modem - ok
12:03:33.0942 0x0bb8  [ 534477FCAFDFCA6B841BFA06BD26BCC5, 96404FDF0BA2127A3BD24319637EC0C8BE8C42618D9FEDF66F41C5F72840D427 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
12:03:33.0944 0x0bb8  monitor - ok
12:03:33.0977 0x0bb8  [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\WINDOWS\System32\drivers\MijXfilt.sys
12:03:33.0980 0x0bb8  MotioninJoyXFilter - ok
12:03:33.0987 0x0bb8  [ F5D4E18A70BA069D479154442CDEB60D, 96345E88BC6A50415E112A4B4CFDF3F4306EA049741C5B0A2BFFC142F15EB5CB ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
12:03:33.0989 0x0bb8  mouclass - ok
12:03:33.0998 0x0bb8  [ 5C09868963B0C076AC3BC7759A46B7B1, 64CD200A8D90CDC31317009636A3BB6574ABF04BCAC903F93C47823C40CC03F6 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
12:03:34.0000 0x0bb8  mouhid - ok
12:03:34.0009 0x0bb8  [ 8BF7039787036529B98E50AE86A0E46B, 69C04D012D026A14E2D2A138EDA79227F9BE4BE1892D517DCDB797F2A5AEDB14 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
12:03:34.0012 0x0bb8  mountmgr - ok
12:03:34.0049 0x0bb8  [ 86C9215967686BB8A6AEE8008D914BF8, 907A156AADC880F06EB7BBBC0C57EC14A205CEE43A2AD509F6BD4040CA4F327D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:03:34.0053 0x0bb8  MozillaMaintenance - ok
12:03:34.0072 0x0bb8  [ AD118EC95E9EF4D5223D681D8F183567, 395B76626956F5B7992676B9CA57B2CA075F0CDA881E14B3ED07ABE2DC0EEDBC ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
12:03:34.0075 0x0bb8  mpsdrv - ok
12:03:34.0135 0x0bb8  [ 97106D80FD861D5762D5B93D1058D053, 4236FD178ECFC8978FFB3FC0890F357BB4AE10F88AF696617CCD24D93360BA3C ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
12:03:34.0160 0x0bb8  MpsSvc - ok
12:03:34.0182 0x0bb8  [ D14C297933C82B8CB0B5CBBA4DDC830B, 2EF356F5373F16A7AE2421187FC5C150C09452C835229275B7403181D65C210F ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
12:03:34.0185 0x0bb8  MRxDAV - ok
12:03:34.0233 0x0bb8  [ F2AD1B72C5A6475FB5FF332E1980DF88, 41E24496FBD61C0A333F567DA7C4E38C5A792724FB56448189099F60114749D5 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:03:34.0244 0x0bb8  mrxsmb - ok
12:03:34.0284 0x0bb8  [ 84700F40C0E41AEA91F8F3D6218A8A68, 72BB529367095EE19F299232648B7E347590C9F4F89DE3FDA41724BFCAC1F49C ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
12:03:34.0291 0x0bb8  mrxsmb10 - ok
12:03:34.0317 0x0bb8  [ B855479BA6A74349CEF8061808C90201, BA70A9EBC2E2895419C5D46806153DCA061E3C836F3D97A622E7672140107F81 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
12:03:34.0323 0x0bb8  mrxsmb20 - ok
12:03:34.0349 0x0bb8  [ 44A8A52763381E5DCAE122330191493C, 578630611F151C6D20D52145312F4A824C6FF80E27F282A2109BA6E54FDDC9BB ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
12:03:34.0352 0x0bb8  MsBridge - ok
12:03:34.0389 0x0bb8  [ 41C5D9B52F4A1B30C3F7219D601CF12C, E1C1B1CED19D32FA1B765C7C380B9E749893B2018CF358F448E40DA60CB63166 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
12:03:34.0394 0x0bb8  MSDTC - ok
12:03:34.0406 0x0bb8  [ 92C00BD9616F353CA59A755C33269757, E67F05A4A1C44137CCAC0C7292A7010B5920172ACAE32638600E231F28F33035 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
12:03:34.0408 0x0bb8  Msfs - ok
12:03:34.0440 0x0bb8  [ F27EC8F7A0A779276E5DA2E70C2B01EE, A450DB309F84CAFFCE2A720612BDB260D88E9C390D2BC60874D73A55D8567E04 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
12:03:34.0442 0x0bb8  msgpiowin32 - ok
12:03:34.0456 0x0bb8  [ CBA955A54C9446CAAD28C76789D3B071, F6CA1BECA35B13B7CCC9FFB325FACF22713F6B81E8A6540C9967A462E425BBEC ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
12:03:34.0456 0x0bb8  mshidkmdf - ok
12:03:34.0474 0x0bb8  [ E8E568EF60677E4534F387C53EE1B35F, 2E250EE1A9AE8AFDCA5216BED87328B05713386BD7E61C66A74EF021F2AFE7D7 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
12:03:34.0475 0x0bb8  mshidumdf - ok
12:03:34.0481 0x0bb8  [ 16376B7B0730C04DD1A2C0CC8E09E420, 2F39D3254FD272E277B5496A8C93A7CBFBF80F6004AE0343BE9F09C538975910 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
12:03:34.0482 0x0bb8  msisadrv - ok
12:03:34.0511 0x0bb8  [ 75FE54E84C1EB0C9C5E09F9FD5928ECC, 971CFEE8FB8364D17CD392E32A32AE57BE6461EAB6C580B52E6D752D4CFDD6B3 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
12:03:34.0517 0x0bb8  MSiSCSI - ok
12:03:34.0522 0x0bb8  msiserver - ok
12:03:34.0554 0x0bb8  [ C2939119A17E52D74191EFC1E4CDEE09, B5738A32B02CDD816F086BA84C733D9597A0193F42C068D7B90E386D1CA92EE1 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
12:03:34.0556 0x0bb8  MSKSSRV - ok
12:03:34.0577 0x0bb8  [ E40B960078A15D4901265D32E071C42D, AC11B8221C8F529FE3CA6FEB99AF699664C86008A732C3A8E6B1CE31C2272454 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
12:03:34.0580 0x0bb8  MsLldp - ok
12:03:34.0613 0x0bb8  [ B4860AB91DC4E73936F0FF504D6B4B07, 7371093D9EB62218D20F6B8B3C88CBF01932AEA2923ED119962A78BE46E5A939 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
12:03:34.0614 0x0bb8  MSPCLOCK - ok
12:03:34.0624 0x0bb8  [ 8EDC45C3F7F64A51C98B59E24648F74B, 445731F32A37A99FAB3CD5D178A84FB4F835727826211FF18623409D29FF3A1A ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
12:03:34.0625 0x0bb8  MSPQM - ok
12:03:34.0657 0x0bb8  [ 7DA5FAC2A49D30CA5B7B96B8B26281AC, 168C3AA5C7318184D8F67EA832920FCE64E11D4CC418517D7BDACB9632F0BEA8 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
12:03:34.0666 0x0bb8  MsRPC - ok
12:03:34.0687 0x0bb8  [ 7E3365C8BC83DCE88D6226BB5C7170C4, 69D741039CAAFCA93A4CC09CEC14F117527D732A6CF3077AA83E935B03EC3F9C ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
12:03:34.0689 0x0bb8  mssmbios - ok
12:03:34.0701 0x0bb8  [ 09D51564E49181E9928910D6B91C920E, FB3C918820ACF4506AC49478709B4D4C6489BA0B5113E666C34B916CA5CD6DE7 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
12:03:34.0702 0x0bb8  MSTEE - ok
12:03:34.0720 0x0bb8  [ 793AE56A3946EAD5F906C28D294FEFE6, BB563D088084026606C2FBD30A0850BA18363CC173CC6C77272D727CA6C1F9BD ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
12:03:34.0721 0x0bb8  MTConfig - ok
12:03:34.0731 0x0bb8  [ E35F51C7474A26680627477462715206, 435490915CDD416D666B64C6B4526285EC946E6918CFA85585692B9ED43518B6 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
12:03:34.0734 0x0bb8  Mup - ok
12:03:34.0748 0x0bb8  [ 74BD1149BF50F1E24934042A3BD17C90, DC4626DC4D629CA7DF336EC7E6435F27D2E252D81945E57F4BF2C981DBCD9B45 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
12:03:34.0750 0x0bb8  mvumis - ok
12:03:34.0799 0x0bb8  [ 39C772E20B8C61858F969E4D60699D89, 32146D265CD315597C48FB233D77DDACB0FEDDB7E800A0F411A67844BB3ACC67 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
12:03:34.0812 0x0bb8  NativeWifiP - ok
12:03:34.0872 0x0bb8  [ BC80F85C129F12A5F64D6741A120B539, AD410F13BCBDE54F98E353BD4DAF30CC5A0A9990FC4F1AB3623EF3175EEBCAF7 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
12:03:34.0890 0x0bb8  NaturalAuthentication - ok
12:03:34.0910 0x0bb8  [ F2EA6F3165E154C24C084AC35DD6C3F8, 4F8CB75770945F5A28CC308917A124109F7462CE933695B9CAA3FE2CAE76C445 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
12:03:34.0915 0x0bb8  NcaSvc - ok
12:03:34.0955 0x0bb8  [ 9B3C6582CFB91BA2A04B1D06D8E2FB98, 431E6B075FD24002724E8A2ED9FB3221AD66D1F1D021B56466187D97E5B43A1F ] NcbService      C:\WINDOWS\System32\ncbservice.dll
12:03:34.0966 0x0bb8  NcbService - ok
12:03:34.0974 0x0bb8  [ 932E2E43078A3D786A46A5428F21B314, 17F1CC3388D80F1E1850063114C1EB72EEA149D9C8FA3501C0F9EB55C9E0C58D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
12:03:34.0978 0x0bb8  NcdAutoSetup - ok
12:03:35.0004 0x0bb8  [ 0FFE8AF1B94C5FD54E6ACC6DAE990D31, B67D3CA3460D4700D8B83EFE4B6A7AA940650E84D985484FBAA1EE80F3632133 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
12:03:35.0007 0x0bb8  ndfltr - ok
12:03:35.0076 0x0bb8  [ 59F3D5FEF4A24871C07C279762DA8624, 00DD19E3FBC7FCFE2768409E2B4AE931205D53A22072D958950E8FBA1D14F071 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
12:03:35.0104 0x0bb8  NDIS - ok
12:03:35.0121 0x0bb8  [ 4EA73CFDEE4A628D387D95464A131F29, 38A6E2389FA9B20A7AFDF3CFCD13B66489B92D853EE486BF81019F0A36A142E1 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
12:03:35.0123 0x0bb8  NdisCap - ok
12:03:35.0163 0x0bb8  [ EB127689AF6F24091AB73538A556257F, BC25067D355084D6893E9262750433044C28893BB27A67BF7AF5008742C6D359 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
12:03:35.0166 0x0bb8  NdisImPlatform - ok
12:03:35.0182 0x0bb8  [ 73B4C72FB6170A08C64BDA92DE93ECF7, 766BBE659232F0F5EAEE577EE88091FB76175BC52D65B9637126069C97E795D4 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:03:35.0183 0x0bb8  NdisTapi - ok
12:03:35.0202 0x0bb8  [ 6704F27EB15A5B30AA7FA5A4F4D1FD47, 841F99B3C751F4D4E23C0E7B5C275B4871C1D5EF937A93129DF64DF49F6B6736 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
12:03:35.0204 0x0bb8  Ndisuio - ok
12:03:35.0216 0x0bb8  [ FE87CCAA89433FC306A80F15E848F4B2, 3269FDF53DA59057E066D582FCBB96B71C8063B8F488856A9DEA414B4797E43A ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
12:03:35.0217 0x0bb8  NdisVirtualBus - ok
12:03:35.0240 0x0bb8  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
12:03:35.0245 0x0bb8  NdisWan - ok
12:03:35.0255 0x0bb8  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:03:35.0260 0x0bb8  ndiswanlegacy - ok
12:03:35.0274 0x0bb8  [ AC6AC99075732F5C29DB0004DD5B1AC6, 684EC821EF5C60DA540CA36EC192B09E62440AAD5B13F0F4C23DDC4A9B96F28C ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
12:03:35.0276 0x0bb8  ndproxy - ok
12:03:35.0290 0x0bb8  [ 9AC090451D92E6081EB89CDA83D74189, D4D442412F112853AA8D88DFB5F695AE4E8E2C361905992537EE53BE675FECE8 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
12:03:35.0294 0x0bb8  Ndu - ok
12:03:35.0313 0x0bb8  [ A115DDB2C7805C41EEC9A5276FF5764E, FC81D0BE2DAAC6E7161C0FC5C90050022A39AD50E28040D5357C0E1FD6C0B6B5 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
12:03:35.0316 0x0bb8  NetAdapterCx - ok
12:03:35.0330 0x0bb8  [ F420B6CAB5151A38E4DBBFFB500C11DA, 271F495B261461B8EA847BFDD87C155E6DC1B6236C161B8253A1F023706B1B1D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
12:03:35.0332 0x0bb8  NetBIOS - ok
12:03:35.0348 0x0bb8  [ 30C2F67EC84EB11B22011620107E0325, 98088685F457566FD8D13B83A0BF6B06CDC70AC156B67BF87A8A8446C150C1F3 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
12:03:35.0355 0x0bb8  NetBT - ok
12:03:35.0370 0x0bb8  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] Netlogon        C:\WINDOWS\system32\lsass.exe
12:03:35.0374 0x0bb8  Netlogon - ok
12:03:35.0414 0x0bb8  [ D9FF8CA42C3541F4840693F17143C595, B05FB0B6439B34BD93EE59DC48BBE3D712A7428EFBFE37A887CE8546E57EE68F ] Netman          C:\WINDOWS\System32\netman.dll
12:03:35.0421 0x0bb8  Netman - ok
12:03:35.0467 0x0bb8  [ 96173660A4DD4A56E4B8938A67DAD9B7, F1D8F94625C6461DB89F8D3BDC73748F8A7F3446694BD1F148AF9BE6F17E9543 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
12:03:35.0480 0x0bb8  netprofm - ok
12:03:35.0507 0x0bb8  [ 79C810D49E6D2825F51B0D7CAA6E2FAD, 19B7FB87FC8CE8FEA456F06D32099ED5B69FE38D2954580D4CEC32998D206E9F ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
12:03:35.0516 0x0bb8  NetSetupSvc - ok
12:03:35.0565 0x0bb8  [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:03:35.0569 0x0bb8  NetTcpPortSharing - ok
12:03:35.0608 0x0bb8  [ 8C03F2F5A9E93AEB08B3AEE51552394A, F95185FB8D5FDEAB39E593488BA6ABCFA9C081BFED05008E0CD95F29B894AFC8 ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
12:03:35.0612 0x0bb8  netvsc - ok
12:03:35.0786 0x0bb8  [ 99C24A7DC1F3D4845553B4BD189274A0, 801C2A1F12E6F0D646E92C98477FCDB84C6743803CD7365B774B0F88EB650584 ] NETwNe64        C:\WINDOWS\System32\drivers\NETwew01.sys
12:03:35.0860 0x0bb8  NETwNe64 - ok
12:03:35.0916 0x0bb8  [ 0C124EAC0EF7B3767280C94A8C03615B, D10216726A221C8FBC67C47F4B266C271A7C7A4438F77AC44BB561E0A6EB6D34 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
12:03:35.0929 0x0bb8  NgcCtnrSvc - ok
12:03:35.0988 0x0bb8  [ 9ECFD7DD594DBEAED3A2889045B2DCBD, 984B10A88E304B805153C49B3D618315926635A270AB34D2976E7AA5AE00E2F4 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
12:03:36.0012 0x0bb8  NgcSvc - ok
12:03:36.0053 0x0bb8  [ 50F98CD010326B58F09082BACF3123AE, 124446A2905E23BB3F5763E347842F3F511EC44C37C2F85E409F73EC8F53924E ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
12:03:36.0063 0x0bb8  NlaSvc - ok
12:03:36.0100 0x0bb8  [ 6D8F6A9C53CFB0C49E8251A442B7283F, C3E913E4997C35A9B4C2E613A499F01D15264EAB699B93269B690B2A74A70E9A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
12:03:36.0105 0x0bb8  Npfs - ok
12:03:36.0115 0x0bb8  npggsvc - ok
12:03:36.0131 0x0bb8  [ BABF7E1757D6908941C9F9CBD66A5EF0, 323E743CB26583763A9C5DE64E7E08138CB8D3E2DE0A8BCE9F774E1C7426E7F8 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
12:03:36.0134 0x0bb8  npsvctrig - ok
12:03:36.0149 0x0bb8  [ A85EB5721C7203AAAAAA04F551960CD9, E61ED728E154799346C749159BFE36FAEB2CE64FC5735F533B910017D66A7EE5 ] nsi             C:\WINDOWS\system32\nsisvc.dll
12:03:36.0157 0x0bb8  nsi - ok
12:03:36.0167 0x0bb8  [ 7A6BA778B48DF9FB7AC231D4FF6E3248, 5959CA59C75D2C4DD8A539CAA8D99EF6A0CB5AA3F0D485B14C8B35911748F1F7 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
12:03:36.0169 0x0bb8  nsiproxy - ok
12:03:36.0270 0x0bb8  [ 075F8C81457804BB79DD33FE69A96C57, EFAA1C6CEEC995E87EB15DA40178EA3534A73C8F6ADCF5F3FEC1C7BB99B78687 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
12:03:36.0321 0x0bb8  NTFS - ok
12:03:36.0338 0x0bb8  [ 4FFB2D5655D10700D5B8E205C4DB86BD, 69078960669A373F9C2D47AF2ED841619831106B681EBAAEAAE5BD569A54CE6D ] Null            C:\WINDOWS\system32\drivers\Null.sys
12:03:36.0339 0x0bb8  Null - ok
12:03:36.0361 0x0bb8  [ 99EB6376EC2C03CE5F668577651E3454, A783FFBF89A9074E2074ACAF3F55862DF2F05CAFEAF6A2D509DDA665EB0D59CB ] nvdimmn         C:\WINDOWS\System32\drivers\nvdimmn.sys
12:03:36.0363 0x0bb8  nvdimmn - ok
12:03:36.0385 0x0bb8  [ 3DB2E9E207358BFBD09B77B5119ECA5B, 55FED85EFC06B7AB5031D9986E4E4D2FA8841C549081ABBA9F9D9BBAB7852B37 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
12:03:36.0388 0x0bb8  nvraid - ok
12:03:36.0412 0x0bb8  [ 4C04BFBD4DB2EECCC47F5FA39D65BB6E, 9312DC4F7000991946D92D87DD9D37D70E336629EDBA553BFC79804049E34B73 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
12:03:36.0416 0x0bb8  nvstor - ok
12:03:36.0452 0x0bb8  [ 0D611DC17E48B6F8DD466A089170D118, E55A78E2CC6A0A5F7B8F0B75DFB2297FBC3B959C4FDEFBEA1C6C4E7706724AEB ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
12:03:36.0459 0x0bb8  OneSyncSvc - ok
12:03:36.0509 0x0bb8  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
12:03:36.0518 0x0bb8  p2pimsvc - ok
12:03:36.0558 0x0bb8  [ D1A9C22A98A10EB11A190B8FC7C07C6A, 1DE5F07E707DA9D833F105A8D948BBAEF0172DB2147D9A665EC7320F88D57B9E ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
12:03:36.0569 0x0bb8  p2psvc - ok
12:03:36.0608 0x0bb8  [ 2CC6C325B271C7CA60F374F8F868CB45, 569391CA5DF003ED33CAA89FD38834641023C24F7FAE2261F6DA8ABC5CC9C3C9 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
12:03:36.0610 0x0bb8  Parport - ok
12:03:36.0635 0x0bb8  [ 664B7DDEE982ADF5EAB480C75B9F6218, 1D1403CBD75916B83EEFA9B235E237583C40025C87C13676247F1EAD3F1D33EE ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
12:03:36.0639 0x0bb8  partmgr - ok
12:03:36.0672 0x0bb8  [ 72ABB842C15A6C3AC3D954308C6BF206, 8F2A69E3BE43BCD2C8A39153062216B5CCEC9FA62205EC8A23FAB209DFAE7062 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
12:03:36.0686 0x0bb8  PcaSvc - ok
12:03:36.0702 0x0bb8  [ C5B74C6D87E77BC64DEBD1BF57DEB375, AEBC86E404D4E3985D9FBAD9913AC52127DDE7C79062830717CDFEEA4CD7CC0B ] pci             C:\WINDOWS\system32\drivers\pci.sys
12:03:36.0710 0x0bb8  pci - ok
12:03:36.0773 0x0bb8  [ CFB85CB7A6F6926EA0EB96EDFB3C8A91, 7B3A58C165DF231BB202D8A2036272932439864F8EBDC62811E2BEFA8B36FC01 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
12:03:36.0775 0x0bb8  pciide - ok
12:03:36.0807 0x0bb8  [ 13B7D84B397A90E82682C47A15C3A98D, 7F897DA83209381A8C26B34416899E276256AB587DC4E2B60B185CAC8D1877F0 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
12:03:36.0815 0x0bb8  pcmcia - ok
12:03:36.0824 0x0bb8  [ 76EA512FD9D4673CF7A57775EE8922E2, 6D2B90616A46BC4F9BB6BACBD78EB33C23834987365C87617AFC2E147871C984 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
12:03:36.0826 0x0bb8  pcw - ok
12:03:36.0866 0x0bb8  [ 10E48E45A03A7F4C2B7C11738BE87816, 44870E26C3B75D51F5035DE78E62F3EFF222D314DAACBD60AE40BF34BC706F2E ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
12:03:36.0869 0x0bb8  pdc - ok
12:03:36.0923 0x0bb8  [ 4F190BA3C9BD2F0277BCBF480F396091, F09613C76350706992B39D7EA9B859D28F00790E5AC17CA7D49C3E270B9D8994 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
12:03:36.0942 0x0bb8  PEAUTH - ok
12:03:36.0968 0x0bb8  [ FE52FF97A094609429FEF098EDC6FB08, 6762ED340048AF61B756CB7B576BE2057768FDB677623D01F2A592727C0E5A00 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
12:03:36.0970 0x0bb8  percsas2i - ok
12:03:36.0987 0x0bb8  [ FCA143274792F12383C35902E801E83A, 87D93226E32153794993035553C9935D07242631E182460D8ED13650175C0F01 ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
12:03:36.0989 0x0bb8  percsas3i - ok
12:03:37.0079 0x0bb8  [ 4DAD2C73778D41F951B33854936E7BDC, 1421FDA2D083D5923422A038C54603BF798C48DDB7244DBEDA46D537B8CE1534 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
12:03:37.0081 0x0bb8  PerfHost - ok
12:03:37.0153 0x0bb8  [ B730E963A31B73938A76D7B80666D60D, FADF452637E2EB50CC8C0E75956FE01F029C587F6EF2F8B347213263DE9D3A80 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
12:03:37.0172 0x0bb8  PhoneSvc - ok
12:03:37.0195 0x0bb8  [ 97D85602B8131C487EB08A36F7343F5E, BEDC106AF06358D40BB034390645A5BFF9C138CFD51B5997D32614741D3D2372 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
12:03:37.0201 0x0bb8  PimIndexMaintenanceSvc - ok
12:03:37.0269 0x0bb8  [ F9FB601621FF33376F3908C2C27C6EF4, 8689565D4FD1C68826EA0A9C2B44377A2AEC3CD812595F0D32904D8FA5809672 ] pla             C:\WINDOWS\system32\pla.dll
12:03:37.0303 0x0bb8  pla - ok
12:03:37.0343 0x0bb8  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
12:03:37.0348 0x0bb8  PlugPlay - ok
12:03:37.0384 0x0bb8  [ 414CA4DCC31D795882B25ADC1DACE779, AFD8D9AA24C64DD9569FDCBE65171810FE27AF24B8DD2941FECE6245EABB6AAC ] pmem            C:\WINDOWS\System32\drivers\pmem.sys
12:03:37.0386 0x0bb8  pmem - ok
12:03:37.0399 0x0bb8  [ D54385DD5A39A5636D1587FC9ECFC337, DEEA5D433CB2DA55AE58C7C5431A1249C94B61606F0A75E4A44D516619060263 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
12:03:37.0402 0x0bb8  PNRPAutoReg - ok
12:03:37.0430 0x0bb8  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
12:03:37.0439 0x0bb8  PNRPsvc - ok
12:03:37.0505 0x0bb8  [ 118E91AEE8F6DDAD088F955498CF2487, F4447C64CF1F36432E0FF09B6712DCE61BF28E3499F20C6C69E80D98B42D671E ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
12:03:37.0517 0x0bb8  PolicyAgent - ok
12:03:37.0553 0x0bb8  [ F6A0B848F75CF55E3980EA0FADCBA317, 11D8B12B4DE867B180965B0F2FD0F362265C518F76FE3351A2B7C9C2FFC5E137 ] Power           C:\WINDOWS\system32\umpo.dll
12:03:37.0558 0x0bb8  Power - ok
12:03:37.0595 0x0bb8  [ D292D7FADCEE481CC64A9DE8FE9C3347, BD870A375E33CD8434CA97FFE9C2F84E58C6CD0EAEEEE8922172CB01F9674B55 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
12:03:37.0598 0x0bb8  PptpMiniport - ok
12:03:37.0752 0x0bb8  [ 5404E7A968A26DF03793B6F68536594D, BE5A85581E87EFE4DB43AD17B8D42D3F7F32364AEEC1416DBB94279C4A203FF2 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
12:03:37.0816 0x0bb8  PrintNotify - ok
12:03:37.0835 0x0bb8  [ D57CF871B3977731A91FE9611A54C7C1, B6C7F685716A88D0978377B83C5320C88EED0CAA44A001849AAFF71E4E0682E7 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
12:03:37.0839 0x0bb8  Processor - ok
12:03:37.0882 0x0bb8  [ 56A7713DE64B16FB309D132E88FDB098, A658C8DCA87442F33B726A9B2060B20393D83B8658D0894C046CAFEAB00E2D8A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
12:03:37.0894 0x0bb8  ProfSvc - ok
12:03:37.0910 0x0bb8  [ B60431D2A046AD97F8427F6E568370F5, CD488E343585A5AC19D9AAF88BF0BB7EEA1BC48F6DA4A4FBF9BE5A04ECF5040B ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
12:03:37.0914 0x0bb8  Psched - ok
12:03:37.0926 0x0bb8  [ 2C1686795B9307265F649249AD11D629, 51E4CFA39995B155724CFC9AF45B83F674F300907B2A405F003AE09E7C6F6E1A ] pwftap          C:\WINDOWS\System32\drivers\pwftap.sys
12:03:37.0928 0x0bb8  pwftap - ok
12:03:37.0995 0x0bb8  [ 5960B24813CA497D5E2A51333C5CB826, E977788AD4EFF1C602191A93DE0DE3931B31F61B1AB4BD68FA81C0A39894BE87 ] QHActiveDefense D:\360\Total Security\safemon\QHActiveDefense.exe
12:03:38.0016 0x0bb8  QHActiveDefense - ok
12:03:38.0063 0x0bb8  [ E0DCCA2A78516D155A6485CCA99F0EA5, EAFD24F815ECD6373BEC8E75B24FB54694CB8E4FF430FB6886F9B5B1C1762BFC ] QWAVE           C:\WINDOWS\system32\qwave.dll
12:03:38.0072 0x0bb8  QWAVE - ok
12:03:38.0101 0x0bb8  [ A2B0F46FBA2521E7E732BDBDB1238515, 7F0FEFB09770BF5889D6C2219F68399C962A3F1071E70C4951B6FDAE196CF041 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
12:03:38.0103 0x0bb8  QWAVEdrv - ok
12:03:38.0131 0x0bb8  [ EA9EB06EFC325CD2ACF5DF2F26A4894E, 32AC7EDB42CDA736E2AD9AB67795735F16234D9BD80D56FDAE5B8B3C3C1CC26F ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:03:38.0132 0x0bb8  RasAcd - ok
12:03:38.0146 0x0bb8  [ 4E9379389D0A851DD19D130C8FAEFBD0, 279A25EF8949A5BAF311CA75493A5F89F74A02711EF875F67D0A95849B409C00 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
12:03:38.0149 0x0bb8  RasAgileVpn - ok
12:03:38.0186 0x0bb8  [ 3E8CB44832FE3F96047187291523CDA1, 999A10D4D50CD2C39309FDC04A9F4CB0959BA061AE9305D4DF7F00F37F3813F9 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
12:03:38.0190 0x0bb8  RasAuto - ok
12:03:38.0205 0x0bb8  [ 5279EC98F6218D29EADDFECCC0D80E9A, 6F376FC3BEFA9F521635192177962AF1F41173502EC067896B7C2A5FB71E7A3B ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
12:03:38.0208 0x0bb8  Rasl2tp - ok
12:03:38.0259 0x0bb8  [ D5E9823BC7CD1149917CC49AD4052D94, 4A40400FC1B43EF3EADA420F9898AF2A24585199B6F11AA8C2E7E15E2CDA3BAA ] RasMan          C:\WINDOWS\System32\rasmans.dll
12:03:38.0280 0x0bb8  RasMan - ok
12:03:38.0303 0x0bb8  [ D7FF75ED7A48FD60A573C9E959CF4DB5, C67673E2D678527F8C07C9BCC487D385B92282D9D73396CFB01F14F5211CA991 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:03:38.0306 0x0bb8  RasPppoe - ok
12:03:38.0324 0x0bb8  [ 6A4E45A7F17FA0B4B1B48C550E311944, 1E84A559B7AA5F07E8156D223EFFB1B2B43D1E4E90E561D8DF2C257FFBCFDC0D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
12:03:38.0327 0x0bb8  RasSstp - ok
12:03:38.0371 0x0bb8  [ F2C575A9657F7B2E027C6CE7BC8F1A2D, 5D002488CCEDCEBF0542F508FCE47DC9105C67D5685489970048437BD243AC0E ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:03:38.0381 0x0bb8  rdbss - ok
12:03:38.0419 0x0bb8  [ 9414B22E093243636D362BF8C8C12A67, 575CE91AFADD771CBF86377962EDFAF70150BBA575F8DF144FEE6CC1C0FF88E0 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
12:03:38.0420 0x0bb8  rdpbus - ok
12:03:38.0441 0x0bb8  [ 53A01D3FDB701AC5D9DDE4140227E3D9, 833AF0BAAB49B58C71C684D2AA20B900C27E19DDCE5E15355C7ABAAB33BC7673 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
12:03:38.0446 0x0bb8  RDPDR - ok
12:03:38.0491 0x0bb8  [ DF32ED51DC0C3F6F3B1C4CEF71B8B426, DBEAD271B5DE6439E3106BDDB8B1E47D7BA47AE203CF3E1F8924CE02FDCA6E0B ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
12:03:38.0492 0x0bb8  RdpVideoMiniport - ok
12:03:38.0520 0x0bb8  [ 2369A5B651308E0C3458143976E9B03B, 0EDE99F7E2A7668E90C2FCA11D4BCE0676FBEA2CCFB57A004827CE5FE96D1584 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
12:03:38.0527 0x0bb8  rdyboost - ok
12:03:38.0598 0x0bb8  [ 3581FB9529035F8EC6DB681664CA70B1, 0C7BCD6A3B4248683C52B69F0B373D5929C2375F9BBF6CA80C480A8E7446A30C ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
12:03:38.0638 0x0bb8  ReFS - ok
12:03:38.0685 0x0bb8  [ 79E1ADE19D8B7C56EF29D098EAF57AD0, 295D0F04359A00849759976710F6CB83DB96E5007946930EA19865620EA3EFE7 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
12:03:38.0706 0x0bb8  ReFSv1 - ok
12:03:38.0758 0x0bb8  [ D91C597DE82E1500525945E1FFF24B0F, 3F5837A743715FB2CCBFC9458FBE010AED170B46515925D4C7C59BBAC792F695 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
12:03:38.0770 0x0bb8  RemoteAccess - ok
12:03:38.0797 0x0bb8  [ 19D1072193DAF71C97E5A05FC7673BB3, 313C3762CCC490C20B5561A78E6002E7A52F0142B370F17849DD4AB2F0AF6513 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
12:03:38.0802 0x0bb8  RemoteRegistry - ok
12:03:38.0850 0x0bb8  [ A12D167F73C3E285AC623BCA62B3A8BC, 6E8213808C22C0688BD40721FBBBAA88BFEFA1BD304BC19AA015FC541CA5BF84 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
12:03:38.0865 0x0bb8  RetailDemo - ok
12:03:38.0889 0x0bb8  [ D31B2CD9458D2E212A5F24D56D2FB8D5, D8EC0BDB9D143C050A48217C57AA1BA6D60EEFEF67A98441064BD8FD339987DD ] RmSvc           C:\WINDOWS\System32\RMapi.dll
12:03:38.0894 0x0bb8  RmSvc - ok
12:03:38.0929 0x0bb8  [ C79F1F7C8A5FCBE90E3C833299AA1F59, 7969E79B2095BDA144AA369DE21F49C9FAD272B5864B2F0FD28CB28D148F2AD6 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
12:03:38.0933 0x0bb8  RpcEptMapper - ok
12:03:38.0967 0x0bb8  [ 1CE6928C1587F9760F7C3A036786CAE8, 3E4F5371E0DDDBA612BF61891D17D691DCAFB2E1010BBD84737FBD98DA8C03DE ] RpcLocator      C:\WINDOWS\system32\locator.exe
12:03:38.0969 0x0bb8  RpcLocator - ok
12:03:39.0014 0x0bb8  [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
12:03:39.0039 0x0bb8  RpcSs - ok
12:03:39.0073 0x0bb8  [ E87EECED9287C275B6CF30EB598B1D77, D0C5D4E37A3FAD422C0ECFFAB53904D9FD5385129DE2BC5AF75D91CD016EA6AC ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
12:03:39.0076 0x0bb8  rspndr - ok
12:03:39.0103 0x0bb8  [ AB7C0639DF052528C2CB06D0EAE115EC, 5D709DE453FBC3DD880859D2B11BCB780FEA8C0618AA47622C85BD414EC540BE ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
12:03:39.0117 0x0bb8  rt640x64 - ok
12:03:39.0160 0x0bb8  [ 4DBBD2B451A2C45536F14FA972DD3E83, 22B47D79452593E57640B70F3A2EAA9D448046BD1BACBFD2851366DD6FC6DCAE ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
12:03:39.0169 0x0bb8  RTSUER - ok
12:03:39.0189 0x0bb8  [ 6308366D3CDEA5F427CFF4BCF0081B4E, ABB91A41C09A1607C66BD380FD0A3EECAAF9AD534856CCC78DE1A4E450ADB07F ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
12:03:39.0190 0x0bb8  s3cap - ok
12:03:39.0221 0x0bb8  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] SamSs           C:\WINDOWS\system32\lsass.exe
12:03:39.0224 0x0bb8  SamSs - ok
12:03:39.0251 0x0bb8  [ 33B2DC5C2F19DA89F862484E23D9833D, 1C3BD1804767D087BE1510EEDCE94FFAC096922C821A123DB1BACDA5777246A7 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
12:03:39.0254 0x0bb8  sbp2port - ok
12:03:39.0294 0x0bb8  [ 53F03A8A228D6C8016139A4B2583A2D8, 8EA046C7537B2D926D3AE1F058A9880F823EBEA6DC77F312082EDE1722F08236 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
12:03:39.0301 0x0bb8  SCardSvr - ok
12:03:39.0325 0x0bb8  [ CBCC25CDF5D30ACB253CC92ADC7D569C, 0DF0DE3B0F0007E4F3D663EB7CC503C38B5A99F5859A6BD8564F8153F1D925D5 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
12:03:39.0332 0x0bb8  ScDeviceEnum - ok
12:03:39.0353 0x0bb8  [ 5CFEEFCC6FAD1FD09ACCFBD652DDD85B, F90104CC42073ACD48A2FCCEDF58B57D8663223406ECB0A270140A053E9260B3 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
12:03:39.0354 0x0bb8  scfilter - ok
12:03:39.0415 0x0bb8  [ 5BBFA6CA63E8A5BB8FA2FA84A5562CE2, C74CD0A76473343A8620D26C96F7300026C295EDF61B8A336AB326DFE861678D ] Schedule        C:\WINDOWS\system32\schedsvc.dll
12:03:39.0436 0x0bb8  Schedule - ok
12:03:39.0452 0x0bb8  [ 5C8620FAC0E3C1658C8EF7AD7BB7EA5F, FEBE7FC79FCDF692167D82DE54031FD68BD2941544007EEB3D82C21E7F1C5C83 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
12:03:39.0455 0x0bb8  scmbus - ok
12:03:39.0476 0x0bb8  [ 62E13528B9F900A5662E243D4315F10B, B3F4868E80A3A2EDEC19E5AA32C96FF90B08D6B9BD35B80EA01E6A098D46040B ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
12:03:39.0481 0x0bb8  SCPolicySvc - ok
12:03:39.0514 0x0bb8  [ 71A494A502F24465317E88E80F6C0C2C, D85F139982804B8419D7CCF01F35CCDDA580BA5276A6261D0662028080F7765B ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
12:03:39.0521 0x0bb8  sdbus - ok
12:03:39.0553 0x0bb8  [ 464B615872981015AC4FEEBDEA83A063, 5CF491352B267241CA11F08E72E6EA668A595662561892E0D02CCA5B71172E14 ] SDFRd           C:\WINDOWS\System32\drivers\SDFRd.sys
12:03:39.0555 0x0bb8  SDFRd - ok
12:03:39.0574 0x0bb8  [ 847F01FB8504425BB255856A14278A86, 41997D25D12779CA79551988C56FA0A302367076B09A82F620858EDDDBFCE3FF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
12:03:39.0579 0x0bb8  SDRSVC - ok
12:03:39.0601 0x0bb8  [ 6BC219F1D9CDE08CEB9084ADB41FBA01, DA8AC3B42A72515A1976961976203A52D4C8636586EB5EF6B466AAF967A6567E ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
12:03:39.0603 0x0bb8  sdstor - ok
12:03:39.0619 0x0bb8  [ 2AE8505519C7E8A903DD7BE793A79846, 7044B1BC183E028BCFB544489B033F0968F033696F9816F354329ABD26C6EE7E ] seclogon        C:\WINDOWS\system32\seclogon.dll
12:03:39.0623 0x0bb8  seclogon - ok
12:03:39.0658 0x0bb8  [ 1D4F5F50BEA1329FAEFA5D15F683F87F, C5E0BFFB4E4589AAD87D8BA0F779DC94ED6F85A8003B71D0A858CC32912A3F0F ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
12:03:39.0668 0x0bb8  SecurityHealthService - ok
12:03:39.0723 0x0bb8  [ 77FB9BE8EDDCC999D09F2B1A7878A2A9, 589774C006A339FCA9772C37C9103C73C8592E018553804B97F34E2A0069A3F7 ] SEMgrSvc        C:\WINDOWS\system32\SEMgrSvc.dll
12:03:39.0751 0x0bb8  SEMgrSvc - ok
12:03:39.0779 0x0bb8  [ 25456AF499A0C9C4A93CFAC70BDE9CC2, 885C1A9C8BFA73D9C9C454759DF871237F7C0F28D879E98B4BE0D0113C549B09 ] SENS            C:\WINDOWS\System32\sens.dll
12:03:39.0783 0x0bb8  SENS - ok
12:03:39.0852 0x0bb8  [ 892C955E1081412942F64679E0DD7A5D, 6A28012270FA1FB3BB279102C67FA5296564630181C887E1EA6EA1F952A30C37 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
12:03:39.0881 0x0bb8  SensorDataService - ok
12:03:39.0922 0x0bb8  [ AA4BA5CCB3B01E23605ACE13F4A94ECE, 7D8374FA03C33CFC7EA7CF680F81B0090AB22076E389EB6B6233F696FC63E1B0 ] SensorService   C:\WINDOWS\system32\SensorService.dll
12:03:39.0936 0x0bb8  SensorService - ok
12:03:39.0970 0x0bb8  [ 00897F867A525D2118DF98E2DCADA050, ADAEB414EE5F3EFE90AE8A56136FB0165CF68962661FE0B937150235DE1F4DE6 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
12:03:39.0976 0x0bb8  SensrSvc - ok
12:03:39.0997 0x0bb8  [ 585329F62195A4B7AAD0A95F6EC89751, E7ADED97ACA8E8E06C368E24702C22D4C2B0B9495DEA24A2DC2A30782099BDCE ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
12:03:39.0999 0x0bb8  SerCx - ok
12:03:40.0018 0x0bb8  [ C8F4FDA8B3D039D7947344614FF5BFB2, 1A3B88EC59F2A820AFE4F3AC65F7149EAC68672D1F0D729CBB575694005A8911 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
12:03:40.0022 0x0bb8  SerCx2 - ok
12:03:40.0053 0x0bb8  [ E5B450E4E0DC1591254BF9CCF6C57B40, 958E7378D9BDE1F2EBE736D8D9912D56835A606AABDD042443A35CA37EC70F11 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
12:03:40.0054 0x0bb8  Serenum - ok
12:03:40.0070 0x0bb8  [ 628D8DD136F92316BFEB58FA005338B7, 0CDA673D31F40EBD07E9F67667DB6077F23DCADE2DD8376AB550575224625D44 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
12:03:40.0073 0x0bb8  Serial - ok
12:03:40.0085 0x0bb8  [ E5BA0B7353ADC5C95AB466D2E4DC89B1, 98F2A22ED892B2610C85EAAAB51DF25939599955A27611FCE9E68C3701CFD4EA ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
12:03:40.0087 0x0bb8  sermouse - ok
12:03:40.0145 0x0bb8  [ 043D7B39E693C610036BD56DF30EF440, 329D29CE1CB5F502B7DFCBE24878CA61EC56787A1B02195E19499701B194DE08 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
12:03:40.0156 0x0bb8  SessionEnv - ok
12:03:40.0169 0x0bb8  [ 15CFCC4692DA8887B977CE5FC5181084, 31D86E122E35AB9E7275F2B0573EE98770BBE517ED3B9CCED97F4969C9A619F9 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
12:03:40.0170 0x0bb8  sfloppy - ok
12:03:40.0232 0x0bb8  [ 87B083252816171A17F833CBCB7AA85E, 200AB93CEF384791DC9B04D2AF17877CA10595B2CEDF4B9505E367A2382C4AB7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
12:03:40.0245 0x0bb8  SharedAccess - ok
12:03:40.0298 0x0bb8  [ 490F6144273A85A3CFF3D416850E0611, F703D32580405B9CEF0E601222C2CE584B076B2E58710D66A15AFEA2A6907514 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:03:40.0313 0x0bb8  ShellHWDetection - ok
12:03:40.0354 0x0bb8  [ 7CA2E9B6EDC87FCCA9C49D3D9BE62B65, 3FE1A2DD8581BF8D29EA2000424EB992BCA8E00986F107C22489D006F729D2E3 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
12:03:40.0362 0x0bb8  shpamsvc - ok
12:03:40.0396 0x0bb8  [ 2339F6B45E1D863B1D327F3AFD75A675, 03304ADC42EF6E8F671C8AA78A0D3E40408D870FBF2DA2B31A1727F86EF8F213 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
12:03:40.0398 0x0bb8  SiSRaid2 - ok
12:03:40.0410 0x0bb8  [ F520D50AD7266ED31D25DF4C8EA6BC2D, F68CF9EFB8319E59A8D9C24A36A198185DD79CBACD14510F5450F0024F0CD4D3 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
12:03:40.0413 0x0bb8  SiSRaid4 - ok
12:03:40.0454 0x0bb8  [ 8A6571231D93C08434A56E19E33A35CB, 78A12B58D129D5B2017C9A94734656B9F1ED41345DF1D01F82702D4D95C1BE3F ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
12:03:40.0456 0x0bb8  SmbDrvI - ok
12:03:40.0495 0x0bb8  [ 70A2FD5F5B7B1A5E1146BE45E4DFB75D, 598824F06BBC2E37B9A6474411637C73233C8D2E13AE963C3229279A8519A9D3 ] smphost         C:\WINDOWS\System32\smphost.dll
12:03:40.0498 0x0bb8  smphost - ok
12:03:40.0536 0x0bb8  [ 15684D78C67B63475EABAB5A6ECF32A8, 46BA6830BC42839E22F600ED591E23611E092C2342702F403553BB0B9177E835 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
12:03:40.0551 0x0bb8  SmsRouter - ok
12:03:40.0604 0x0bb8  [ 9977AFF389C0C32DE419226564886E09, 453ABAB020E3ACD04A45BD05B224C182A47534C23023C4E1AD1903E5377B3CCF ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
12:03:40.0607 0x0bb8  SNMPTRAP - ok
12:03:40.0661 0x0bb8  [ 2334ED0B61CAE7E7B1B454674206CDAC, 4EAA11805C2282E0306A381CF56E4B28D83C68BA1B401BFD512AE70C05C8A4CD ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
12:03:40.0675 0x0bb8  spaceport - ok
12:03:40.0737 0x0bb8  [ F3F0B8CAC1F3E6C3382EAFCE762475AD, 9F2EB373FB9216CDA71965979EE5E18F3AFDD26FF7E0C09DD7C3D880205C2554 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
12:03:40.0740 0x0bb8  SpatialGraphFilter - ok
12:03:40.0761 0x0bb8  [ 83E82B0E292DCDE4C75B9241BF0FB300, 494D2FD4CD082CC416CA5FF1ABE06BDC65A769F371CF0E18AD25C380B45AEE32 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
12:03:40.0768 0x0bb8  SpbCx - ok
12:03:40.0839 0x0bb8  [ 10CD42898C9E4849193E78A87337B2E9, 7C4FCB36EE1AF92C6962F14AE6DEF2CB154468EC3963DCDB9BDF8398C98B475B ] spectrum        C:\WINDOWS\system32\spectrum.exe
12:03:40.0860 0x0bb8  spectrum - ok
12:03:40.0937 0x0bb8  [ 29D813B5D84BC2C26BBC607CAA57A675, 2C4D5F4E2F7B6580E22ABF67690B0D32CAF5063DEA79E6F57E565782973F3990 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
12:03:40.0962 0x0bb8  Spooler - ok
12:03:41.0129 0x0bb8  [ E910861720DE6EDFB5CC6158CE3C7E17, 526BA8EEB9EE5312FEC39753D728E05F49AD81132346A354C95D4D4938001E2B ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
12:03:41.0230 0x0bb8  sppsvc - ok
12:03:41.0272 0x0bb8  [ 36EAC4FE629FC036632F13EC14788FD1, 6AEE37816306FE46FA99EADB23E98CE6A6674C11ED847F1F5575926E26B09F9A ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
12:03:41.0282 0x0bb8  srv - ok
12:03:41.0339 0x0bb8  [ A84B05C7C2A233497BE1D518A662C326, 85B291B6783AD48F2111B46050311A553BE6D6A7C3D90861DC010FA65730D2B5 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
12:03:41.0357 0x0bb8  srv2 - ok
12:03:41.0388 0x0bb8  [ 0351B28EEDFBD6C8CC69A7224A098CFA, D1D08D63F773CAEEA66585D090C073C0748AE96A2AAE8487E4B8BA54F7E59558 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
12:03:41.0394 0x0bb8  srvnet - ok
12:03:41.0434 0x0bb8  [ E95A6C339AE68515897B2E4C6B0842CA, 29DD7E83CD68432EAE4A7ED92CDA40AA52028F5FBB52152F0A1C752B572C2684 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
12:03:41.0442 0x0bb8  SSDPSRV - ok
12:03:41.0471 0x0bb8  [ FBD45746B2EDEECA10CCA6A861F8049B, 34383B0A07A93E0FA89CA32CD45AC5061F73723B2A9E0BF4AF93A53F70F1678E ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
12:03:41.0478 0x0bb8  SstpSvc - ok
12:03:41.0658 0x0bb8  [ AE1918EED1E4925778B92061CC2B8D18, 21B3D1685906BC4BA3C8A54C40ABC631F2F312926111BCE48AFEA8B96942DF22 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
12:03:41.0775 0x0bb8  StateRepository - ok
12:03:41.0802 0x0bb8  [ D40C589F80EB1C511263D0547C0259AE, A0236F6BB515AE006CC4C9F40FCCE250407888757A3646BB4BCB59EF8EEF1311 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
12:03:41.0804 0x0bb8  stexstor - ok
12:03:41.0864 0x0bb8  [ F83F43CD328E6CEEAAC27612F3EB1FF5, E3D35E5154CD228301806706E6EADCA36E9113EAF44BC06E3C43B2E902187326 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
12:03:41.0880 0x0bb8  stisvc - ok
12:03:41.0937 0x0bb8  [ 576A818562069B1E091CC719C143AED2, 48880CF4D33033E9A6024C2A0AD673AFBCE400C74574913F8E24717BA6BADE7C ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
12:03:41.0945 0x0bb8  storahci - ok
12:03:41.0978 0x0bb8  [ E5F703788DFA05411F1469E96838F438, A7E8D2DC23E23EA52B068C71D9387E69FF49798A27CE0243A994A2B1B09FA042 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
12:03:41.0980 0x0bb8  storflt - ok
12:03:42.0004 0x0bb8  [ 0D0128244FF55EAD3F878D3FE542DBA5, 4FCFA1B2113E07264A71A22298CA6E9FDC2AB722E0AE184A8F5656C18113A858 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
12:03:42.0008 0x0bb8  stornvme - ok
12:03:42.0030 0x0bb8  [ 3A62FF78619258E6126C5C4B4CC82C8E, C72CC295680B35E0EEE5A5310E0241E2FFE0E540BFAA49C35C06AA882229C1CD ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
12:03:42.0033 0x0bb8  storqosflt - ok
12:03:42.0093 0x0bb8  [ 212CB512B785E218667CCA56C4BFD71D, 5FD4CFEE5AB2187D928632076E6AD5C2C53D66884479C4D34930DCFCA3CCEE34 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
12:03:42.0112 0x0bb8  StorSvc - ok
12:03:42.0126 0x0bb8  [ C6097966F8EA3B288070CDF7C3C8C3E8, D12C4AF3E54DCE1E5DC9C8AA0E83420F481DC0165A7F7845083A85BABC102D37 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
12:03:42.0128 0x0bb8  storufs - ok
12:03:42.0142 0x0bb8  [ 3DC3B17E92DA02E36B4138733DF6C1AC, 398F20B6D6DAF6DA950C149F63F3B23864E1478119BFE53218C220CEADEC800D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
12:03:42.0144 0x0bb8  storvsc - ok
12:03:42.0180 0x0bb8  [ D284AB2CA6C30317D142D38CE1F848BE, 4C9EAE174F5C673CA550C9382E85CE7DAF5DC9965495BAB09078B634A4CDD4FB ] svsvc           C:\WINDOWS\system32\svsvc.dll
12:03:42.0183 0x0bb8  svsvc - ok
12:03:42.0203 0x0bb8  [ 2BC4D0EBC2467FE90302AE0AFAF23768, CF8BCC9CA1FBA8407FD044613A2497BEEC641DE463B076F0ED1FA7674C202ADE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
12:03:42.0204 0x0bb8  swenum - ok
12:03:42.0234 0x0bb8  [ 13985DA558FBCBFD9108A2CACB5FE494, DD457A73E82147AA90C36D695A47E862FF90D96FB1E22760FAB5780F7C332A46 ] swprv           C:\WINDOWS\System32\swprv.dll
12:03:42.0247 0x0bb8  swprv - ok
12:03:42.0286 0x0bb8  [ 572F81CF08972D53BAFFC2A110A2A586, D9AF8EBB31CE097849F93FC8C0F06178B2E1CA8C48D08BBDD85174CCD64A16D6 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
12:03:42.0288 0x0bb8  Synth3dVsc - ok
12:03:42.0339 0x0bb8  [ 7DC2B34FB6F1798F2D13453E0321D025, 60EF12A8824384DD88D9C5D188E8FB137F0F85A63C06AAF720CB2D616EB847F4 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
12:03:42.0353 0x0bb8  SynTP - ok
12:03:42.0427 0x0bb8  [ 6FBDBC24B1642868E041463795CBFA44, E9FA0DB094E7B2129ABD325BC91A48D6646380D6AA97BE6233C220E0C98637AF ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
12:03:42.0439 0x0bb8  SynTPEnhService - ok
12:03:42.0527 0x0bb8  [ 7C29BBF63178BB6788AD1C2B231150A5, 5114AC1260C5447D3B21C7C56D825C1E77FCE388C5630D0200C8256F69EFA6B4 ] SysMain         C:\WINDOWS\system32\sysmain.dll
12:03:42.0550 0x0bb8  SysMain - ok
12:03:42.0582 0x0bb8  [ 97E0FD613D031EAA73E8AD259169AC22, E86E9B9C18AF2E79D7CF80B177A12D89418CDBD3CBB74307809DD0377408DB82 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
12:03:42.0591 0x0bb8  SystemEventsBroker - ok
12:03:42.0630 0x0bb8  [ 7750219DFABC38261575B6CEFBF84EC6, 50DF85E34AF7C1343281AD0EF34FD94AB0E279DA5C61976ABA0135B8F013C543 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
12:03:42.0635 0x0bb8  TabletInputService - ok
12:03:42.0664 0x0bb8  [ C1C6A802C2A9A57029D4347E251F4D18, 9F75B7F003C829FFDB2CDC98231D32FE988754D23873048FA4F6EB82ED1DCED4 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
12:03:42.0673 0x0bb8  TapiSrv - ok
12:03:42.0811 0x0bb8  [ 02481DA7952E87F0EF007B54E0216DA8, E32BD56991560F608C843AF1CC6E4885435D8B13E9EE0003450C4B87D6CEF29D ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
12:03:42.0868 0x0bb8  Tcpip - ok
12:03:42.0983 0x0bb8  [ 02481DA7952E87F0EF007B54E0216DA8, E32BD56991560F608C843AF1CC6E4885435D8B13E9EE0003450C4B87D6CEF29D ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
12:03:43.0040 0x0bb8  Tcpip6 - ok
12:03:43.0068 0x0bb8  [ 1C35A5C62D110346379C55E39A3D547C, 5BDBD593AB51ECA5A6B703E86F300E3B2B153E128BEB9A006ABD827AE726BD62 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
12:03:43.0070 0x0bb8  tcpipreg - ok
12:03:43.0082 0x0bb8  [ D74756DD1518D28A09CDA99696273FA4, F01DDF8CDBBC70BB086970C324E60CF7A1828CA6DE5A4F5B1BA4686BC31C4058 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
12:03:43.0085 0x0bb8  tdx - ok
12:03:43.0118 0x0bb8  [ 96A35CDBA661D41C5A3914257CA1D200, 691ABBAA99C673E7D0B81D811BCC60976C3EC050F2B39B35B87A3BCC211F119A ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
12:03:43.0119 0x0bb8  terminpt - ok
12:03:43.0171 0x0bb8  [ 0B5C6D1683CDE89B3488326C60EA6EF2, 3B822CF005FA3002F27FF9BF39E7E133987230DA3481CFCF99F3B2B6B373A718 ] TermService     C:\WINDOWS\System32\termsrv.dll
12:03:43.0196 0x0bb8  TermService - ok
12:03:43.0218 0x0bb8  [ 6568EF1B30101979107055B7E515EE58, A318082E5FDD79C9F85E8C00A78EBFA0EC44B1046976E85633DC7BD123DA38B9 ] Themes          C:\WINDOWS\system32\themeservice.dll
12:03:43.0222 0x0bb8  Themes - ok
12:03:43.0258 0x0bb8  [ 2ABC11CFC2F03A919AF78A6E3E29C570, 54D91F89993A0FF090E2213EED92DE3659DCB693FBDA5932E31C6D6D7CFC8E80 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
12:03:43.0266 0x0bb8  TieringEngineService - ok
12:03:43.0308 0x0bb8  [ 4F9A5CE9F3C75AF1EE4B00D5E69F7CF7, 5FEE41C10629E89BD372E5D6C05A78FC0F2C394F4DE7C70AACC8720C6C6590DA ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
12:03:43.0323 0x0bb8  tiledatamodelsvc - ok
12:03:43.0336 0x0bb8  [ E59D4F92FE11B47AB727C6D192CC977F, 1DA06663889A20A1B22DDF90E5C99A5668023C0B89E252F3E820C0D1964B1948 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
12:03:43.0342 0x0bb8  TimeBrokerSvc - ok
12:03:43.0396 0x0bb8  [ 5379471B971D29EFCECBA87200C9FBFC, 7621258DA5EF0F4B2FFC344BCE0B6442E0AEE6BA795B65EBB5786D7A7C208A1F ] TokenBroker     C:\WINDOWS\System32\TokenBroker.dll
12:03:43.0422 0x0bb8  TokenBroker - ok
12:03:43.0458 0x0bb8  [ F76A92975340DAA99939DA297D677EA8, 51DA87E921BBA21BF39D7D9B691CEF8B1D2BCE2BBB0BA5B3C12B7E98CB5C702E ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
12:03:43.0463 0x0bb8  TPM - ok
12:03:43.0496 0x0bb8  [ 85E0D4431D61675A94EA99C9E1F56436, 9FA750703E04D20A62DBB0185CBDD70AFC4573FB65F86E61AAF7CF7A7D8E1E3E ] TrkWks

BlackOnyx · 06.09.2017, 11:10

Code:

ATTFilter

C:\WINDOWS\System32\trkwks.dll
12:03:43.0501 0x0bb8  TrkWks - ok
12:03:43.0550 0x0bb8  [ F21A69013A67B372675F523262AC1E33, C3F910E375C0F4B7FFA6F6D755622FF6B0CAE36DF691C938DE177C94815FE3C8 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
12:03:43.0553 0x0bb8  TrustedInstaller - ok
12:03:43.0601 0x0bb8  [ 9856BCCD1CD5DE4D17E8DBBA7CEFC688, F4B532DCE6F4728092848FE7B2FC05AB921EC7B3FDD7E62AB40EE0029C008398 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
12:03:43.0603 0x0bb8  TsUsbFlt - ok
12:03:43.0616 0x0bb8  [ 837AD2B941E721BCCEB7EF137E2DEE18, 84BE22616A50467B1957434C8BD19C8B0FC3B21CD77FFB8E16A09347CEAE0F4E ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
12:03:43.0618 0x0bb8  TsUsbGD - ok
12:03:43.0651 0x0bb8  [ B3142C6118703E98EB0510CF7B43D0F2, 40FDCBAA2AD93026AD479BF8C1B4EE7A4E2E65590608B6B1C5DEB3C4716E5C03 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
12:03:43.0655 0x0bb8  tunnel - ok
12:03:43.0702 0x0bb8  [ B097B77121A057AB6D70C647636978D4, 10F78A18AC898CDD0FA91D6FA29B8B45C6D8F6CE65B064C39256EB20FC6CD085 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
12:03:43.0706 0x0bb8  tzautoupdate - ok
12:03:43.0744 0x0bb8  [ B4C846ABD462558D45CA578C855759C3, E0F0DD39A6C101C2209CA46EF2B5A5F4559843C9EE37CC08ED78D9E124A566D2 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
12:03:43.0747 0x0bb8  UASPStor - ok
12:03:43.0777 0x0bb8  [ 5C2C0296D9EE7DC92A3F14642FBE656D, 94A7D549EC53C71095AD8DE4DB8F846D1DB3438FE2679E41DCAE62C34C0654DD ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
12:03:43.0781 0x0bb8  UcmCx0101 - ok
12:03:43.0797 0x0bb8  [ 8BB64E04CD97AD8C68543181D93E2AFC, FBA2FB9A9906721BAD42CDFFCCE0234AF3F72B83E2571E526801F19173B7C9CE ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
12:03:43.0803 0x0bb8  UcmTcpciCx0101 - ok
12:03:43.0833 0x0bb8  [ F083A400FB9CB8ADD1783848CB1C76F0, 7E543E5F81C04AF486ACC08B94F785B9702B743C96079241925C385BF8411EB9 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
12:03:43.0835 0x0bb8  UcmUcsi - ok
12:03:43.0855 0x0bb8  [ 5D4EAF3D0911338CB8FDB088386D6DCA, 1AC5B494C39570E66C4D4F867C6B8E37C174FB5D67C2865B07247122F60F8895 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
12:03:43.0860 0x0bb8  Ucx01000 - ok
12:03:43.0882 0x0bb8  [ 384E1F0D84B465820416338E52FE7C2B, 8F82778332EA1199987BA569536CBED8FEAF5E9D920321B0C9DFCBDDD91EEA35 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
12:03:43.0883 0x0bb8  UdeCx - ok
12:03:43.0907 0x0bb8  [ C82BE75239D412057C9E3DB1785680C6, AE712E40440F5725DA41C95C3E558B5E9ABB17C55B70297DD40D7D1BDA7CE45D ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
12:03:43.0914 0x0bb8  udfs - ok
12:03:43.0927 0x0bb8  [ CCDF6EFF952BF3BF34DC17600F479397, 2A2009B3C4BD1A44F1C6E334CB0A7DD02443BCE1EB48837C1C70A2A04CC7C54A ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
12:03:43.0928 0x0bb8  UEFI - ok
12:03:43.0969 0x0bb8  [ 00BEF71C45FD6B06E7525E7B31EFA88C, C0BDE8CB41BF9A34E395EA86756637E4CD6B88EF1C842364ECA639948D6CD59A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
12:03:43.0975 0x0bb8  Ufx01000 - ok
12:03:44.0009 0x0bb8  [ 9450AB15C30CF7D1F23C8A42E778C3A2, E62455008ED5B7220AEE62E0F459A67E26FB2878349ABA5AAF0164C2E7A8C0E9 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
12:03:44.0011 0x0bb8  UfxChipidea - ok
12:03:44.0034 0x0bb8  [ CEE12C7A689BDF448715024A7E0EB9C3, EC48E1469800E34A71C8A97A6F2F0B7C67385BCB8438844E6967DE0A82E39B94 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
12:03:44.0037 0x0bb8  ufxsynopsys - ok
12:03:44.0071 0x0bb8  [ 5A2F610B31CC3FD23D3E20C1D5F1EF52, D470B7C1CAE066C2DCDBA47001913FB1A7C9CC5B200FB8324DB896B641C1A132 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
12:03:44.0074 0x0bb8  UI0Detect - ok
12:03:44.0085 0x0bb8  [ F39ED750EDF5948FA8CD99D1F4EC9372, AE42AE50DE09F26D3CA4ACDCD5ECABD59D26926707030F0532A885266FE83EF9 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
12:03:44.0087 0x0bb8  umbus - ok
12:03:44.0100 0x0bb8  [ 55984D4E64C2F8E4223542CBCC15EDEB, ECBC832FBBA6AFCAEDEBB2728FA4A6DDCF52A6421929E72CA29B61CDBED840DF ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
12:03:44.0102 0x0bb8  UmPass - ok
12:03:44.0145 0x0bb8  [ FBEF4641E3E08A03CA84AF5C393CA86B, 9A14A0FB645AB6DD0B49F3A14FBF38FECC65796F2503324E93994113CC7AD52F ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
12:03:44.0153 0x0bb8  UmRdpService - ok
12:03:44.0202 0x0bb8  [ 5B17D5E9FBF65ED93078DEB687357BAF, 00BC68F16E36681254E72D8D39006F695D38246EAB6ABC6F40E5305D5ACE26A1 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
12:03:44.0230 0x0bb8  UnistoreSvc - ok
12:03:44.0278 0x0bb8  [ BBB6BDBE5ADCE6F87F70623D5A1EC5BC, E8BD5804FF82417890A9D1A44096B174E81A8C7AD3059B1F0C62740E0B39D137 ] upnphost        C:\WINDOWS\System32\upnphost.dll
12:03:44.0290 0x0bb8  upnphost - ok
12:03:44.0317 0x0bb8  [ 4D23214CB8B1C36B82061280EB8FDAB3, 387C01A7F9D8F89ED894EDF894AAAF8830DD7C90DF2F12A2CB4C4E9C7CB773BE ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
12:03:44.0318 0x0bb8  UrsChipidea - ok
12:03:44.0339 0x0bb8  [ 4329D880DB96B504F0DDC991A7374CCD, 1486BEF2C03ED281B24A17D3C18FEA2360E37A6B46D1A67D4690CD871B0A13DA ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
12:03:44.0341 0x0bb8  UrsCx01000 - ok
12:03:44.0349 0x0bb8  [ 93FAD0AC5879F274FA248A49E3F3EA33, D936F408E23040B33F30AB3B43D8B8BB9F3CCF2549E821F4C47357987AFF386F ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
12:03:44.0350 0x0bb8  UrsSynopsys - ok
12:03:44.0383 0x0bb8  [ FC318082D0793B76C766A8DFD4C247C5, F547C643A16D580BD96BC20DC901A8210875812EDABD57DD65F20A915A877CB3 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
12:03:44.0387 0x0bb8  usbaudio - ok
12:03:44.0423 0x0bb8  [ 6B09AA6A04C8261E787B6523229E7159, F97BED424E988AC6272D51025FD0D3180E89BAF0FFC83DAB609774D6269B353A ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
12:03:44.0427 0x0bb8  usbccgp - ok
12:03:44.0453 0x0bb8  [ ECE3AD18B4C22ED0C4AB1A2AD9AC32C8, 2062D400305075E886CF2C9D710A1C48B3F4AD48E7A75A77C66547357E96CB6E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
12:03:44.0456 0x0bb8  usbcir - ok
12:03:44.0476 0x0bb8  [ F8BCB536866474C6D8008F4C69B778A1, F86F4330DE2F50D48559C1ED46168ADB8F6AA7C8FE3834FFE00085C1783C5750 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
12:03:44.0478 0x0bb8  usbehci - ok
12:03:44.0497 0x0bb8  [ 1F723DA014062DBF3288B408A7611845, 0CCC9360259E6FBC510BBF69AE991A53A92516023AAC32C60A44BD3B43371C66 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
12:03:44.0509 0x0bb8  usbhub - ok
12:03:44.0550 0x0bb8  [ 0939AD44244AA9D348187015083E17DF, D48C8032333D30019BC5FD4BAF97A2AB1A80488D4881F3437C3D5341DE5294CA ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
12:03:44.0562 0x0bb8  USBHUB3 - ok
12:03:44.0580 0x0bb8  [ BE6ED98FD0D3FE5FB11762AD7CCD6C96, 54C6C929CA55EA6770474F7E230190FC7574C1FA52437B564B3B5FA4D6106D8A ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
12:03:44.0581 0x0bb8  usbohci - ok
12:03:44.0590 0x0bb8  [ CEE43CD5357DB8786CE6E2C430841AE4, 50F4629AE488A12D18EFFAD486D2F95545049AB1F6A3248BA44D2132EEC9A653 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
12:03:44.0591 0x0bb8  usbprint - ok
12:03:44.0604 0x0bb8  [ 99F0738B320B7A8D11351A32F68AA5F1, DAA887C31E3F56245C15F04044C12B6E832FA7E837F4107376A6F8D8E3A99FEC ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
12:03:44.0606 0x0bb8  usbser - ok
12:03:44.0627 0x0bb8  [ 67E26F56CF7EACCBD9C9F75343A3D7C2, 210FA280897CCCB2458E9E683A8B4CA8A5DF9606B54F8B9CE05CA4AA6FD810AB ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
12:03:44.0630 0x0bb8  USBSTOR - ok
12:03:44.0646 0x0bb8  [ 7BA802C9F73A84B75BB22538ADA495BE, 7D97E6305168C4CA86AB9BD5B63300156DFE97032251CB83DB1D4C4DB9C28DC8 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
12:03:44.0647 0x0bb8  usbuhci - ok
12:03:44.0688 0x0bb8  [ 50E70B3A95138AA4A30B095270EE0DE6, 9B7072C36230102A089C4A6DFE1980CD9DB28E566EF02830600DEBAF3AAD31C7 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
12:03:44.0697 0x0bb8  USBXHCI - ok
12:03:44.0778 0x0bb8  [ 3156FFFB2B3BF5375814F777D343AD9F, C4E63043EB9D9227CDD487608AF9BA25C755D85E5FF8E63C2079D68CCC79E4BB ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
12:03:44.0815 0x0bb8  UserDataSvc - ok
12:03:44.0893 0x0bb8  [ C0E60CC6D48013728C7E4168D61A0B39, CA283312E9669BCC74A3B5E6332502D1CAA7148C049B94AF3996F3C7CD2676EF ] UserManager     C:\WINDOWS\System32\usermgr.dll
12:03:44.0914 0x0bb8  UserManager - ok
12:03:44.0970 0x0bb8  [ 65D70A530105E0576641493D6292C9EA, 1059285060E700449C6BB99DB0E5E4FF4A32215323F45C11DA7617785F073276 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
12:03:44.0986 0x0bb8  UsoSvc - ok
12:03:45.0001 0x0bb8  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] VaultSvc        C:\WINDOWS\system32\lsass.exe
12:03:45.0004 0x0bb8  VaultSvc - ok
12:03:45.0017 0x0bb8  [ C1EC9211C7759D2487FD30934AA3EE96, 6914BB8B44550DFE75E5A3772E93ADF8459EB621CA400BDD9B7E3185A09B6F9A ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
12:03:45.0019 0x0bb8  vdrvroot - ok
12:03:45.0063 0x0bb8  [ 374CD93271184F04988FDC1C25B3E855, 09727093C5F7B258867C16D41F7F9835BF549CC339288BFE01A8F34AC7E93E23 ] vds             C:\WINDOWS\System32\vds.exe
12:03:45.0080 0x0bb8  vds - ok
12:03:45.0100 0x0bb8  [ C83F3BC00651448DB127D497CF955089, 31B8838CEED08E7D5DD8635A805A8010798BD9B10A3775FAFDB576FBD7303D39 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
12:03:45.0105 0x0bb8  VerifierExt - ok
12:03:45.0160 0x0bb8  [ 0E12F5F6B1C813D17AFDA197C4394423, B0AFDFE0E12633C6D984DA366197BE09ED2649BAFF525FA0DE84701E5B335DB9 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
12:03:45.0177 0x0bb8  vhdmp - ok
12:03:45.0204 0x0bb8  [ 1AD096A5C00E522398D0092D875A8CB6, 6959FCD6DD2115CD293DBD4BCD6D1BA0AE4F7495A9BBB48F7388384EEABB38E9 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
12:03:45.0206 0x0bb8  vhf - ok
12:03:45.0248 0x0bb8  [ FF9E47752DE943B35D00E5BC96BDC714, 953A14637E310E27BDBD46B3A711875DBE0963AF185A523BC7E002427EA0E710 ] vm331avs        C:\WINDOWS\System32\Drivers\vm331avs.sys
12:03:45.0262 0x0bb8  vm331avs - ok
12:03:45.0285 0x0bb8  [ EE9A22CFD9AEDD7B52F98B0272494609, F668131BABD048857F011A471936B52EDF0F2A42CB6000ACB4E0E43F88782AAD ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
12:03:45.0288 0x0bb8  vmbus - ok
12:03:45.0297 0x0bb8  [ BFBD0895926FD98A03AD6BB845B569B7, 5B7913ACD6CC132B2F36B079BC5F897C21884A7F21046B8996CC3D74C4B6DA4C ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
12:03:45.0298 0x0bb8  VMBusHID - ok
12:03:45.0317 0x0bb8  [ C123C97D351C56C75FE5335AB18255EE, 67315E332E863E5C233BA113826A5DEEE08C1A0A3358E6AC21F25DC5EAC86D07 ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
12:03:45.0319 0x0bb8  vmgid - ok
12:03:45.0354 0x0bb8  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
12:03:45.0361 0x0bb8  vmicguestinterface - ok
12:03:45.0373 0x0bb8  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
12:03:45.0380 0x0bb8  vmicheartbeat - ok
12:03:45.0392 0x0bb8  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
12:03:45.0399 0x0bb8  vmickvpexchange - ok
12:03:45.0420 0x0bb8  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
12:03:45.0428 0x0bb8  vmicrdv - ok
12:03:45.0441 0x0bb8  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
12:03:45.0448 0x0bb8  vmicshutdown - ok
12:03:45.0459 0x0bb8  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
12:03:45.0466 0x0bb8  vmictimesync - ok
12:03:45.0479 0x0bb8  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
12:03:45.0486 0x0bb8  vmicvmsession - ok
12:03:45.0500 0x0bb8  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
12:03:45.0508 0x0bb8  vmicvss - ok
12:03:45.0531 0x0bb8  [ 0AB9C264F13E2A070A8CF10EDD099ED2, 2E7EB4EE8DCBBCA497CC0E7F4BE057627E9702B6FAF56A7DBCA1325236C880EC ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
12:03:45.0534 0x0bb8  volmgr - ok
12:03:45.0549 0x0bb8  [ 6EE608257C1137A25B402EF8FC77E83A, 3AE684EBA32563468AD917155C93220F938460A699FBFC3DB8436F83C0C54209 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
12:03:45.0558 0x0bb8  volmgrx - ok
12:03:45.0576 0x0bb8  [ E3429DBBEA3965BB96E24B16EF4A2551, 0CEE2DEF75C6761DA67AFD3BBF8DEEB1331796719EB84D658B3E517DEC824B49 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
12:03:45.0585 0x0bb8  volsnap - ok
12:03:45.0591 0x0bb8  [ 86E790B503C771E674C7DF8FFCBFEFDB, 634B27C4FA363A2165D3D6929D3B22F41EE06198C579A70D446A48830924467B ] volume          C:\WINDOWS\system32\drivers\volume.sys
12:03:45.0592 0x0bb8  volume - ok
12:03:45.0627 0x0bb8  [ B25589A0892E6DF8CC07E5CB48BFC954, DA29974426EFD4472A3828FA0EF31AD3860AA8068AB66B5F4BE6A412BC3E73E9 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
12:03:45.0629 0x0bb8  vpci - ok
12:03:45.0650 0x0bb8  [ AA4466A47D2CA7ECE3DCF5256017DCC3, 83414BFBD3DF1CB7417F0F55709E8180D97FA20A74581C34EAAFF667FBEBFD93 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
12:03:45.0654 0x0bb8  vsmraid - ok
12:03:45.0746 0x0bb8  [ 0BB73BF6FDDD19DE3DE9377EA95E4C64, 74B6E612F9E009A5E43B603BCAD854F3711F6C8A7ED0328B1E3A9B2D4C9EA342 ] VSS             C:\WINDOWS\system32\vssvc.exe
12:03:45.0781 0x0bb8  VSS - ok
12:03:45.0802 0x0bb8  [ 98BB6C9AD39D8F2E883093F28282FAEC, 63F4036A1DB23C20AAEEC1CA8ABDE9B46FA09A55EA4E5DB0C0B5D6D58ABAD62F ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
12:03:45.0810 0x0bb8  VSTXRAID - ok
12:03:45.0821 0x0bb8  [ B47026E109828102266CBE2F5F9AD113, 28C76B34C48BACEA267A208CC758BB55539323B16300E869AE71B6A99A849AB5 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
12:03:45.0822 0x0bb8  vwifibus - ok
12:03:45.0843 0x0bb8  [ 799ECD541A9B2764B36A22A095885365, E255E74682927D662294AA3F88FDA211EEE603466EB264E8941C3BACC6A0E530 ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
12:03:45.0845 0x0bb8  vwififlt - ok
12:03:45.0855 0x0bb8  [ 82CA088A33517D1C8571D6850CC13D7E, 0401A08EAF36DB393B74FE8693C60F62EDE10BBC9300C76812C7D01B6AE9A051 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
12:03:45.0857 0x0bb8  vwifimp - ok
12:03:45.0919 0x0bb8  [ E75460AC4E936BFC0703021DB0BB17B8, D9985C3206B503659FD2F4EE7FD0B9AF8CB2DE821BFD68B13C9E3BD9CE5AEF6B ] W32Time         C:\WINDOWS\system32\w32time.dll
12:03:45.0944 0x0bb8  W32Time - ok
12:03:45.0975 0x0bb8  [ F0F477541F7AF67CC05DA1CF4921A500, F7DD2F49B61C484596DE3893683B1172A138386BD71F54BFCF37A31005C7368F ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
12:03:45.0977 0x0bb8  WacomPen - ok
12:03:46.0010 0x0bb8  [ A0957CBC1C054A87EE7A65A994102A96, CB6339F3F67D0E33C26E6756F88869574B84426B20C907E094F83B9DC5E36A3E ] WalletService   C:\WINDOWS\system32\WalletService.dll
12:03:46.0022 0x0bb8  WalletService - ok
12:03:46.0038 0x0bb8  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:03:46.0041 0x0bb8  wanarp - ok
12:03:46.0047 0x0bb8  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:03:46.0049 0x0bb8  wanarpv6 - ok
12:03:46.0119 0x0bb8  [ EA0524A2A01792796EC80AE2FE08307A, 68CC0F3451C6797222411C276376C7741C96C45E628DD77FB1FB17C10DC0EA8A ] wbengine        C:\WINDOWS\system32\wbengine.exe
12:03:46.0154 0x0bb8  wbengine - ok
12:03:46.0232 0x0bb8  [ 39A0B8DD517E3CBF0A6EED5A12BB182F, A25E7D3DC4DF9D0439627CFA0C4AD2292FDF29F4EFC832AEA5A2F774766F76D7 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
12:03:46.0255 0x0bb8  WbioSrvc - ok
12:03:46.0290 0x0bb8  [ 923200B78F5284D674A3712204D0FEFA, 4B00785D2E9D12052C2C8E80C568606E0148AA230285D4018A0A603E16224CEE ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
12:03:46.0294 0x0bb8  wcifs - ok
12:03:46.0361 0x0bb8  [ 9DDD15FCE0BE61F25C20CC7E2A96B77C, 072E6B3D86CD4F4A55305986E3848A47B7E8000FF5AEFE8A206FD4F7BE958872 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
12:03:46.0381 0x0bb8  Wcmsvc - ok
12:03:46.0422 0x0bb8  [ 2C396871F724DDF871A2EF4CADE5151D, 8CAD8A393F0CC447432E1BED21A691E25356F7DBC06E3887138A6F86CB1D656D ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
12:03:46.0435 0x0bb8  wcncsvc - ok
12:03:46.0450 0x0bb8  [ 1737BEF60CA384423CE4B32AF1C2BFFC, D61353D3B2EAEDFDCBB5DB3AD27E76396CC7755AFF01233307EAA1967493DE63 ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
12:03:46.0452 0x0bb8  wcnfs - ok
12:03:46.0471 0x0bb8  [ 38130C1C5FE0E08820EE57E1B087B659, 3705AA4699D4C402C0BBC5BC4E1EE67CB4A4B9C27702E88952A76891C3A3F496 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
12:03:46.0473 0x0bb8  WdBoot - ok
12:03:46.0543 0x0bb8  [ 0C6CBF3490EE5F0D62B5820568CA30B8, 97EDEC84DA72A900D7740B8763DDDAB600628F3F1E1DDE1212383C2E60FDC77C ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
12:03:46.0563 0x0bb8  Wdf01000 - ok
12:03:46.0614 0x0bb8  [ F7B6CB0F9ECD28848E2BDACEAB0D9204, B64D91A36600AEBE656F0514AF8653C294DE88054FE6DBB7B1A6D0A23D2A5131 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
12:03:46.0628 0x0bb8  WdFilter - ok
12:03:46.0636 0x0bb8  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
12:03:46.0641 0x0bb8  WdiServiceHost - ok
12:03:46.0647 0x0bb8  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
12:03:46.0652 0x0bb8  WdiSystemHost - ok
12:03:46.0719 0x0bb8  [ BF45B43BA47D0FA769CE5AFBF7104F01, CBEEC0E915162BEBFCD2CA9EF72C02E82AFAB2A016F1750A7982975A94599CF6 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
12:03:46.0736 0x0bb8  wdiwifi - ok
12:03:46.0751 0x0bb8  [ 82A4F22C884B4BAE8B531640859F9871, 1C662557F671FA680E7CC2FC565B198470E421778BD03749CD05B2928568C430 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
12:03:46.0755 0x0bb8  WdNisDrv - ok
12:03:46.0787 0x0bb8  WdNisSvc - ok
12:03:46.0815 0x0bb8  [ 9066FE8EAB91E15437CB3C43757F2A65, 1F8B3D8C90C7862CCAB91D170F49E7F1D58FABAFA1C8DDDE1796404D1DD98707 ] WebClient       C:\WINDOWS\System32\webclnt.dll
12:03:46.0823 0x0bb8  WebClient - ok
12:03:46.0839 0x0bb8  [ F322B8E6C5614E7975C8BF34B7A6710E, 299816001856E8C91BFBB9C48D87B7ACBD5A39F6A65147F5AE6EDB3065A893E9 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
12:03:46.0846 0x0bb8  Wecsvc - ok
12:03:46.0858 0x0bb8  [ 04CA184EB5743DE5A2CCEEF2DB2DA8B3, E16921496F57B78A152A103F8D58601C9687360048A6CB51E76A96E3B64CC0FA ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
12:03:46.0861 0x0bb8  WEPHOSTSVC - ok
12:03:46.0889 0x0bb8  [ 0941A50663B7F3BAB62687AC0E03A31B, 8AA98C22332217B3996028461747B88274D49B246FA432DB7B7C169527C75D14 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
12:03:46.0894 0x0bb8  wercplsupport - ok
12:03:46.0927 0x0bb8  [ 8DF4E4631338E8EE7CCDF7D6DC55D3A8, 043D0AF7FD1073603D8586E0BE9646FE3E8679A317AC18845811856A6E5027E1 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
12:03:46.0934 0x0bb8  WerSvc - ok
12:03:46.0988 0x0bb8  [ 4D64719B4819CA22A046EC32809BBD98, 0ABD6C7D039E57F5637E843388FA8D52072237061EB75C7CDEBC9E13A6C8F06E ] WFDSConMgrSvc   C:\WINDOWS\System32\wfdsconmgrsvc.dll
12:03:47.0002 0x0bb8  WFDSConMgrSvc - ok
12:03:47.0034 0x0bb8  [ 3C8F0ABD00E197101DCF43FEF8FB0D76, AF5C68B85EE1503ACD4AEA1D997F816C34293A77791D59A605DC18450B4906DE ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
12:03:47.0039 0x0bb8  WFPLWFS - ok
12:03:47.0072 0x0bb8  [ 2DEB40D6837956CE08A8F9EB3ECA5A01, B40D23E54CDF6BE05D6C5DA536BF6D998E79EDE9C391A42452F9F69EE206EA1E ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
12:03:47.0076 0x0bb8  WiaRpc - ok
12:03:47.0109 0x0bb8  [ 75014BF6510D4C6C69EEE5B7743A52AF, 11AEEF4D52C35E5A7006713836ECF1198A53CD02736E792B1C698144CA1363F0 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
12:03:47.0111 0x0bb8  WIMMount - ok
12:03:47.0114 0x0bb8  WinDefend - ok
12:03:47.0139 0x0bb8  [ C8EBCFED8FD2CDF725E44AF93016621E, A0B76E55CC535A0F1D79C3C0EC59753086EAB669EC7ADA4F97656DCAD2A69448 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
12:03:47.0141 0x0bb8  WindowsTrustedRT - ok
12:03:47.0154 0x0bb8  [ D318557F9D7CA3836104F0B8ECB1F32E, 6850BBFB4F65167B052F3CA22FD72E9188A14FD2A9CC085861B4BC40CBA34249 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
12:03:47.0156 0x0bb8  WindowsTrustedRTProxy - ok
12:03:47.0207 0x0bb8  [ 61F0D6574577499FB43D9F4870B08A7F, 757ACD4F292C43B04B6428D84A7147DE8E565716D94B6B02F288F3B5E2D1C135 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
12:03:47.0228 0x0bb8  WinHttpAutoProxySvc - ok
12:03:47.0249 0x0bb8  [ 31DDF1D001336B2DCE7DF24E99EF1D04, A1FCABF4A263BFAE042FE7A9F6C15FD9B3D8E985278C32AE8975ECE79B341277 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
12:03:47.0250 0x0bb8  WinMad - ok
12:03:47.0303 0x0bb8  [ 9A26F7834706A6D8C8824EB08FD7C362, 750F6A0759D70BE481C70FE4BB21D18E756A8F0C23A014C2CE1E7729A1E625FE ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
12:03:47.0309 0x0bb8  Winmgmt - ok
12:03:47.0349 0x0bb8  [ 2E1A614EFB0523E20860AE7978DDA0A4, E13564690F9977747CA676D3843B467506447F060A5FF6676835A9C7A30BA409 ] WinNat          C:\WINDOWS\system32\drivers\winnat.sys
12:03:47.0354 0x0bb8  WinNat - ok
12:03:47.0484 0x0bb8  [ 27DAA9AA3E03C1068678D5659461BB32, AFDED6D671C430F296C9EAA73590111D6A8A9FA93DFE0595B90467FFE28EFB35 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
12:03:47.0548 0x0bb8  WinRM - ok
12:03:47.0569 0x0bb8  [ 03858B18BB6DF6A400D9FC5153FD28A8, C7AD69B022AEFDDDAFB74CCCDF20AF9CCDBA0097634BBBD07A2EFBA5922560C1 ] WINUSB          C:\WINDOWS\System32\drivers\WinUsb.sys
12:03:47.0572 0x0bb8  WINUSB - ok
12:03:47.0603 0x0bb8  [ 0BF4A43CF1F3A4D50AFA4561C3B4628D, 2D0B4E7004C8AC8A9EE07E6D5241BF32395CA142BF3B03FA9CF00BC6720A6AC7 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
12:03:47.0605 0x0bb8  WinVerbs - ok
12:03:47.0658 0x0bb8  [ 2E15586B76465941D1DEE75625B9484E, 609E6BEAFF340A403F50A20D1609D3A8A2C990234064DD154A08C737DE3E0907 ] wisvc           C:\WINDOWS\system32\flightsettings.dll
12:03:47.0675 0x0bb8  wisvc - ok
12:03:47.0778 0x0bb8  [ E624376E7E7D9AC203113140D9E618A2, 3553D343665194492E38B8C437DE429CEAC135D69EC0CB951BA3E3A7549F673E ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
12:03:47.0832 0x0bb8  WlanSvc - ok
12:03:47.0912 0x0bb8  [ 2393C4DB3DF3D19B0B920AD607098E79, D632671247DE3808D9C5B36A3FF173C86BB3AD274D03C851BCD417CE62B3820D ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
12:03:47.0960 0x0bb8  wlidsvc - ok
12:03:48.0028 0x0bb8  [ 24A624FC6DED20C3B7980BD71D6540D7, A1564B903E2B54106E6665B212E4F8E1A90B2B6CB966F5E965BA5602A801B7D3 ] wlpasvc         C:\WINDOWS\System32\lpasvc.dll
12:03:48.0057 0x0bb8  wlpasvc - ok
12:03:48.0076 0x0bb8  [ 0D6E1347A891607759340B1E55BA2A77, 033DF14920A581FE7E21C6930280AE159B5634F2FEAF79423E8D0B7D46500048 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
12:03:48.0077 0x0bb8  WmiAcpi - ok
12:03:48.0124 0x0bb8  [ F7B122E8A238354DE344B77216E8D9AC, 3C4F864655CFF786B33333E643AA929B2D2B01ECD56EEEEADE7CEAB38249DA3B ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
12:03:48.0132 0x0bb8  wmiApSrv - ok
12:03:48.0162 0x0bb8  WMPNetworkSvc - ok
12:03:48.0185 0x0bb8  [ 1AE1076034392218EE89D2744EC2A071, 695C28E2697B12BBD919687176CE082E94887A5D8B6229F163A26F6EDF401C4C ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
12:03:48.0193 0x0bb8  Wof - ok
12:03:48.0274 0x0bb8  [ 5D9A8A2BB555B743334A096C5B1774E2, 660136C1E8D6CA1F7BD1AE0EC4E28B65527BFE69339589A8E3017EFE2BBDC41C ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
12:03:48.0316 0x0bb8  workfolderssvc - ok
12:03:48.0341 0x0bb8  [ 2AD9CC8445F0E1A8900A9DE123643CD2, A5928B26722DFBB201A32DEF48B25D4BF291815EA68CF50CBE79EEA9260A71E3 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
12:03:48.0345 0x0bb8  WPDBusEnum - ok
12:03:48.0373 0x0bb8  [ 1FD80CBB192A20375F3664639DEB57B5, 7A4789D4B2F8E289726E1C723DC00D5AC1F8C5E00FB2879C9D0E6DDC97D2B1A6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
12:03:48.0375 0x0bb8  WpdUpFltr - ok
12:03:48.0405 0x0bb8  [ 3369EF007E43B88EAC8F1789B43D4393, 347F9F7DF980BB739895EDFE72E2E595EF56634330DC63DAA36403AB232B5B5A ] WpnService      C:\WINDOWS\system32\WpnService.dll
12:03:48.0415 0x0bb8  WpnService - ok
12:03:48.0433 0x0bb8  [ 41403B9466EDA80FACD7713478A56DF8, A71BF9C7A2483FE1F660AC9688FCB38BA2310F16A69EB117C948458364953F34 ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
12:03:48.0437 0x0bb8  WpnUserService - ok
12:03:48.0474 0x0bb8  [ DAF4451760B46CB383D287C4FAFFE97D, 658AFE31EF50E934FEDD2E7048257DBFE9E6DE5F1ACDC658B21737391CF1CC5A ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
12:03:48.0475 0x0bb8  ws2ifsl - ok
12:03:48.0492 0x0bb8  [ D4A0661AB0FE542460CA76BFB4FAA2D6, 149F0A0720C47BFFCA68165A46382E5CBB273F48483DBB598CEA320801664718 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
12:03:48.0499 0x0bb8  wscsvc - ok
12:03:48.0504 0x0bb8  WSearch - ok
12:03:48.0611 0x0bb8  [ E1E58C86AE73A95329696C675D8C03E6, EF1497AFA6C472EB6C0C0806F1A82B814FB4E9CDF441C155AEC95735384DF878 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
12:03:48.0666 0x0bb8  wuauserv - ok
12:03:48.0725 0x0bb8  [ 455609BF60DA3B57EEAB863DEFCCF14D, F55271C42B7AFD17D01275703719C1F52C21996DB82AC78A70A8A8B62370623B ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
12:03:48.0727 0x0bb8  WudfPf - ok
12:03:48.0742 0x0bb8  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
12:03:48.0748 0x0bb8  WUDFRd - ok
12:03:48.0762 0x0bb8  [ 9EFE23CA208BF4B613FF4A6028DFAB10, 483D8D8DA578BF3EA5617EAB42457543EC6F97C1977BDD8ABFDF854AE3AAFD35 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
12:03:48.0767 0x0bb8  wudfsvc - ok
12:03:48.0810 0x0bb8  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys
12:03:48.0817 0x0bb8  WUDFWpdMtp - ok
12:03:48.0886 0x0bb8  [ 46D90B7476CDB119C548D970EF271D34, 0C47D8AB80CF55CC10747DFFB65CED1713160BE3AB1DAED234E9BBADACCBD6D5 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
12:03:48.0920 0x0bb8  WwanSvc - ok
12:03:48.0955 0x0bb8  [ FC0147AB34C7CDB2D8A1B29C207F2CD1, 737D40A4BE35AD13C091D8E320FAD3FD7C0C7E41C8B50E48D3C2151712A55718 ] xbgm            C:\WINDOWS\System32\xbgmsvc.dll
12:03:48.0964 0x0bb8  xbgm - ok
12:03:49.0009 0x0bb8  [ 7FE60B52DD841ED374285B7ED9210222, 0F7743A5A9289E47EE07477313083CE07B46F1C9C5CF83130303A7BAB2F3842B ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
12:03:49.0033 0x0bb8  XblAuthManager - ok
12:03:49.0088 0x0bb8  [ A8BD191F46CC58E45637CB3E262CF0F2, CA65524427ECDB5E1138A5F8E885566064E507BA60FC31E0D9D17B9556CC9ADC ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
12:03:49.0115 0x0bb8  XblGameSave - ok
12:03:49.0159 0x0bb8  [ B10655A4C2EFDC25483D670EF52A4854, 2D9DC81AE73FDFE7F4E395BEC8E806E6BAD8DE0470027EEEC256AC4A4B7C7AA4 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
12:03:49.0166 0x0bb8  xboxgip - ok
12:03:49.0186 0x0bb8  [ E099DED5C602AE4A7ECCF7CD4B1D2E33, 7FDAFFE13B87A8E6AA8721F8905FFF6EF04CAB93009F68EDA862B57EBB04514F ] XboxGipSvc      C:\WINDOWS\System32\XboxGipSvc.dll
12:03:49.0190 0x0bb8  XboxGipSvc - ok
12:03:49.0253 0x0bb8  [ EF83C2EF7F152DFDC6D9F1AEC6FBE66F, 21D4FCD12F9D40D066F05936131A4F7BAB301DD800C85921476EC182B9D27D0B ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
12:03:49.0279 0x0bb8  XboxNetApiSvc - ok
12:03:49.0311 0x0bb8  [ 2E50A379A8E4F6C5D85E87C26C08D329, ADA0C344FE58A3772FFF7417268160E488741C5B2F08CA12ED587AB7F75756F6 ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
12:03:49.0313 0x0bb8  xinputhid - ok
12:03:49.0339 0x0bb8  [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21          C:\WINDOWS\System32\drivers\xusb21.sys
12:03:49.0342 0x0bb8  xusb21 - ok
12:03:49.0343 0x0bb8  ================ Scan global ===============================
12:03:49.0387 0x0bb8  [ EEA8447A2E39A39F66C74BA66C421F92, 7FFC5294E0D0438E7450ED36947AB04D0C84DF4E1C9F2D49340D3BA586FFFAB2 ] C:\WINDOWS\system32\basesrv.dll
12:03:49.0415 0x0bb8  [ 961599D817655AB85646C7D56684D2B0, 1614D9EE8F02B8253EF54F26B5EE631FF17ED6504713625DBD3554257C7C50F4 ] C:\WINDOWS\system32\winsrv.dll
12:03:49.0443 0x0bb8  [ 7DD72CBE412C9567661F4B1CE9631FC1, 8D914805CBDAF448C8C132C4C3FEB1D90804F4F485180F7364A75EC5655A4DDB ] C:\WINDOWS\system32\sxssrv.dll
12:03:49.0477 0x0bb8  [ C81F9707DEA008EED4071B5A39B7C76E, 47FFEF27A479ED6B325B22296B6853D7E57B53E8E712824F3881E510D5C93667 ] C:\WINDOWS\system32\services.exe
12:03:49.0491 0x0bb8  [ Global ] - ok
12:03:49.0492 0x0bb8  ================ Scan MBR ==================================
12:03:49.0496 0x0bb8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
12:03:49.0508 0x0bb8  \Device\Harddisk0\DR0 - ok
12:03:49.0522 0x0bb8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
12:03:49.0528 0x0bb8  \Device\Harddisk1\DR1 - ok
12:03:49.0529 0x0bb8  ================ Scan VBR ==================================
12:03:49.0532 0x0bb8  [ 33AF541345FCC03A6CF6B6BAD5CC5BC5 ] \Device\Harddisk0\DR0\Partition1
12:03:49.0532 0x0bb8  \Device\Harddisk0\DR0\Partition1 - ok
12:03:49.0536 0x0bb8  [ 104AC3587DAE7825C1FA107F5653A1B7 ] \Device\Harddisk0\DR0\Partition2
12:03:49.0537 0x0bb8  \Device\Harddisk0\DR0\Partition2 - ok
12:03:49.0552 0x0bb8  [ 63362A55D73D68B1BE5139508A01B07C ] \Device\Harddisk1\DR1\Partition1
12:03:49.0555 0x0bb8  \Device\Harddisk1\DR1\Partition1 - ok
12:03:49.0564 0x0bb8  [ 85D5F85DC7E80E7527B44A88B460F6C5 ] \Device\Harddisk1\DR1\Partition2
12:03:49.0564 0x0bb8  \Device\Harddisk1\DR1\Partition2 - ok
12:03:49.0571 0x0bb8  [ B208563621391F6F3421D7B04C1759D2 ] \Device\Harddisk1\DR1\Partition3
12:03:49.0573 0x0bb8  \Device\Harddisk1\DR1\Partition3 - ok
12:03:49.0579 0x0bb8  [ B2074CCE40FDB33A78082D74A346EAEC ] \Device\Harddisk1\DR1\Partition4
12:03:49.0582 0x0bb8  \Device\Harddisk1\DR1\Partition4 - ok
12:03:49.0606 0x0bb8  [ DB02CDB36CF742D697E76887A3D994E9 ] \Device\Harddisk1\DR1\Partition5
12:03:49.0609 0x0bb8  \Device\Harddisk1\DR1\Partition5 - ok
12:03:49.0621 0x0bb8  [ A5E893D4D33E15D5E9FC0D3F1FDB9215 ] \Device\Harddisk1\DR1\Partition6
12:03:49.0625 0x0bb8  \Device\Harddisk1\DR1\Partition6 - ok
12:03:49.0625 0x0bb8  ================ Scan generic autorun ======================
12:03:49.0626 0x0bb8  SecurityHealth - ok
12:03:49.0628 0x0bb8  SynTPEnh - ok
12:03:49.0660 0x0bb8  [ 69D50F8B1A5C1DCA66F5FA5A267B44E1, 4C74ED8A8E1FAAD8C5572B3D2260E0F3B2AE379BF1D697DA586D64E23A4B272C ] D:\360\Total Security\safemon\360Tray.exe
12:03:49.0667 0x0bb8  QHSafeTray - ok
12:03:49.0789 0x0bb8  [ 7B8AE5A341FF30BA7204A17F75BF332F, 799CEF54795902036F794DA8D9EB0903B3E0156BB122AB08E7A79E69B910C2E3 ] C:\Users\hoppe\AppData\Local\Temp\37c4c8ff1aa4da97e2cc0ad122e96803_remove360vpn.bat
12:03:49.0790 0x0bb8  360vpnuninst_37c4c8ff1aa4da97e2cc0ad122e96803 - ok
12:03:50.0509 0x0bb8  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
12:03:51.0134 0x0bb8  OneDriveSetup - ok
12:03:51.0803 0x0bb8  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
12:03:52.0224 0x0bb8  OneDriveSetup - ok
12:03:52.0941 0x0bb8  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
12:03:53.0367 0x0bb8  OneDriveSetup - ok
12:03:53.0502 0x0bb8  [ 9203CEE59C720D1D4BB9A97E4DE4152D, 55743BBED85C3EDB764F30648F23951FE8C76FC4984216596306F4E453D0CCB5 ] C:\Program Files (x86)\Windows Mail\wab.exe
12:03:53.0516 0x0bb8  WAB Migrate - ok
12:03:53.0517 0x0bb8  Waiting for KSN requests completion. In queue: 232
12:03:54.0677 0x0bb8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.11.15063.332 ), 0x60100 ( disabled : updated )
12:03:54.0681 0x0bb8  AV detected via SS2: 360 Total Security, D:\360\Total Security\safemon\QHSafeTray.exe ( 9.2.0.1006 ), 0x51000 ( enabled : updated )
12:03:54.0764 0x0bb8  Win FW state via NFP2: enabled ( trusted )
12:03:54.0908 0x0bb8  ============================================================
12:03:54.0908 0x0bb8  Scan finished
12:03:54.0909 0x0bb8  ============================================================
12:03:54.0935 0x1c38  Detected object count: 0
12:03:54.0935 0x1c38  Actual detected object count: 0
12:04:52.0069 0x0948  ============================================================
12:04:52.0069 0x0948  Scan started
12:04:52.0069 0x0948  Mode: Manual; SigCheck; TDLFS; 
12:04:52.0069 0x0948  ============================================================
12:04:52.0069 0x0948  KSN ping started
12:04:52.0117 0x0948  KSN ping finished: true
12:04:53.0218 0x0948  ================ Scan system memory ========================
12:04:53.0218 0x0948  System memory - ok
12:04:53.0223 0x0948  ================ Scan services =============================
12:04:53.0395 0x0948  [ AAB860A5E606B9621E130D8C29D3F305, 93466620433B27F3BCFECDA26DD420AD1E5219034BA3B4E930EDED6D6728AE5C ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
12:04:53.0479 0x0948  1394ohci - ok
12:04:53.0509 0x0948  [ 86C58DFAD3663061DB053AF86F30619E, DD15CEFD09138C4597CE3F198469FEC2BFA68AD02771FD84CF83A02204D43FE9 ] 360AntiHacker   C:\WINDOWS\system32\Drivers\360AntiHacker64.sys
12:04:53.0534 0x0948  360AntiHacker - ok
12:04:53.0557 0x0948  [ A97716E2D5238E451128908952FFD27E, 078CEBCE0BFFD98AB5E9EA833D55C0D00BC541B4D6358C2E53C2EF27324A1C53 ] 360AvFlt        C:\WINDOWS\system32\DRIVERS\360AvFlt.sys
12:04:53.0571 0x0948  360AvFlt - ok
12:04:53.0609 0x0948  [ AD6E28C62138DF9A5DD514B5B4353CBE, AB67A2D042B92878BED0EA516C6BF5BE4DCC3DC4AC6AD8E31A45D7FC82A9A1A9 ] 360Box64        C:\WINDOWS\system32\DRIVERS\360Box64.sys
12:04:53.0630 0x0948  360Box64 - ok
12:04:53.0640 0x0948  [ 9C0515172F5DDC7313604E40822B21E1, C60FBBF05E63A72D9DF67A633B8AB831DEB2F125549921BED8E662A4BB0BA428 ] 360Camera       C:\WINDOWS\system32\Drivers\360Camera64.sys
12:04:53.0654 0x0948  360Camera - ok
12:04:53.0692 0x0948  [ C76E1DB033557C6196B1321DFE0F1FEF, CAA14F7D000FA7CC0678DF367F67513571F44950513B40A111B82B76263DA7A3 ] 360FsFlt        C:\WINDOWS\system32\DRIVERS\360FsFlt.sys
12:04:53.0715 0x0948  360FsFlt - ok
12:04:53.0744 0x0948  [ 4140B14929C555E9513D59A2EEB5C471, 39A8400B3AA7FB1D8EBE87E65F89881AB23B6AE911BECAEC1FD86C7DADD4F1AA ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
12:04:53.0763 0x0948  3ware - ok
12:04:53.0811 0x0948  [ AC251B31370C1E00F577928260B8939F, D60946F1C43A8C2B9C989A1E259FDA44055F94766615F344CF8E28A7F104BC70 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
12:04:53.0849 0x0948  ACPI - ok
12:04:53.0869 0x0948  [ 3E5E5DAE5CAEC0209C93D3AD8128D8A0, 5CFA4D715AE8D928EA11F213C5A7B0B1C1705D2A8FF041E0A1988E645E669C54 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
12:04:53.0889 0x0948  AcpiDev - ok
12:04:53.0905 0x0948  [ F72D7CC7E7A97A09757313F3B4C7E17A, 36E3363380C51A2DB58D3177655A0A75DAA977C00C5A9C60A189068C0AFDC643 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
12:04:53.0924 0x0948  acpiex - ok
12:04:53.0937 0x0948  [ F04B6F53FBDB2B6B0451AE53DE19F0C9, 41A8C314A46867BAA45CD9666AAF734AD45B74E2033A8E66D93E17CDDAD66578 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
12:04:53.0957 0x0948  acpipagr - ok
12:04:53.0987 0x0948  [ C347A6095F3BE417D24F1E1349F4AF0F, 72C9D759BB132985AF55860658DC01F08590A2BD7E976FCF25E1314C5AA1D37B ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
12:04:54.0005 0x0948  AcpiPmi - ok
12:04:54.0020 0x0948  [ 686BFFC47454DD2F58795C2EE891CA9F, 6CC4B6679914742D700A8373DED2DD9A821CA5284D4D73493BA0855DB8E6520A ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
12:04:54.0039 0x0948  acpitime - ok
12:04:54.0073 0x0948  [ E13DE7CD2B62254DD4FF658B7798A37D, 9FCCC90DEF6BE83F8C41D4552D235A7BB5534954D2E7CB7B1C336A31FCCAB3AD ] ACPIVPC         C:\WINDOWS\System32\drivers\AcpiVpc.sys
12:04:54.0086 0x0948  ACPIVPC - ok
12:04:54.0186 0x0948  [ FAE473043FC45F5A8CAECBA72BFD865A, BDC4A581909F2027C5851ECA911154677BEBFC938E5F57534BDD4C3D6E8D9DED ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:04:54.0225 0x0948  AdobeFlashPlayerUpdateSvc - ok
12:04:54.0295 0x0948  [ FBDA59118E59B3722248C66BAD89CAA9, 11AB83499757E3143834348DE39E85D56EC853071C96337C3ADD8A1E374C6CBC ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
12:04:54.0348 0x0948  ADP80XX - ok
12:04:54.0387 0x0948  [ AC1928C2F7505BD556C552F153B062AB, B48EA30F76DEA57868CA74CC775DD60257021A3DE10CE101B8BEFA1CE9D22CF4 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
12:04:54.0424 0x0948  AFD - ok
12:04:54.0459 0x0948  [ 1D914C996F2C3134E2344BB74F79BCF6, D27AF01BA29784555AF7D2E89A3A65E81D6AFE1D3C7E8F9367F06D9DF5F88069 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
12:04:54.0496 0x0948  ahcache - ok
12:04:54.0533 0x0948  [ 41856B40EE15F96DEC8755AB01FA3CF7, 33C3C899AF9CA15BE5A4CF097FF43DF3F0DBA0E48B6F1E28AE3E76AD76A1C361 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
12:04:54.0556 0x0948  AJRouter - ok
12:04:54.0590 0x0948  [ F485CA5559DB37A4882467A4F7D58BEA, A1C648EFE12A5A3356BC0949372ADD0FF0CA2F5A8F992EB71C87E9C0D5C92BB2 ] ALG             C:\WINDOWS\System32\alg.exe
12:04:54.0613 0x0948  ALG - ok
12:04:54.0634 0x0948  [ 9C39FBA94FFEF04561D13ED0D1B50DD0, 53FA118DEF37F0BA6030B9CB4C17019E6B5934941514756D66143B7BB66D7CA1 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
12:04:54.0663 0x0948  AmdK8 - ok
12:04:54.0682 0x0948  [ 395D56FA2E22A10AE4774440D086F559, 24D7CBE9B82DC8900D9A5E345347FEC330D47FDBD1517A2AC10218BA2A9DFAA9 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
12:04:54.0709 0x0948  AmdPPM - ok
12:04:54.0726 0x0948  [ EB729A9ADCB9F9C406B533F95E2F67D4, EDCB8E39C503FF30ECB82F368242179E2788C12B4FD9B557F38380A934E7D8E7 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
12:04:54.0743 0x0948  amdsata - ok
12:04:54.0770 0x0948  [ 3B5C5C696F33FE61F1922533B03B9316, C9BAAA9B02547C66A276A31958DFD2A289C5963A4EE3FF306535565240D816CC ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
12:04:54.0794 0x0948  amdsbs - ok
12:04:54.0805 0x0948  [ A7D45A303FF8A9493C96C4B804051E6E, 6074C264876A398039D3F89905A486ABA5BDACA038B79920A34323B38CFCB358 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
12:04:54.0820 0x0948  amdxata - ok
12:04:54.0840 0x0948  [ 5180537517C27375B1F2CB37ED599FAF, 121BF0E3BDE068CC1E1E9B24DC334BA29348725E9BFB790699E4CC66664A4C3D ] AppID           C:\WINDOWS\system32\drivers\appid.sys
12:04:54.0862 0x0948  AppID - ok
12:04:54.0899 0x0948  [ F7FEBF66A705F18DC063DFD259F15102, 394DA8A7355573C4D81C375450DF5C5B2FA6360E246B06FDE8E7F9ADF21360FA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
12:04:54.0924 0x0948  AppIDSvc - ok
12:04:54.0944 0x0948  [ 13D7FEA71091D1EAD8ADDD10BFFEA06D, A707CAC76CBF0334E2FCE3220147B382F5E44DEF9E23DD459CF7C40F27771695 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
12:04:54.0973 0x0948  Appinfo - ok
12:04:54.0989 0x0948  [ EAF36A714E16A69B8B4ED7591CBA77B6, 11FE2A5D991FB8AF78F4E78FB6DF02005EC5404DC298FE2D4E7774BB0011AB52 ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
12:04:55.0021 0x0948  applockerfltr - ok
12:04:55.0066 0x0948  [ 91DB5775249920FD245851E0BC97D8C4, FCB53766AB377EF2E385CD2F6D0D2CEF485C07A5EAAB68FB1C798E6264832386 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
12:04:55.0118 0x0948  AppReadiness - ok
12:04:55.0220 0x0948  [ A61222D41CE44B0C3592CEB57AB20B71, F7A136EF4850D76AF1868A8C93C201B3B00FCA1D9EDE77F65BAD04530CC84221 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
12:04:55.0358 0x0948  AppXSvc - ok
12:04:55.0381 0x0948  [ 6E456A94B9BD7F6B4758729BCEDE40C3, 2F3146AC960992FA947A8E8C4D5497624A5BC69B7A3EECA117AD599C70DDE8E3 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
12:04:55.0400 0x0948  arcsas - ok
12:04:55.0418 0x0948  [ 766F3A7E42AFCF74265FAC78987D1665, 8FE82913DF5CF79B49B28B3CD782AF09FF30585A37473AE3E518A26C5D6453D0 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
12:04:55.0439 0x0948  AsyncMac - ok
12:04:55.0473 0x0948  [ 01733BEEE02E51F712330D5909BD701C, A583B482DBE701A752EDFDEAE2EF16D7160DFEA6077E0C8EF013828E285D960A ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
12:04:55.0488 0x0948  atapi - ok
12:04:55.0521 0x0948  [ 329F315D04B64BC185A59FE17A2AD6CE, B9721AD1641E3E96D1C07294884506EBED5D05921A9F9FC263711C28AD040693 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
12:04:55.0566 0x0948  AudioEndpointBuilder - ok
12:04:55.0640 0x0948  [ 67ADB26CC1B504E9566B9106277DE92B, AF137C9FE9B3A231C7662F2E59EF12482396CFD8AC020DF6BDBFDD9A1209A98D ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
12:04:55.0715 0x0948  Audiosrv - ok
12:04:55.0746 0x0948  [ 6086B5EE0DA4600B2EC2725D82DEB74E, C67CA7021D710CFDCF62B17A2B2890E61E4F1E3D956312688454FD85738C303F ] AxInstSV        
C:\WINDOWS\System32\AxInstSV.dll
12:04:55.0771 0x0948  AxInstSV - ok
12:04:55.0819 0x0948  [ 0914A5E66C0775CE11960452A6434FEC, 978C1E20023841FBFEF0CEAFE09EDB679612C8E5986C6E40C1F6D0835112D13E ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
12:04:55.0853 0x0948  b06bdrv - ok
12:04:55.0882 0x0948  [ 05E43AC1A9E9E618367923549B459B06, 17800299DABAC13ADB30FAA2C99D1D2CE90982E3352E2C4273CD42140BE8AF9E ] BAPIDRV         C:\WINDOWS\system32\DRIVERS\BAPIDRV64.sys
12:04:55.0898 0x0948  BAPIDRV - ok
12:04:55.0916 0x0948  [ F8129321B1874D4386F7FEB754BC3380, 7264E7E2A339E456C0A1A40FDFAE0D202905467400B93FA0700498B86172337F ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
12:04:55.0939 0x0948  BasicDisplay - ok
12:04:55.0962 0x0948  [ E2BFD01BD0ECF2BDE9420022147952A4, 7798211996143067787881A1362D07B95CF688E96192E3627D30347C719D40CB ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
12:04:55.0981 0x0948  BasicRender - ok
12:04:55.0998 0x0948  [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
12:04:56.0017 0x0948  bcmfn2 - ok
12:04:56.0045 0x0948  [ C3B27514035315E3C1FCE64E69E253ED, 03AF100927077AD608C5EA47A17081CEA849F44C471AF978F410B83E2ABA5AE7 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
12:04:56.0080 0x0948  BDESVC - ok
12:04:56.0111 0x0948  [ ED03D2ACE378C9EB8BB957ABBD85B951, E9AE3025DC4956B736651B20AEA665909C2B468F9AE3E317F545DD4EEEA7D9E8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
12:04:56.0144 0x0948  Beep - ok
12:04:56.0187 0x0948  [ 1FDC6CB56572203E6F4BF4E3FB30B886, 81D5C77C823DC078EEEB2DABEE5203D542C824E04FEDD96AA58F96037C065155 ] BFE             C:\WINDOWS\System32\bfe.dll
12:04:56.0239 0x0948  BFE - ok
12:04:56.0325 0x0948  [ 5C0D4DBACB90D9ECE77907F4F6CF9EF6, FC29F03FB7E58A9ED17A34BC2D8E39533070B8B23D1A110622C3A213BF48CD2D ] BITS            C:\WINDOWS\System32\qmgr.dll
12:04:56.0393 0x0948  BITS - ok
12:04:56.0408 0x0948  [ 2342B8619193B0D9FAC0D02C69DCE74A, 06A1512C9750ACD154DE8873DE6628355B7195759CE54FA96097EA6D56BE320E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
12:04:56.0431 0x0948  bowser - ok
12:04:56.0504 0x0948  [ 06373FF017097FD40D60219980871FA0, 9366823AA3C248DD06FBFA237DCFDB2A9B7F93BA7115D235792DD81DDDA79C1F ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
12:04:56.0574 0x0948  BrokerInfrastructure - ok
12:04:56.0613 0x0948  [ 9C7F445B018AB4744B6E0C657B5D1833, 83D04F5E3D4BA46BBD8A67764A60F5731F86B0BE3A85C2858E002ABCC362F592 ] Browser         C:\WINDOWS\System32\browser.dll
12:04:56.0644 0x0948  Browser - ok
12:04:56.0715 0x0948  [ AF57F0B0E284BE06860A7B701341324D, F94E44C777FDC049158B7BF73DAFCDB103D08493AC898D1C928771650F664412 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
12:04:56.0760 0x0948  BthAvrcpTg - ok
12:04:56.0793 0x0948  [ E1E55BA45510B2B0309E2C77ABEB1BFE, EA7BDEC354190F1033B14847606220D414C1A52C938C9327A4765032D28B6960 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
12:04:56.0833 0x0948  BthHFEnum - ok
12:04:56.0869 0x0948  [ 336A9C0254A0178ED50281B6EDF5B836, C9C454C6EC4FF5897B1873A7E90D1CE8122E43783E978A570CEA75E15F65DE97 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
12:04:56.0890 0x0948  bthhfhid - ok
12:04:56.0941 0x0948  [ D8428BEF4033C7BFCD981074E2318F89, 9C0692F8387BAD94CCA4E36B59701A7A7B8FDCB5377B4C2CA75424583835E112 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
12:04:56.0979 0x0948  BthHFSrv - ok
12:04:56.0996 0x0948  [ 5428242193611BF91DDBF4F58900A55A, 91D59B0D0C7CA3DBBA8CA7CAD1E24845A224F451FC1880BE8CB7C1585AC79080 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
12:04:57.0017 0x0948  BTHMODEM - ok
12:04:57.0082 0x0948  [ 27B7348B88DE2F93C4FB4D53EC469AB0, 6B36724956C6A8AC453F279AF4CF70FD12BD57DFC68D880EBD84DFFDABF499BD ] BTHPORT         C:\WINDOWS\System32\drivers\BTHport.sys
12:04:57.0159 0x0948  BTHPORT - ok
12:04:57.0179 0x0948  [ 6927D295017E9F1A5D655A8F3A122672, 4B686C93056924580390440B49C721BD9039D5C972994D8EA96CA848B786B693 ] bthserv         C:\WINDOWS\system32\bthserv.dll
12:04:57.0208 0x0948  bthserv - ok
12:04:57.0251 0x0948  [ FA5CE6301192DD6ED4AA747B2C88FD42, F06A7748FCB6BBF0BB0A8348F505A1703EF2D1B59DC5BA6B600951200463F876 ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
12:04:57.0280 0x0948  BTHUSB - ok
12:04:57.0294 0x0948  [ 102CAA11BA89290D48FBFD2E04274BA0, 9C6786AD6C8BE5AF7538BAD553C401B0D7443E533CDE59E975CF3E07EF262F0C ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
12:04:57.0322 0x0948  buttonconverter - ok
12:04:57.0343 0x0948  [ 029434AC0A3935F9125ABBD08BF7C30B, 742338B882488CA83F502ACEBFEDC2783B8D9D6C391FE1088988276315A065F6 ] CAD             C:\WINDOWS\System32\drivers\CAD.sys
12:04:57.0359 0x0948  CAD - ok
12:04:57.0401 0x0948  [ 307AE8BC9B45772DA02FB952A1D86C35, 4983AC71C8E164D9E6669D345925B4FBEDD0A0A4566887E7ECC56C996B66DBD4 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
12:04:57.0427 0x0948  CapImg - ok
12:04:57.0448 0x0948  [ B6E5AD7C83A5254DEE9D86023C0E5A81, 40F297406A025378A6273535475C1FF8C99BC6502B17C0E161131DA754D7974B ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
12:04:57.0475 0x0948  cdfs - ok
12:04:57.0528 0x0948  [ A0E5905465CBCCB63FE915F5B08752A8, 435B39A8B1684FFE9F2720A2CD11AF5A5F55E701709939756322C2CD6A22E0FA ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
12:04:57.0596 0x0948  CDPSvc - ok
12:04:57.0644 0x0948  [ 618DA70D0D90DF3602259C1B121794DD, D2AF7967DE38F3B7C10824A1C900A145F45C57C0F179753A85989406600C4279 ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
12:04:57.0693 0x0948  CDPUserSvc - ok
12:04:57.0708 0x0948  [ ABE77AD954BC3D72F559CF0C381E50BC, D0F24B023D7CADD4893AAF223A9BAC00B2C58D552E0C314B506C01767FB74133 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
12:04:57.0739 0x0948  cdrom - ok
12:04:57.0785 0x0948  [ 62E13528B9F900A5662E243D4315F10B, B3F4868E80A3A2EDEC19E5AA32C96FF90B08D6B9BD35B80EA01E6A098D46040B ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
12:04:57.0814 0x0948  CertPropSvc - ok
12:04:57.0855 0x0948  [ 05EA22CFC40EDE05BF6E3BC782E5204C, F0C9C692FC31387E9D19426D3253317B6BA86D7118E3884C11E3287695006443 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
12:04:57.0883 0x0948  cht4iscsi - ok
12:04:57.0965 0x0948  [ 863E1C9F6750446DFB9EDCAEC3531367, 88C5EE76FD85640EB1440DEFC7B6CB918E18DC09507BA91FAE285370B8C7D56A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
12:04:58.0046 0x0948  cht4vbd - ok
12:04:58.0084 0x0948  [ 3E416539352B007AD0610BF34AC15D31, E2041129770B24AE95C5EC4B507477C72DFE8CB08D412E2621BF67207F9DEB8C ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
12:04:58.0107 0x0948  circlass - ok
12:04:58.0119 0x0948  [ 616E1ED94FA7F96D429D985FDB203D2E, EA681C442AA0F7D424C8DABD8D1C14653E61BDE740C0BC4C6C308B5FB4FE67AA ] CldFlt          C:\WINDOWS\system32\drivers\cldflt.sys
12:04:58.0152 0x0948  CldFlt - ok
12:04:58.0189 0x0948  [ AF0BF03C8574DD026FAF9A82A64C2D04, 363BF0C42181FA4CFBC3DB504F48496D62023F0E4A858DC8F739C08CC5AFA228 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
12:04:58.0217 0x0948  CLFS - ok
12:04:58.0262 0x0948  [ F34283DE289AF82A97BCE6563D1E2BB4, 9725D041322AF70030E11EEF0FDB7D01FF2CF105FD90A4AF08F71E54725234C9 ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
12:04:58.0309 0x0948  ClipSVC - ok
12:04:58.0316 0x0948  [ 5118CFC33BBB51C7E3ED441B7085AD26, 8D33864FF750926C4B95827FFAD24C558DE8A90FC5B2663084DEAB5ADBBFAFD2 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
12:04:58.0335 0x0948  clreg - ok
12:04:58.0360 0x0948  [ 232F3A3AC3A2FB32C5C46503A6517073, 9E0232E095471E6C8825E870F5842838F1AE515E56410F6A5CC3D58A9A4AF33A ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
12:04:58.0379 0x0948  CmBatt - ok
12:04:58.0412 0x0948  [ 3413CE81E02C091F33C4C3DD3071630F, 4758A2BB2FD453E9867C04CC420D12B279BB97E3C4E664A7058EA5F1EC63D04C ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
12:04:58.0451 0x0948  CNG - ok
12:04:58.0467 0x0948  [ E1BFF774FF67CA951A5DFF0E104FB132, 68809C4B72C54CEDE3AD33F5634E15A0225A67B391F9012EC7CEBA8AFC6EC3D5 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
12:04:58.0484 0x0948  cnghwassist - ok
12:04:58.0558 0x0948  [ DFDAEDB857BC18764F0D8ECDCC3C1499, AE12E908BAF53C605A17A9FB1AFD6BFBEC75EBE45D893541281473C197C71FED ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys
12:04:58.0591 0x0948  CompositeBus - ok
12:04:58.0598 0x0948  COMSysApp - ok
12:04:58.0605 0x0948  [ 04532711732BE9DBC364E88E4A9EC18A, FCEB1F486E146A3FE7307397C1EB6760BFD8A327545F81C546F7134B08615B9E ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
12:04:58.0623 0x0948  condrv - ok
12:04:58.0672 0x0948  [ 9B7A6AD43CAA322C4E04B4E52FD7CDAD, D59F55602C273372F8787B35AC62192ED99CAD72BFF8BF03DF7BDD9E9BC37EE4 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
12:04:58.0715 0x0948  CoreMessagingRegistrar - ok
12:04:58.0821 0x0948  [ A28D6FA203CE094BDE7ED8CEC6079E42, 5DCA8BA21F5FD0D9F00620E7592949ABCF3BA202CF7AF3D84F93DF7C13E2D4C9 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
12:04:59.0372 0x0948  cphs - ok
12:04:59.0408 0x0948  [ 1F7F1A15B807BC7B241BB2FEEA79BC92, D756E2247757C274F3470B46FCDBB63317C05E8E66FDA9DB7ABF3A6820933D4C ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
12:04:59.0502 0x0948  CryptSvc - ok
12:04:59.0542 0x0948  [ F51953EC4B9AACD92A3B3CE66E05CEF4, D39C9696213F53F89209000F245AC178B342A84E46EE766B634BB8DB86A26BB8 ] dam             C:\WINDOWS\system32\drivers\dam.sys
12:04:59.0562 0x0948  dam - ok
12:04:59.0608 0x0948  [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
12:04:59.0674 0x0948  DcomLaunch - ok
12:04:59.0699 0x0948  [ 1175E107082287A58A756239F48E1A73, 0DB2017061D94FAC95CEBD7C4729E42018A92698D72CEE3EA412A9D14DB8D552 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
12:04:59.0754 0x0948  defragsvc - ok
12:04:59.0801 0x0948  [ BBCAC50027D030E07EC7E5C36469FAFF, FEF39659F21D2AE676E4882FBAF5A881C534BB7EA26E5EFF9F7B5F8B952D6532 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
12:04:59.0842 0x0948  DeviceAssociationService - ok
12:04:59.0879 0x0948  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
12:04:59.0917 0x0948  DeviceInstall - ok
12:04:59.0951 0x0948  [ 5B84093D490A6B060C8BE60BA52C876F, D34A854418A66529B18313A50E6D7EAB982611AD9AB0335245AE764FE0602C22 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
12:05:00.0006 0x0948  DevicesFlowUserSvc - ok
12:05:00.0025 0x0948  [ F08F70BBD833BAA3BF0D5E500CBEE6CC, 8BB99E6D96CB8B25036549030986EC267C26BF1FC66E4EB00A3E41FE3BB5DE70 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
12:05:00.0047 0x0948  DevQueryBroker - ok
12:05:00.0359 0x0948  [ 185A4519B7764F4DEF714D890A7A9FD2, 9805D9DB42D11582583EA3F0FFEE9EF2B0C536DA99A9A3D3863B2669B1CC34A7 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
12:05:00.0415 0x0948  Dfsc - ok
12:05:00.0455 0x0948  [ BC5188B3F35BB8070888441A2A740465, 05C18A3DC1BD96C6751E76DBF57C47E526A1F9DF5E013B20B69EA0159CD6CE56 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
12:05:00.0499 0x0948  Dhcp - ok
12:05:00.0541 0x0948  [ 5DF493C7954890EEC65CC2A21D479F76, 67087AAAC2AF93F265077AA392444E32DC299918A843A8AECFBE73636A5F2314 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
12:05:00.0567 0x0948  diagnosticshub.standardcollector.service - ok
12:05:00.0666 0x0948  [ 7AA8614A390EE2FB79BDD11154CF1A61, 32B27D6C010AAB3FF9E1FBCE2E750042A1EBB0736821B1EF3BB8D979892F85B5 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
12:05:00.0804 0x0948  DiagTrack - ok
12:05:00.0815 0x0948  [ 1203EA16F36C5BEB2509FB7CC03DC178, 195209CB711E5BDE24A50C88AA62F32E8AE26F6A83B423374FCA41444F55D1CE ] Disk            C:\WINDOWS\system32\drivers\disk.sys
12:05:00.0834 0x0948  Disk - ok
12:05:00.0883 0x0948  [ 8BCFD0A4900E197DFA8679A13128EC79, DF09F3996F25F025E171DF3EF068BB9AC2DEC79BFCBCA5D58E9158CD7AD785B6 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
12:05:00.0954 0x0948  DmEnrollmentSvc - ok
12:05:00.0979 0x0948  [ 038B8B76284BC291EC75B005BB3EB13F, FE7BD7CF833C4A96ABF4FD6EBAB829CC4D8096780A22A313035D7E49BBA12D36 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
12:05:00.0999 0x0948  dmvsc - ok
12:05:01.0020 0x0948  [ 32C76DFE2586EBECFFA4112E9196591C, 190C294F50B96B13D0B776F7C19DCB47EAACBEE999CBA50236CF8C856CF38B17 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
12:05:01.0056 0x0948  dmwappushservice - ok
12:05:01.0091 0x0948  [ FC3AA34608A69BDAC67E31FB70C8A720, 38815F527DF963B4A7D93895776DDD618BD29782B1FA74EB1A7319AE58739A06 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
12:05:01.0125 0x0948  Dnscache - ok
12:05:01.0148 0x0948  [ F08CB37830A1F9950E8B2F7B1F78CC7E, E4E75645893597F6A02B98DC4F126A664F5DEF7B1CD4C2DEE5CA8ED18DB64C9C ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
12:05:01.0181 0x0948  dot3svc - ok
12:05:01.0203 0x0948  [ 3425E26D0A7792F2EE7745C0336C2062, 54A3AFFC31C2641BCE1877F2CBA61D2CD7191BA39FD5B3659491E4E307570C1E ] DPS             C:\WINDOWS\system32\dps.dll
12:05:01.0235 0x0948  DPS - ok
12:05:01.0275 0x0948  [ 3D934A1C02EB6979CF45C70A71F580EC, 279B325E18ABF82FF523095D8D5958A3A48C7B7A4F64BD562DDED1D0662B608A ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
12:05:01.0304 0x0948  drmkaud - ok
12:05:01.0345 0x0948  [ 5E92CB292D676634058E6C62653C9227, CE35C51B444664641306B4C2E21978B3418B58B2A973B19B908D86FE723FB4C4 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
12:05:01.0381 0x0948  DsmSvc - ok
12:05:01.0402 0x0948  [ E479C2656A3A47F5D4FAD10AE6EAED52, B17D18D5440CF131EEADA385989A8ED0DB7728CAAC4E745720947DD1BC4F9EF6 ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
12:05:01.0432 0x0948  DsSvc - ok
12:05:01.0460 0x0948  [ 679FF716052109392D870F6A6C4A3535, BEF1784448CCA4AF1D67ED68BD0C7CFE01A7719E98CACF92C2DCBFAA916DC57E ] dtlitescsibus   C:\WINDOWS\System32\drivers\dtlitescsibus.sys
12:05:01.0473 0x0948  dtlitescsibus - ok
12:05:01.0487 0x0948  [ E23FDD696839A4790682CA66C48D3F2F, F5F0721BDA751968224E52E75D0C309A3E084C430CD98E85A55AF622D16B9A44 ] dtliteusbbus    C:\WINDOWS\System32\drivers\dtliteusbbus.sys
12:05:01.0499 0x0948  dtliteusbbus - ok
12:05:01.0521 0x0948  [ 682D7DF9704217DD8716307F9E2EEC05, A8D36414A7316C59995CF9689DD84B2FD3FECE47E39F515C81BC3C439890E993 ] DusmSvc         C:\WINDOWS\System32\dusmsvc.dll
12:05:01.0569 0x0948  DusmSvc - ok
12:05:01.0690 0x0948  [ F1D8A5A6C39586717822C2AAB70663F4, 527CC5D18DF9B114352B49AC0645831C6C4F3FFA76692BDC2D9A90E9D14E5000 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
12:05:01.0807 0x0948  DXGKrnl - ok
12:05:01.0843 0x0948  [ ECA1628436628362856ACF239E6AFD29, 19051DC348918B863E0A272CF56891B8CB49E7E705B8BAC7663D36C797A7B962 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
12:05:01.0881 0x0948  EapHost - ok
12:05:02.0029 0x0948  [ D64CD3AE93125EDA383190C2AF607E70, 3D180B96C6A2318842FA03AE5F703320A93CF1F440FF7D0E6F6F9BAD98F2FA02 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
12:05:02.0190 0x0948  ebdrv - ok
12:05:02.0223 0x0948  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] EFS             C:\WINDOWS\System32\lsass.exe
12:05:02.0241 0x0948  EFS - ok
12:05:02.0257 0x0948  [ FFBB37982E6D24AEC7A2E5459098EAC9, E89DD74540088ECAC9E802D7A059C0A6E3E5412BD42E5E9F26258724458EF8DB ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
12:05:02.0276 0x0948  EhStorClass - ok
12:05:02.0295 0x0948  [ ABF38D02E01D6ED87AE1DF65FC5DF62D, 57D48609DA30F60016D2ADEB9A772942FB39A117247EB63FAE3FCF50D726B698 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
12:05:02.0314 0x0948  EhStorTcgDrv - ok
12:05:02.0339 0x0948  [ 5E4AB60D50F368A09275F4055D621EDC, C840F5DF3C0813EC6CB9BA0C3C91F2C6410227A6255DEF5FA94C8AC1E43E36A0 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
12:05:02.0367 0x0948  embeddedmode - ok
12:05:02.0407 0x0948  [ CA966CED8970A60FB00A3592564EF093, 4BD904032445235EE69DAA0024E0FB3D8B2325D897A683E334754EB3CA90AB39 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
12:05:02.0444 0x0948  EntAppSvc - ok
12:05:02.0464 0x0948  [ B9A59B4AD516E38C39FA416398B96CCB, 4630A9AD414476B47F634F2EB5659597797222A8938B68847B97FECCE1A1B5F8 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
12:05:02.0484 0x0948  ErrDev - ok
12:05:02.0536 0x0948  [ 1541374239F33512D7F4D24ED1E9238C, 8B1548D4052A72175EB6ADA9FD4286ACD5041E1CE071DCAC3760BB227FCD3621 ] EventSystem     C:\WINDOWS\system32\es.dll
12:05:02.0574 0x0948  EventSystem - ok
12:05:02.0603 0x0948  [ 9C4D88E8614487AD85A6F18A71A7298F, EE6F48C89D6379C7361484EAE7C7FAAA477D48032BFDD0D363E48642E62EADF4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
12:05:02.0640 0x0948  exfat - ok
12:05:02.0670 0x0948  [ C61014A176ECAAF97589E6FC979CE786, FB913AC647B68DB9854367BB1E53A504A85833966211279C8D7171698F743B27 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
12:05:02.0699 0x0948  fastfat - ok
12:05:02.0745 0x0948  [ ECC5AEFEA31F1A078E954305B8CA6373, 15948D017E3B52D3B4BBEC047F963BD77247E24A59F0532B6A023B0C4159FC84 ] Fax             C:\WINDOWS\system32\fxssvc.exe
12:05:02.0794 0x0948  Fax - ok
12:05:02.0808 0x0948  [ 853081957BA148F38FD8DE4390CFCF4A, 37C92C7ABA55A5FF7094F77F8EBEEE1F4BEE161CEC6B01A50FC0D0C39E36C142 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
12:05:02.0829 0x0948  fdc - ok
12:05:02.0871 0x0948  [ 885C06C35CC8FAEDDE3CDA36B72CA2A9, FF6584E7AF2FB540B2183665C3E216BE98DE953CEA6A7E4C5F13514BE4AAC9D3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
12:05:02.0900 0x0948  fdPHost - ok
12:05:02.0910 0x0948  [ 367E878C79D9F391E3D53B6BBC1B6386, 739D89F6954E17B73F53702CFF8EE985FB241255D962A83BAF1A20E783CAF466 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
12:05:02.0936 0x0948  FDResPub - ok
12:05:02.0957 0x0948  [ 514F6A0B83527DD6ACCC8B21A57B10E3, EA3D401E42D05BA39E5874513DFB895A086BECE4D69FC1AC12F85F326A435A4B ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
12:05:02.0987 0x0948  fhsvc - ok
12:05:03.0024 0x0948  [ 27E764D6460504B7271AFECE7A59FB76, A32B08142068BF042B3E47C0CA7F4FCFD07A37807B1B8DAAE614F3A132475D52 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
12:05:03.0045 0x0948  FileCrypt - ok
12:05:03.0056 0x0948  [ 3D6087F51110F3CC0DA89385354F8C5E, 49FF976C3391A257BCD4B048BF6D1273F8537005E32D65E5F272AF3294639F05 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
12:05:03.0075 0x0948  FileInfo - ok
12:05:03.0088 0x0948  [ 057E95E53C38260C4EF49B3A077770CD, 7008E71663046FF1D91D9DC3570094561C812067E1CA07715A1D2E4F787207AE ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
12:05:03.0114 0x0948  Filetrace - ok
12:05:03.0143 0x0948  [ 90B2983D8495C26345A1DC5F0C3BB07B, 50D834D40C27EEF5023556A77B13D3335789333E302A73DF221CD86D156FDEE9 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
12:05:03.0163 0x0948  flpydisk - ok
12:05:03.0179 0x0948  [ A84261F75F490E45CFEDBA77EFE4F67E, 292BA04D8996140255E4B6105015C2A640890BEFB6C022E30E0D9CBF45D5F4DB ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
12:05:03.0208 0x0948  FltMgr - ok
12:05:03.0305 0x0948  [ 3020F526B7E94A178D3EBF958397F7BC, DD0105BBEFFA7E1F54BC2199C7DB60F9C650D76DA36598E934F45D44BCE1DE3A ] FontCache       C:\WINDOWS\system32\FntCache.dll
12:05:03.0428 0x0948  FontCache - ok
12:05:03.0510 0x0948  [ B282011D13BBEEA0273DF33C5E776D55, B4AF068BBB09D0F546F5590FCDD745250CFD58DD3A8ABF5DC26670FA32D181FB ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:05:03.0549 0x0948  FontCache3.0.0.0 - ok
12:05:03.0602 0x0948  [ 58811D00A582A89B7839B4B2CE7302BE, D2B6C197BD257B462FC3E8E7A8E7C3F910282FDAA61DB00ADB64DA0698C203C7 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
12:05:03.0651 0x0948  FrameServer - ok
12:05:03.0672 0x0948  [ D2814848206DFC18EB8D3D069FAE703E, A62263CDF9261B692423473F4FF23B01AC864C05850BA5591EB9019906B4A08B ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
12:05:03.0689 0x0948  FsDepends - ok
12:05:03.0706 0x0948  [ AE7EDF845F41ACA3B74567C3CE20E987, 6159C227C85912B03D8C35A1EF91705AE6C1C23C7228D6FCC0A9529844798E1B ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:05:03.0722 0x0948  Fs_Rec - ok
12:05:03.0764 0x0948  [ 560AE7760EC108F92D2EA8638CC805CF, 6DA48D05641367477315B26A4466EF41BBB3896EF3DB0C050B86033C39C38C4E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
12:05:03.0805 0x0948  fvevol - ok
12:05:03.0842 0x0948  [ 4616F61E24B3AEA6E0E4EA7D69531EF4, 34CB16F68E4A4D19346C7FEC29BB5FE09BAAEC19EA730C9B93450F940D124D49 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
12:05:03.0862 0x0948  gencounter - ok
12:05:03.0881 0x0948  [ 23174BB6937459B924BB8EF667FB28EF, 6675B87F4DE9CCA96B6BAB9F77C4E0B377828613D9FFB03F7D443AF11321F157 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
12:05:03.0901 0x0948  genericusbfn - ok
12:05:03.0921 0x0948  [ 4B11CFBE1D9B73A9D865F6AB26F800BA, BD76CB5AF0EE6DD404875A4C36622C6BC8CCF2975C47E28DD305EB041C6C0B91 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
12:05:03.0943 0x0948  GPIOClx0101 - ok
12:05:04.0009 0x0948  [ CF22C0941409C772AA1568DC4F89A111, ED5895F024E64B672EB3FAE6C456FA0D30A068CF2B475A7EE988DEA4DCD6D8DE ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
12:05:04.0083 0x0948  gpsvc - ok
12:05:04.0100 0x0948  [ 3FC3FCF557D0BE3D724EA10642E1F6FF, 744D0DDE748A1B681087668CB893F9A60A2BBE80A71098944E75B6A9AA934C82 ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
12:05:04.0135 0x0948  GpuEnergyDrv - ok
12:05:04.0223 0x0948  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:05:04.0249 0x0948  gupdate - ok
12:05:04.0257 0x0948  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:05:04.0271 0x0948  gupdatem - ok
12:05:04.0320 0x0948  [ BF14976E8223D334B21792FB8B74D7FF, 0939B6605E9BCE2EC888AF3F3DA953351AB56E993B2C8BC6A6DC577D287811FD ] HdAudAddService C:\WINDOWS\System32\drivers\HdAudio.sys
12:05:04.0357 0x0948  HdAudAddService - ok
12:05:04.0397 0x0948  [ 02B9639D9997E95CDF2F4C4F3BDCC73D, 612F472A72E44199E0B1ECEE6FF2836359039402212CBD26D1A1CDDAC61052A9 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
12:05:04.0421 0x0948  HDAudBus - ok
12:05:04.0432 0x0948  [ 9F90819E301C70A3A042FC05D3E41B5F, D2175786775D08686264001ABAA4B61DC08A847666F6B9A2A64D10BFC022F646 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
12:05:04.0448 0x0948  HidBatt - ok
12:05:04.0467 0x0948  [ 3CA3244C45B25F3B3ED9445C195E40EB, 9C43B31DAB473D29069D0D6BC130660424FE2414BA519107641FA1561C10C76D ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
12:05:04.0490 0x0948  HidBth - ok
12:05:04.0508 0x0948  [ 55DAF856F9633DD2519BA4E942870F02, 5283548CB93EB46C5FD3B08E45C97BBFB33D47F11F89560508775889FBF2F754 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
12:05:04.0530 0x0948  hidi2c - ok
12:05:04.0549 0x0948  [ E34216A190D9BF8EAA666F6903BCD0EF, DA8529DAF903B447CC5FF2D112F670696549A4B66F54DF9A8C8C615D969CD477 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
12:05:04.0566 0x0948  hidinterrupt - ok
12:05:04.0596 0x0948  [ 852DBB5185996AD8C73872A43A453729, 8C20331AE99E280799407CC5FCF88F8F645C331604230876A2CD7C253B9BD633 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
12:05:04.0618 0x0948  HidIr - ok
12:05:04.0654 0x0948  [ 6339CC87F0F610D1575C9A419940602A, B2A054ED0B669FA54E250EC2926955B1D944FA1FB2AF5B590C181CB2E9D297BA ] hidserv         C:\WINDOWS\system32\hidserv.dll
12:05:04.0675 0x0948  hidserv - ok
12:05:04.0684 0x0948  [ C1A608120DE0DF52E51B8BAF86AF19F9, F3529822E78CFCA2E323A75926A833529889E40BB9602B287CC343C496CB2062 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
12:05:04.0704 0x0948  HidUsb - ok
12:05:04.0737 0x0948  [ BD1CF47172B97707DFC66ADA741AE2BE, 9607AB7074FC54D88FDF6E2A31506BCF8ECBF8FD651BB5CEA2421471C24BCED1 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
12:05:04.0769 0x0948  HomeGroupListener - ok
12:05:04.0811 0x0948  [ A004895B838003BAE2281DAF193B6A09, 587FCDCEF769B2AED12551B6426477B764CB8A025E692D4EC8B24E1CBA1C06E3 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
12:05:04.0854 0x0948  HomeGroupProvider - ok
12:05:04.0873 0x0948  [ 8ADD9CA3E0F18CEA11EA6FAED794A228, B46BA885ED8253A253B1C87C331CA145F7F397AF49853038B3F1EDAF81B2C4BA ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
12:05:04.0890 0x0948  HpSAMD - ok
12:05:04.0937 0x0948  [ BB1AE72906564A6E81B79D73A05AE21F, 9BAC18FE0F99479E7B2AB804A0B4C286E55155A8C051CC7D20CE94798EEA0721 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
12:05:05.0006 0x0948  HTTP - ok
12:05:05.0039 0x0948  [ D3C45F1B5BB3EE772CDA416A4A3EEB9B, 97CD988CF307EBCC34F37F130F4F2C989DD17E70B2498DB1929B566A3387887B ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
12:05:05.0057 0x0948  HvHost - ok
12:05:05.0097 0x0948  [ F60F8390B635156593F7493AE898AFB0, AC5E58CDA12072C5FDBFEA0FA009CE2E251D143FC0878B2658ECCCF797B8B0EC ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
12:05:05.0115 0x0948  hvservice - ok
12:05:05.0127 0x0948  [ 563F5FC3B46A70A91AB6C8822AC8BF25, 43E647A7752D7444BF306E38571130AB778AA2A6892782C6C1112E47FBEFBC87 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
12:05:05.0143 0x0948  hwpolicy - ok
12:05:05.0154 0x0948  [ C082249BC3E972C8A132D9EC6AD9EAD5, D69EEFD97CF5E0BD64D11DE1C331D02A9BE522BB93A40FF32ED434D960B85D39 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
12:05:05.0175 0x0948  hyperkbd - ok
12:05:05.0197 0x0948  [ C6C8315E3262FAE460529C6DA2951682, 4ADBFA6601209BF6F5A9797721CBE2011905775CF4E266D7B42F89915D477E95 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
12:05:05.0221 0x0948  i8042prt - ok
12:05:05.0236 0x0948  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
12:05:05.0256 0x0948  iagpio - ok
12:05:05.0269 0x0948  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
12:05:05.0291 0x0948  iai2c - ok
12:05:05.0309 0x0948  [ 42962355A7911407026E920E7252E3E5, 4A4016A53ED61354C81C594968339E6F3CCCFF4A64F8F28AD008ED8137E05AD2 ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
12:05:05.0332 0x0948  iaLPSS2i_GPIO2 - ok
12:05:05.0347 0x0948  [ BD47B2FEABFA48C6224D43EE9EA9BC06, 304628CA458AA7B1B8B1CFF12074AD75C1CE7BD41820B99607D7FA99A817D007 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
12:05:05.0370 0x0948  iaLPSS2i_GPIO2_BXT_P - ok
12:05:05.0394 0x0948  [ 2184CB3A65888F446FCD6DBA9F073F4C, 0B3D63EC7F61BFAD490C123084965A9F38DBFE587AC9DAE6F4E6B68AD8093DB2 ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
12:05:05.0422 0x0948  iaLPSS2i_I2C - ok
12:05:05.0439 0x0948  [ 4126F8DA08CE7924A3AE6F7235F85D5F, 668DC1D09496A95F44C07C5C1F6ED7D3EFC6F89523B2744A86B460E5BECAEFB5 ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
12:05:05.0465 0x0948  iaLPSS2i_I2C_BXT_P - ok
12:05:05.0486 0x0948  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
12:05:05.0500 0x0948  iaLPSSi_GPIO - ok
12:05:05.0520 0x0948  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
12:05:05.0545 0x0948  iaLPSSi_I2C - ok
12:05:05.0580 0x0948  [ D820075D3395BED28FC57AEF8FBA666F, 7589CCCD355D2685C0E6D317AB39F0DB061153E6859A0F53834B001643CFDF57 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
12:05:05.0620 0x0948  iaStorAV - ok
12:05:05.0652 0x0948  [ A243E0CE8644378C9A9D015ABC3EDA27, 0C72F6D39DD64A16F54BCE185F4D8E670D386823F6364E9ED284F7F8DE11CBF5 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
12:05:05.0681 0x0948  iaStorV - ok
12:05:05.0713 0x0948  [ E16E4FC9F250E48CB2CAD93E59D010E2, EFF558EDD63DB0FD8BA240E94BD5999106233B95BF86BFB99EE9B897F41C542B ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
12:05:05.0747 0x0948  ibbus - ok
12:05:05.0770 0x0948  [ 62F0CB0A54EAF37E15EC385300957BB8, 55FCF7068D84D5AEEAF3149A5349BF13F1D18E34956217916ED7C1950885E63C ] ibtfltcoex      C:\WINDOWS\system32\DRIVERS\ibtfltcoex.sys
12:05:05.0785 0x0948  ibtfltcoex - ok
12:05:05.0822 0x0948  [ E3061D5ABA80394D29E26EA58AF7F69A, 9BCF1AD2CC9C7E48FD350F9D59797E17F355C840EDE428143764F93716159C20 ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
12:05:05.0853 0x0948  icssvc - ok
12:05:05.0999 0x0948  [ 9CE4D3A79D3180AC5A141E2F7E7137F4, 1D717D2156B78632895281779D2646AB066619EA1DB293A9505BF7C174F53271 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
12:05:06.0292 0x0948  igfx - ok
12:05:06.0337 0x0948  [ 6A9C613D0F5F9676D128F39B63ACE45B, 027B9568C740E336C7CBBE952309E2719E8FFA14E7DFC2B85B49E0C0CE7D2149 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
12:05:06.0364 0x0948  igfxCUIService1.0.0.0 - ok
12:05:06.0436 0x0948  [ E9E4BB312F6B544392F44D513FAA2243, 3E6917BCE9F1AF554D57FED9E76B33F36D92145B0090A5F8F64E2A53EB4C54A4 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
12:05:06.0503 0x0948  IKEEXT - ok
12:05:06.0541 0x0948  [ 0E33BC018502E7FDE77C343055D9C626, CD1C60E8EDAA044E03E5776962E091C1288204033A57A799D446F9B058D6AD59 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
12:05:06.0562 0x0948  IndirectKmd - ok
12:05:06.0596 0x0948  [ 41CD73C13FCAEA4942F0CF7608B7530F, 835BF370E6624975E3CB7106D4835488D6F527C545E7B0ECD26A161D36CABABB ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
12:05:06.0612 0x0948  intaud_WaveExtensible - ok
12:05:06.0649 0x0948  [ 87871AB7AC797F922A6F3D4C874CED96, 2BCD89911E42827CD294DD7D1486A7845D1F98019E51958E0F488384401B2944 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
12:05:06.0677 0x0948  IntcDAud - ok
12:05:06.0712 0x0948  [ 4B7F8A1AAC7172DB6918A0E10E1D78A3, 1E9922AF9B5458F23A379EDCD61B615B6E53BAF8927237C1C7DCC04122CCF417 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
12:05:06.0728 0x0948  intelide - ok
12:05:06.0750 0x0948  [ 0A3DBE89C965FFB7C0D0E38834E77B90, 0166BE79228ED6B3D7AA1BACB4F1BB68357DBF70DF778B2F8A3776E374EE690C ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
12:05:06.0769 0x0948  intelpep - ok
12:05:06.0784 0x0948  [ 64EC687A811DC4F69DF3816F073352AA, F70942B67448DF9848F32F88D37E1E0C548CE9FEFC4376628D7CBEF62494D8E1 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
12:05:06.0814 0x0948  intelppm - ok
12:05:06.0831 0x0948  [ 549C278119FF539C3B219C55B98B0E87, B4C15AB0C77EAB6C5ADEBD014F610BBFC537EAEB0E3960636624001C8A5DE56E ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
12:05:06.0849 0x0948  iorate - ok
12:05:06.0870 0x0948  [ A0F9F2E87F0C751FE164D90EB44A9B63, BE816F17E43E5F80AC65E913AB7F9E77B8D6B70B90A784CB00C907D3DAFFD4DB ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:05:06.0896 0x0948  IpFilterDriver - ok
12:05:06.0967 0x0948  [ 57A93FCF94FAB8C2161335E56C81CD16, 4A642E4FF70DA209074B78EC50B76A024DB5D01B8C9FCC405A64AF0F1A7EA389 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
12:05:07.0047 0x0948  iphlpsvc - ok
12:05:07.0061 0x0948  [ 656DDB34996A96539BA6E2843B5F2A77, EDC3F1A2BA38A9655361A20B6C8001984AEB1A530C5385CF6EC0AF595305DBC7 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
12:05:07.0078 0x0948  IPMIDRV - ok
12:05:07.0119 0x0948  [ DCC05E5EAA580C97F13B434FAFACED85, 5C6CFD3D9FAEB7274E05F3D19D3AA064624500C616650DE227B849B505662BB4 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
12:05:07.0149 0x0948  IPNAT - ok
12:05:07.0163 0x0948  [ 9A6B993A95CCA15502DE3C980508DC44, 370A1A4531A72CFBF331ED274913925A269115A13E3A6B5E1821FB48DD7242AE ] IpxlatCfgSvc    C:\WINDOWS\System32\IpxlatCfg.dll
12:05:07.0198 0x0948  IpxlatCfgSvc - ok
12:05:07.0210 0x0948  [ 9035C10C7EB8CF7C87CEA82A62EBB43A, A0DA94E80E503DB3C2877CE1BCDC70B3FCC6861ADFBCCE66C6D2592BD63F27DC ] irda            C:\WINDOWS\system32\drivers\irda.sys
12:05:07.0237 0x0948  irda - ok
12:05:07.0245 0x0948  [ E7FD479E3298F3C8852A0D2F092BDB35, 07F2E779268EBBF4F32ED1C8423493B36BA823905E71B524C6AEBA0093193307 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
12:05:07.0268 0x0948  IRENUM - ok
12:05:07.0285 0x0948  [ 65B145143F6E5E1B5A213F0D9F4C4C44, 0E390BD8D7B4B9562E8FEE0D109DCE0D9EA823FD2D20B39FFACE3331F30FE5BC ] irmon           C:\WINDOWS\System32\irmon.dll
12:05:07.0307 0x0948  irmon - ok
12:05:07.0341 0x0948  [ 7FE3B3A30FA20F27AF7022A01C2266BA, 8AB924F08ABF1DCB154B6A3BDB7E3E5A863008B5AFF8E3DB9759848774E00E8A ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
12:05:07.0356 0x0948  isapnp - ok
12:05:07.0389 0x0948  [ 618707F3F742BF67AB578808171F60EB, AC9322483A450856B60F61D0CC58380148C52451863364C6FF3A2FAB4173A7A5 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
12:05:07.0415 0x0948  iScsiPrt - ok
12:05:07.0432 0x0948  [ 48B904D31F2369D7B0122617038D3F5B, 8A43CB37667929CCCC37B6E79E82509BBCA6C8884B44059DC87BCA7C21BE7FE1 ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
12:05:07.0446 0x0948  iwdbus - ok
12:05:07.0466 0x0948  [ D36B404BF979297C6572AEF98B2594F2, CB2F4E6589936D35D59CA70B39A29D091540EA125BE4B937AF92CEA0C6D0AAEB ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
12:05:07.0484 0x0948  kbdclass - ok
12:05:07.0490 0x0948  [ 7E2036A846789D6D6A2EE21915017EE1, 82AF85CA30B440E453F7694C7EDABB5D2DB213AD2FE8620B92667DFB492229A1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
12:05:07.0512 0x0948  kbdhid - ok
12:05:07.0525 0x0948  [ 4C054B8E901F41F5743DADE8A29FF256, 1009CC2503E08AFEA849BA83135C2D75C573FC4D6EFB5DBCDCC7ACB17AF83152 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
12:05:07.0548 0x0948  kdnic - ok
12:05:07.0560 0x0948  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] KeyIso          C:\WINDOWS\system32\lsass.exe
12:05:07.0579 0x0948  KeyIso - ok
12:05:07.0601 0x0948  [ BA7A5838866618A4E82FBC05B8923605, 96E898C7768BED66487A00E02B2E50516602BCF54E6648F5528E3334AE8527EB ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
12:05:07.0621 0x0948  KSecDD - ok
12:05:07.0630 0x0948  [ 6629CAA1F157088B9EDD1EAD24C6D753, 3E5F3BCB34F4B52BE46B96F9F720FE5FB37A01D4E408875F6BB89F5B5C5A3900 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
12:05:07.0651 0x0948  KSecPkg - ok
12:05:07.0681 0x0948  [ 9778205F28DC4F2EFFCC146647FE5CF0, 6B7EFFB08C7757A2830745920A624F89DBD5B323E0A884932FECF06471894F9D ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
12:05:07.0703 0x0948  ksthunk - ok
12:05:07.0745 0x0948  [ 08F9C3F7FE3019BF53B1405B1820528F, E90940533F88A33C396E1DF9D186E945F030315FB2201E479F144E27387333CA ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
12:05:07.0783 0x0948  KtmRm - ok
12:05:07.0816 0x0948  [ ECFFCC67C47A86CA32D0953428699210, F5A06E82FDC092549623FD41C82B082092529808BA12339DE5B1D72B9B12072D ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
12:05:07.0853 0x0948  LanmanServer - ok
12:05:07.0881 0x0948  [ B82D6C634638534E41748FCEC909E55D, C286EB7B3E780549F77E75B4B9F053861D82EFDCD43B1308848A08D23EFADDCA ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
12:05:07.0917 0x0948  LanmanWorkstation - ok
12:05:07.0953 0x0948  [ AF1077E89AD4458EC9B1CABB35595346, 762AE3218B7B05032C4199F0AE9ABCC822C3DF88BBB09536202B6B26A7944024 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
12:05:07.0976 0x0948  lfsvc - ok
12:05:07.0995 0x0948  [ C0CB3B9F1F92C36B91309FDACCDF918B, 5D40C11388A48323D9D9AC18A950B09E2654092BC2F9DE45779A9354668BA18E ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
12:05:08.0017 0x0948  LicenseManager - ok
12:05:08.0048 0x0948  [ FC37745959DFA4871759E4DCC836227A, 8B63F798440FD0A34E2F2940B2598238BC852EF3EFD22147A77AB4BA6FB9E704 ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
12:05:08.0082 0x0948  lltdio - ok
12:05:08.0104 0x0948  [ 1797F544956D46966C67A2F7879403A9, D7820D2F8E936FF13D709BA1BD0541AABA8402F38698FE96DAE70B4E7A730835 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
12:05:08.0150 0x0948  lltdsvc - ok
12:05:08.0184 0x0948  [ AE561CB0813D4DFA7D3E4471B2B70F5F, 344EA5E02D04098F032353962C1B70B0F578BCCD2843C70D6330B3F967D2FDB5 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
12:05:08.0207 0x0948  lmhosts - ok
12:05:08.0227 0x0948  [ 16C9D4D822CCA795A72DC88B25A577CC, AEF93AA4E815F90C1A42D574C6DE7EF31FE69AD7B78B8E1AC7C27304F3CD7959 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
12:05:08.0247 0x0948  LSI_SAS - ok
12:05:08.0281 0x0948  [ 920F0CFCED5F28A31B79F1C470649D11, 5A5F390F2FD7C26807E7896E9F8F94EE7E69FE3C4B247BEA515588EB076148EF ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
12:05:08.0301 0x0948  LSI_SAS2i - ok
12:05:08.0323 0x0948  [ 0FE63316F1C70A0F759A449FAC64C24B, CF99D62FDA862095BA1EB57DD58CEC070E0552E15B6F454B87D593707132636B ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
12:05:08.0342 0x0948  LSI_SAS3i - ok
12:05:08.0356 0x0948  [ 80E82C46B27A923A3744531069B63857, C73A200FC2A009D19F2C26FAC07489EA0F4329CD7A1D80EB3200B19DFC883F8D ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
12:05:08.0376 0x0948  LSI_SSS - ok
12:05:08.0425 0x0948  [ A69A59CD52D26443FF728FD52283598C, E416481B23CDADBB9E608E49C9DC9A520D14935E92CA9B63E7763692DB382D7D ] LSM             C:\WINDOWS\System32\lsm.dll
12:05:08.0480 0x0948  LSM - ok
12:05:08.0496 0x0948  [ 88F5570C04766EE561FF129B2F93030C, A36F7FF563F813EC0F69E5BFB76C58A1C9824F54BA1729C4096E8B7B7C8D90EC ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
12:05:08.0526 0x0948  luafv - ok
12:05:08.0578 0x0948  [ D365217A6D4528ABB41B40C8FBD227E8, 340129785A5788A8FFE0E1B339A616D290F7504F3658F63E1A3B169B38460FBF ] MapsBroker      C:\WINDOWS\System32\moshost.dll
12:05:08.0624 0x0948  MapsBroker - ok
12:05:08.0649 0x0948  [ C3EED732789052C98A2613A7E1C37CDA, D71735C8FB772EEB7F3F304CD79D8D774A9A285A94365DE0E635F61357EC9F0F ] mausbhost       C:\WINDOWS\System32\drivers\mausbhost.sys
12:05:08.0678 0x0948  mausbhost - ok
12:05:08.0695 0x0948  [ 4DCE65116A28488593FF5A6A18B03DB0, AAFA7E7C1C9A38B8CF5CE530F96028191F52B1FDD2790246E413B63CF7C5F02A ] mausbip         C:\WINDOWS\System32\drivers\mausbip.sys
12:05:08.0712 0x0948  mausbip - ok
12:05:08.0725 0x0948  [ 0609BF877A2F4DEECC62EEE220AB6242, 393268836EB055669997BD05866487497AFC396C9516DA4C4F143679B1DDCA6E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
12:05:08.0741 0x0948  megasas - ok
12:05:08.0761 0x0948  [ EEC64C8D498D121607C7615FDFBEE4D0, B605B9886C1A05C999B005AEA6D0677DF632E2F34F4FF03F09C2E6C05F554D50 ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
12:05:08.0778 0x0948  megasas2i - ok
12:05:08.0810 0x0948  [ 2B7D3B206833D769218A1F4BE2D73B97, 25901A5E931DC3659993448E59ABC3601B7B0ED9AFEF0F5ECC139D0D0442F73B ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
12:05:08.0847 0x0948  megasr - ok
12:05:08.0889 0x0948  [ 034338E2F6F123727F7C351152B084AF, B1E120E838CC8A882FC0C4C5F6D6016E11DD3D067E31B27E532BAD11A5976230 ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
12:05:08.0913 0x0948  MEIx64 - ok
12:05:08.0934 0x0948  [ 4F708DA590EDBCC124FB79066D44759B, B8DA803299AF5FDE1594CF958EA6B99D4B99E8163438A70A692CA33A96DBF8DE ] MessagingService C:\WINDOWS\System32\MessagingService.dll
12:05:08.0959 0x0948  MessagingService - ok
12:05:08.0995 0x0948  [ 89257B8D3826B5629CF7F73F97DA44F9, F056D67EC82072BA209FF7942862862FDF562F8C038F3128861C387F8F63B494 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
12:05:09.0042 0x0948  mlx4_bus - ok
12:05:09.0060 0x0948  [ 9AE3C0CC0865B1618A3C97744A6A9E9B, BF72AEF0360AC278B36ED31E5BFC2E8F72136B0952490A105CB6929654C97F6C ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
12:05:09.0081 0x0948  MMCSS - ok
12:05:09.0113 0x0948  [ 0CD29540C32C2E2E0E3D7E9832752AF3, E64C3F5323C59D53409E33E88989FDD2A38B5B602336FC1D8C3702CA9B5EBFC7 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
12:05:09.0137 0x0948  Modem - ok
12:05:09.0149 0x0948  [ 534477FCAFDFCA6B841BFA06BD26BCC5, 96404FDF0BA2127A3BD24319637EC0C8BE8C42618D9FEDF66F41C5F72840D427 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
12:05:09.0170 0x0948  monitor - ok
12:05:09.0194 0x0948  [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\WINDOWS\System32\drivers\MijXfilt.sys
12:05:09.0232 0x0948  MotioninJoyXFilter - detected UnsignedFile.Multi.Generic ( 1 )
12:05:09.0232 0x0948  Detect skipped due to KSN trusted
12:05:09.0232 0x0948  MotioninJoyXFilter - ok
12:05:09.0239 0x0948  [ F5D4E18A70BA069D479154442CDEB60D, 96345E88BC6A50415E112A4B4CFDF3F4306EA049741C5B0A2BFFC142F15EB5CB ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
12:05:09.0256 0x0948  mouclass - ok
12:05:09.0262 0x0948  [ 5C09868963B0C076AC3BC7759A46B7B1, 64CD200A8D90CDC31317009636A3BB6574ABF04BCAC903F93C47823C40CC03F6 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
12:05:09.0282 0x0948  mouhid - ok
12:05:09.0290 0x0948  [ 8BF7039787036529B98E50AE86A0E46B, 69C04D012D026A14E2D2A138EDA79227F9BE4BE1892D517DCDB797F2A5AEDB14 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
12:05:09.0308 0x0948  mountmgr - ok
12:05:09.0346 0x0948  [ 86C9215967686BB8A6AEE8008D914BF8, 907A156AADC880F06EB7BBBC0C57EC14A205CEE43A2AD509F6BD4040CA4F327D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:05:09.0364 0x0948  MozillaMaintenance - ok
12:05:09.0379 0x0948  [ AD118EC95E9EF4D5223D681D8F183567, 395B76626956F5B7992676B9CA57B2CA075F0CDA881E14B3ED07ABE2DC0EEDBC ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
12:05:09.0401 0x0948  mpsdrv - ok
12:05:09.0451 0x0948  [ 97106D80FD861D5762D5B93D1058D053, 4236FD178ECFC8978FFB3FC0890F357BB4AE10F88AF696617CCD24D93360BA3C ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
12:05:09.0517 0x0948  MpsSvc - ok
12:05:09.0544 0x0948  [ D14C297933C82B8CB0B5CBBA4DDC830B, 2EF356F5373F16A7AE2421187FC5C150C09452C835229275B7403181D65C210F ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
12:05:09.0574 0x0948  MRxDAV - ok
12:05:09.0606 0x0948  [ F2AD1B72C5A6475FB5FF332E1980DF88, 41E24496FBD61C0A333F567DA7C4E38C5A792724FB56448189099F60114749D5 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:05:09.0638 0x0948  mrxsmb - ok
12:05:09.0679 0x0948  [ 84700F40C0E41AEA91F8F3D6218A8A68, 72BB529367095EE19F299232648B7E347590C9F4F89DE3FDA41724BFCAC1F49C ] mrxsmb10

BlackOnyx · 06.09.2017, 11:15

Code:

ATTFilter

C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
12:05:09.0711 0x0948  mrxsmb10 - ok
12:05:09.0753 0x0948  [ B855479BA6A74349CEF8061808C90201, BA70A9EBC2E2895419C5D46806153DCA061E3C836F3D97A622E7672140107F81 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
12:05:09.0784 0x0948  mrxsmb20 - ok
12:05:09.0810 0x0948  [ 44A8A52763381E5DCAE122330191493C, 578630611F151C6D20D52145312F4A824C6FF80E27F282A2109BA6E54FDDC9BB ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
12:05:09.0845 0x0948  MsBridge - ok
12:05:09.0889 0x0948  [ 41C5D9B52F4A1B30C3F7219D601CF12C, E1C1B1CED19D32FA1B765C7C380B9E749893B2018CF358F448E40DA60CB63166 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
12:05:09.0926 0x0948  MSDTC - ok
12:05:09.0938 0x0948  [ 92C00BD9616F353CA59A755C33269757, E67F05A4A1C44137CCAC0C7292A7010B5920172ACAE32638600E231F28F33035 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
12:05:09.0958 0x0948  Msfs - ok
12:05:09.0992 0x0948  [ F27EC8F7A0A779276E5DA2E70C2B01EE, A450DB309F84CAFFCE2A720612BDB260D88E9C390D2BC60874D73A55D8567E04 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
12:05:10.0009 0x0948  msgpiowin32 - ok
12:05:10.0018 0x0948  [ CBA955A54C9446CAAD28C76789D3B071, F6CA1BECA35B13B7CCC9FFB325FACF22713F6B81E8A6540C9967A462E425BBEC ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
12:05:10.0036 0x0948  mshidkmdf - ok
12:05:10.0047 0x0948  [ E8E568EF60677E4534F387C53EE1B35F, 2E250EE1A9AE8AFDCA5216BED87328B05713386BD7E61C66A74EF021F2AFE7D7 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
12:05:10.0067 0x0948  mshidumdf - ok
12:05:10.0072 0x0948  [ 16376B7B0730C04DD1A2C0CC8E09E420, 2F39D3254FD272E277B5496A8C93A7CBFBF80F6004AE0343BE9F09C538975910 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
12:05:10.0088 0x0948  msisadrv - ok
12:05:10.0119 0x0948  [ 75FE54E84C1EB0C9C5E09F9FD5928ECC, 971CFEE8FB8364D17CD392E32A32AE57BE6461EAB6C580B52E6D752D4CFDD6B3 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
12:05:10.0162 0x0948  MSiSCSI - ok
12:05:10.0166 0x0948  msiserver - ok
12:05:10.0194 0x0948  [ C2939119A17E52D74191EFC1E4CDEE09, B5738A32B02CDD816F086BA84C733D9597A0193F42C068D7B90E386D1CA92EE1 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
12:05:10.0217 0x0948  MSKSSRV - ok
12:05:10.0240 0x0948  [ E40B960078A15D4901265D32E071C42D, AC11B8221C8F529FE3CA6FEB99AF699664C86008A732C3A8E6B1CE31C2272454 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
12:05:10.0264 0x0948  MsLldp - ok
12:05:10.0287 0x0948  [ B4860AB91DC4E73936F0FF504D6B4B07, 7371093D9EB62218D20F6B8B3C88CBF01932AEA2923ED119962A78BE46E5A939 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
12:05:10.0321 0x0948  MSPCLOCK - ok
12:05:10.0330 0x0948  [ 8EDC45C3F7F64A51C98B59E24648F74B, 445731F32A37A99FAB3CD5D178A84FB4F835727826211FF18623409D29FF3A1A ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
12:05:10.0364 0x0948  MSPQM - ok
12:05:10.0379 0x0948  [ 7DA5FAC2A49D30CA5B7B96B8B26281AC, 168C3AA5C7318184D8F67EA832920FCE64E11D4CC418517D7BDACB9632F0BEA8 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
12:05:10.0407 0x0948  MsRPC - ok
12:05:10.0427 0x0948  [ 7E3365C8BC83DCE88D6226BB5C7170C4, 69D741039CAAFCA93A4CC09CEC14F117527D732A6CF3077AA83E935B03EC3F9C ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
12:05:10.0443 0x0948  mssmbios - ok
12:05:10.0453 0x0948  [ 09D51564E49181E9928910D6B91C920E, FB3C918820ACF4506AC49478709B4D4C6489BA0B5113E666C34B916CA5CD6DE7 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
12:05:10.0486 0x0948  MSTEE - ok
12:05:10.0505 0x0948  [ 793AE56A3946EAD5F906C28D294FEFE6, BB563D088084026606C2FBD30A0850BA18363CC173CC6C77272D727CA6C1F9BD ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
12:05:10.0524 0x0948  MTConfig - ok
12:05:10.0532 0x0948  [ E35F51C7474A26680627477462715206, 435490915CDD416D666B64C6B4526285EC946E6918CFA85585692B9ED43518B6 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
12:05:10.0553 0x0948  Mup - ok
12:05:10.0565 0x0948  [ 74BD1149BF50F1E24934042A3BD17C90, DC4626DC4D629CA7DF336EC7E6435F27D2E252D81945E57F4BF2C981DBCD9B45 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
12:05:10.0582 0x0948  mvumis - ok
12:05:10.0615 0x0948  [ 39C772E20B8C61858F969E4D60699D89, 32146D265CD315597C48FB233D77DDACB0FEDDB7E800A0F411A67844BB3ACC67 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
12:05:10.0663 0x0948  NativeWifiP - ok
12:05:10.0721 0x0948  [ BC80F85C129F12A5F64D6741A120B539, AD410F13BCBDE54F98E353BD4DAF30CC5A0A9990FC4F1AB3623EF3175EEBCAF7 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
12:05:10.0786 0x0948  NaturalAuthentication - ok
12:05:10.0805 0x0948  [ F2EA6F3165E154C24C084AC35DD6C3F8, 4F8CB75770945F5A28CC308917A124109F7462CE933695B9CAA3FE2CAE76C445 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
12:05:10.0832 0x0948  NcaSvc - ok
12:05:10.0850 0x0948  [ 9B3C6582CFB91BA2A04B1D06D8E2FB98, 431E6B075FD24002724E8A2ED9FB3221AD66D1F1D021B56466187D97E5B43A1F ] NcbService      C:\WINDOWS\System32\ncbservice.dll
12:05:10.0887 0x0948  NcbService - ok
12:05:10.0895 0x0948  [ 932E2E43078A3D786A46A5428F21B314, 17F1CC3388D80F1E1850063114C1EB72EEA149D9C8FA3501C0F9EB55C9E0C58D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
12:05:10.0925 0x0948  NcdAutoSetup - ok
12:05:10.0943 0x0948  [ 0FFE8AF1B94C5FD54E6ACC6DAE990D31, B67D3CA3460D4700D8B83EFE4B6A7AA940650E84D985484FBAA1EE80F3632133 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
12:05:10.0961 0x0948  ndfltr - ok
12:05:11.0027 0x0948  [ 59F3D5FEF4A24871C07C279762DA8624, 00DD19E3FBC7FCFE2768409E2B4AE931205D53A22072D958950E8FBA1D14F071 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
12:05:11.0098 0x0948  NDIS - ok
12:05:11.0115 0x0948  [ 4EA73CFDEE4A628D387D95464A131F29, 38A6E2389FA9B20A7AFDF3CFCD13B66489B92D853EE486BF81019F0A36A142E1 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
12:05:11.0150 0x0948  NdisCap - ok
12:05:11.0180 0x0948  [ EB127689AF6F24091AB73538A556257F, BC25067D355084D6893E9262750433044C28893BB27A67BF7AF5008742C6D359 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
12:05:11.0217 0x0948  NdisImPlatform - ok
12:05:11.0232 0x0948  [ 73B4C72FB6170A08C64BDA92DE93ECF7, 766BBE659232F0F5EAEE577EE88091FB76175BC52D65B9637126069C97E795D4 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:05:11.0270 0x0948  NdisTapi - ok
12:05:11.0286 0x0948  [ 6704F27EB15A5B30AA7FA5A4F4D1FD47, 841F99B3C751F4D4E23C0E7B5C275B4871C1D5EF937A93129DF64DF49F6B6736 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
12:05:11.0308 0x0948  Ndisuio - ok
12:05:11.0322 0x0948  [ FE87CCAA89433FC306A80F15E848F4B2, 3269FDF53DA59057E066D582FCBB96B71C8063B8F488856A9DEA414B4797E43A ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
12:05:11.0343 0x0948  NdisVirtualBus - ok
12:05:11.0369 0x0948  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
12:05:11.0411 0x0948  NdisWan - ok
12:05:11.0422 0x0948  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:05:11.0462 0x0948  ndiswanlegacy - ok
12:05:11.0480 0x0948  [ AC6AC99075732F5C29DB0004DD5B1AC6, 684EC821EF5C60DA540CA36EC192B09E62440AAD5B13F0F4C23DDC4A9B96F28C ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
12:05:11.0516 0x0948  ndproxy - ok
12:05:11.0540 0x0948  [ 9AC090451D92E6081EB89CDA83D74189, D4D442412F112853AA8D88DFB5F695AE4E8E2C361905992537EE53BE675FECE8 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
12:05:11.0578 0x0948  Ndu - ok
12:05:11.0596 0x0948  [ A115DDB2C7805C41EEC9A5276FF5764E, FC81D0BE2DAAC6E7161C0FC5C90050022A39AD50E28040D5357C0E1FD6C0B6B5 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
12:05:11.0630 0x0948  NetAdapterCx - ok
12:05:11.0646 0x0948  [ F420B6CAB5151A38E4DBBFFB500C11DA, 271F495B261461B8EA847BFDD87C155E6DC1B6236C161B8253A1F023706B1B1D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
12:05:11.0663 0x0948  NetBIOS - ok
12:05:11.0687 0x0948  [ 30C2F67EC84EB11B22011620107E0325, 98088685F457566FD8D13B83A0BF6B06CDC70AC156B67BF87A8A8446C150C1F3 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
12:05:11.0729 0x0948  NetBT - ok
12:05:11.0743 0x0948  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] Netlogon        C:\WINDOWS\system32\lsass.exe
12:05:11.0759 0x0948  Netlogon - ok
12:05:11.0797 0x0948  [ D9FF8CA42C3541F4840693F17143C595, B05FB0B6439B34BD93EE59DC48BBE3D712A7428EFBFE37A887CE8546E57EE68F ] Netman          C:\WINDOWS\System32\netman.dll
12:05:11.0830 0x0948  Netman - ok
12:05:11.0874 0x0948  [ 96173660A4DD4A56E4B8938A67DAD9B7, F1D8F94625C6461DB89F8D3BDC73748F8A7F3446694BD1F148AF9BE6F17E9543 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
12:05:11.0930 0x0948  netprofm - ok
12:05:11.0957 0x0948  [ 79C810D49E6D2825F51B0D7CAA6E2FAD, 19B7FB87FC8CE8FEA456F06D32099ED5B69FE38D2954580D4CEC32998D206E9F ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
12:05:11.0989 0x0948  NetSetupSvc - ok
12:05:12.0037 0x0948  [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:05:12.0074 0x0948  NetTcpPortSharing - ok
12:05:12.0113 0x0948  [ 8C03F2F5A9E93AEB08B3AEE51552394A, F95185FB8D5FDEAB39E593488BA6ABCFA9C081BFED05008E0CD95F29B894AFC8 ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
12:05:12.0138 0x0948  netvsc - ok
12:05:12.0266 0x0948  [ 99C24A7DC1F3D4845553B4BD189274A0, 801C2A1F12E6F0D646E92C98477FCDB84C6743803CD7365B774B0F88EB650584 ] NETwNe64        C:\WINDOWS\System32\drivers\NETwew01.sys
12:05:12.0457 0x0948  NETwNe64 - ok
12:05:12.0510 0x0948  [ 0C124EAC0EF7B3767280C94A8C03615B, D10216726A221C8FBC67C47F4B266C271A7C7A4438F77AC44BB561E0A6EB6D34 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
12:05:12.0553 0x0948  NgcCtnrSvc - ok
12:05:12.0614 0x0948  [ 9ECFD7DD594DBEAED3A2889045B2DCBD, 984B10A88E304B805153C49B3D618315926635A270AB34D2976E7AA5AE00E2F4 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
12:05:12.0684 0x0948  NgcSvc - ok
12:05:12.0725 0x0948  [ 50F98CD010326B58F09082BACF3123AE, 124446A2905E23BB3F5763E347842F3F511EC44C37C2F85E409F73EC8F53924E ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
12:05:12.0775 0x0948  NlaSvc - ok
12:05:12.0814 0x0948  [ 6D8F6A9C53CFB0C49E8251A442B7283F, C3E913E4997C35A9B4C2E613A499F01D15264EAB699B93269B690B2A74A70E9A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
12:05:12.0836 0x0948  Npfs - ok
12:05:12.0840 0x0948  npggsvc - ok
12:05:12.0858 0x0948  [ BABF7E1757D6908941C9F9CBD66A5EF0, 323E743CB26583763A9C5DE64E7E08138CB8D3E2DE0A8BCE9F774E1C7426E7F8 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
12:05:12.0879 0x0948  npsvctrig - ok
12:05:12.0885 0x0948  [ A85EB5721C7203AAAAAA04F551960CD9, E61ED728E154799346C749159BFE36FAEB2CE64FC5735F533B910017D66A7EE5 ] nsi             C:\WINDOWS\system32\nsisvc.dll
12:05:12.0907 0x0948  nsi - ok
12:05:12.0917 0x0948  [ 7A6BA778B48DF9FB7AC231D4FF6E3248, 5959CA59C75D2C4DD8A539CAA8D99EF6A0CB5AA3F0D485B14C8B35911748F1F7 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
12:05:12.0939 0x0948  nsiproxy - ok
12:05:13.0040 0x0948  [ 075F8C81457804BB79DD33FE69A96C57, EFAA1C6CEEC995E87EB15DA40178EA3534A73C8F6ADCF5F3FEC1C7BB99B78687 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
12:05:13.0158 0x0948  NTFS - ok
12:05:13.0187 0x0948  [ 4FFB2D5655D10700D5B8E205C4DB86BD, 69078960669A373F9C2D47AF2ED841619831106B681EBAAEAAE5BD569A54CE6D ] Null            C:\WINDOWS\system32\drivers\Null.sys
12:05:13.0207 0x0948  Null - ok
12:05:13.0221 0x0948  [ 99EB6376EC2C03CE5F668577651E3454, A783FFBF89A9074E2074ACAF3F55862DF2F05CAFEAF6A2D509DDA665EB0D59CB ] nvdimmn         C:\WINDOWS\System32\drivers\nvdimmn.sys
12:05:13.0244 0x0948  nvdimmn - ok
12:05:13.0268 0x0948  [ 3DB2E9E207358BFBD09B77B5119ECA5B, 55FED85EFC06B7AB5031D9986E4E4D2FA8841C549081ABBA9F9D9BBAB7852B37 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
12:05:13.0288 0x0948  nvraid - ok
12:05:13.0305 0x0948  [ 4C04BFBD4DB2EECCC47F5FA39D65BB6E, 9312DC4F7000991946D92D87DD9D37D70E336629EDBA553BFC79804049E34B73 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
12:05:13.0326 0x0948  nvstor - ok
12:05:13.0367 0x0948  [ 0D611DC17E48B6F8DD466A089170D118, E55A78E2CC6A0A5F7B8F0B75DFB2297FBC3B959C4FDEFBEA1C6C4E7706724AEB ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
12:05:13.0416 0x0948  OneSyncSvc - ok
12:05:13.0458 0x0948  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
12:05:13.0493 0x0948  p2pimsvc - ok
12:05:13.0518 0x0948  [ D1A9C22A98A10EB11A190B8FC7C07C6A, 1DE5F07E707DA9D833F105A8D948BBAEF0172DB2147D9A665EC7320F88D57B9E ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
12:05:13.0558 0x0948  p2psvc - ok
12:05:13.0579 0x0948  [ 2CC6C325B271C7CA60F374F8F868CB45, 569391CA5DF003ED33CAA89FD38834641023C24F7FAE2261F6DA8ABC5CC9C3C9 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
12:05:13.0602 0x0948  Parport - ok
12:05:13.0617 0x0948  [ 664B7DDEE982ADF5EAB480C75B9F6218, 1D1403CBD75916B83EEFA9B235E237583C40025C87C13676247F1EAD3F1D33EE ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
12:05:13.0638 0x0948  partmgr - ok
12:05:13.0666 0x0948  [ 72ABB842C15A6C3AC3D954308C6BF206, 8F2A69E3BE43BCD2C8A39153062216B5CCEC9FA62205EC8A23FAB209DFAE7062 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
12:05:13.0701 0x0948  PcaSvc - ok
12:05:13.0716 0x0948  [ C5B74C6D87E77BC64DEBD1BF57DEB375, AEBC86E404D4E3985D9FBAD9913AC52127DDE7C79062830717CDFEEA4CD7CC0B ] pci             C:\WINDOWS\system32\drivers\pci.sys
12:05:13.0743 0x0948  pci - ok
12:05:13.0788 0x0948  [ CFB85CB7A6F6926EA0EB96EDFB3C8A91, 7B3A58C165DF231BB202D8A2036272932439864F8EBDC62811E2BEFA8B36FC01 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
12:05:13.0803 0x0948  pciide - ok
12:05:13.0819 0x0948  [ 13B7D84B397A90E82682C47A15C3A98D, 7F897DA83209381A8C26B34416899E276256AB587DC4E2B60B185CAC8D1877F0 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
12:05:13.0839 0x0948  pcmcia - ok
12:05:13.0846 0x0948  [ 76EA512FD9D4673CF7A57775EE8922E2, 6D2B90616A46BC4F9BB6BACBD78EB33C23834987365C87617AFC2E147871C984 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
12:05:13.0863 0x0948  pcw - ok
12:05:13.0902 0x0948  [ 10E48E45A03A7F4C2B7C11738BE87816, 44870E26C3B75D51F5035DE78E62F3EFF222D314DAACBD60AE40BF34BC706F2E ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
12:05:13.0922 0x0948  pdc - ok
12:05:13.0968 0x0948  [ 4F190BA3C9BD2F0277BCBF480F396091, F09613C76350706992B39D7EA9B859D28F00790E5AC17CA7D49C3E270B9D8994 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
12:05:14.0046 0x0948  PEAUTH - ok
12:05:14.0062 0x0948  [ FE52FF97A094609429FEF098EDC6FB08, 6762ED340048AF61B756CB7B576BE2057768FDB677623D01F2A592727C0E5A00 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
12:05:14.0079 0x0948  percsas2i - ok
12:05:14.0091 0x0948  [ FCA143274792F12383C35902E801E83A, 87D93226E32153794993035553C9935D07242631E182460D8ED13650175C0F01 ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
12:05:14.0108 0x0948  percsas3i - ok
12:05:14.0251 0x0948  [ 4DAD2C73778D41F951B33854936E7BDC, 1421FDA2D083D5923422A038C54603BF798C48DDB7244DBEDA46D537B8CE1534 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
12:05:14.0296 0x0948  PerfHost - ok
12:05:14.0356 0x0948  [ B730E963A31B73938A76D7B80666D60D, FADF452637E2EB50CC8C0E75956FE01F029C587F6EF2F8B347213263DE9D3A80 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
12:05:14.0429 0x0948  PhoneSvc - ok
12:05:14.0454 0x0948  [ 97D85602B8131C487EB08A36F7343F5E, BEDC106AF06358D40BB034390645A5BFF9C138CFD51B5997D32614741D3D2372 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
12:05:14.0484 0x0948  PimIndexMaintenanceSvc - ok
12:05:14.0540 0x0948  [ F9FB601621FF33376F3908C2C27C6EF4, 8689565D4FD1C68826EA0A9C2B44377A2AEC3CD812595F0D32904D8FA5809672 ] pla             C:\WINDOWS\system32\pla.dll
12:05:14.0650 0x0948  pla - ok
12:05:14.0681 0x0948  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
12:05:14.0717 0x0948  PlugPlay - ok
12:05:14.0755 0x0948  [ 414CA4DCC31D795882B25ADC1DACE779, AFD8D9AA24C64DD9569FDCBE65171810FE27AF24B8DD2941FECE6245EABB6AAC ] pmem            C:\WINDOWS\System32\drivers\pmem.sys
12:05:14.0779 0x0948  pmem - ok
12:05:14.0791 0x0948  [ D54385DD5A39A5636D1587FC9ECFC337, DEEA5D433CB2DA55AE58C7C5431A1249C94B61606F0A75E4A44D516619060263 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
12:05:14.0814 0x0948  PNRPAutoReg - ok
12:05:14.0835 0x0948  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
12:05:14.0871 0x0948  PNRPsvc - ok
12:05:14.0919 0x0948  [ 118E91AEE8F6DDAD088F955498CF2487, F4447C64CF1F36432E0FF09B6712DCE61BF28E3499F20C6C69E80D98B42D671E ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
12:05:14.0962 0x0948  PolicyAgent - ok
12:05:14.0991 0x0948  [ F6A0B848F75CF55E3980EA0FADCBA317, 11D8B12B4DE867B180965B0F2FD0F362265C518F76FE3351A2B7C9C2FFC5E137 ] Power           C:\WINDOWS\system32\umpo.dll
12:05:15.0020 0x0948  Power - ok
12:05:15.0043 0x0948  [ D292D7FADCEE481CC64A9DE8FE9C3347, BD870A375E33CD8434CA97FFE9C2F84E58C6CD0EAEEEE8922172CB01F9674B55 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
12:05:15.0082 0x0948  PptpMiniport - ok
12:05:15.0238 0x0948  [ 5404E7A968A26DF03793B6F68536594D, BE5A85581E87EFE4DB43AD17B8D42D3F7F32364AEEC1416DBB94279C4A203FF2 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
12:05:15.0411 0x0948  PrintNotify - ok
12:05:15.0438 0x0948  [ D57CF871B3977731A91FE9611A54C7C1, B6C7F685716A88D0978377B83C5320C88EED0CAA44A001849AAFF71E4E0682E7 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
12:05:15.0465 0x0948  Processor - ok
12:05:15.0507 0x0948  [ 56A7713DE64B16FB309D132E88FDB098, A658C8DCA87442F33B726A9B2060B20393D83B8658D0894C046CAFEAB00E2D8A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
12:05:15.0550 0x0948  ProfSvc - ok
12:05:15.0569 0x0948  [ B60431D2A046AD97F8427F6E568370F5, CD488E343585A5AC19D9AAF88BF0BB7EEA1BC48F6DA4A4FBF9BE5A04ECF5040B ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
12:05:15.0589 0x0948  Psched - ok
12:05:15.0608 0x0948  [ 2C1686795B9307265F649249AD11D629, 51E4CFA39995B155724CFC9AF45B83F674F300907B2A405F003AE09E7C6F6E1A ] pwftap          C:\WINDOWS\System32\drivers\pwftap.sys
12:05:15.0633 0x0948  pwftap - ok
12:05:15.0700 0x0948  [ 5960B24813CA497D5E2A51333C5CB826, E977788AD4EFF1C602191A93DE0DE3931B31F61B1AB4BD68FA81C0A39894BE87 ] QHActiveDefense D:\360\Total Security\safemon\QHActiveDefense.exe
12:05:15.0742 0x0948  QHActiveDefense - ok
12:05:15.0789 0x0948  [ E0DCCA2A78516D155A6485CCA99F0EA5, EAFD24F815ECD6373BEC8E75B24FB54694CB8E4FF430FB6886F9B5B1C1762BFC ] QWAVE           C:\WINDOWS\system32\qwave.dll
12:05:15.0833 0x0948  QWAVE - ok
12:05:15.0871 0x0948  [ A2B0F46FBA2521E7E732BDBDB1238515, 7F0FEFB09770BF5889D6C2219F68399C962A3F1071E70C4951B6FDAE196CF041 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
12:05:15.0905 0x0948  QWAVEdrv - ok
12:05:15.0935 0x0948  [ EA9EB06EFC325CD2ACF5DF2F26A4894E, 32AC7EDB42CDA736E2AD9AB67795735F16234D9BD80D56FDAE5B8B3C3C1CC26F ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:05:15.0957 0x0948  RasAcd - ok
12:05:15.0971 0x0948  [ 4E9379389D0A851DD19D130C8FAEFBD0, 279A25EF8949A5BAF311CA75493A5F89F74A02711EF875F67D0A95849B409C00 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
12:05:16.0011 0x0948  RasAgileVpn - ok
12:05:16.0045 0x0948  [ 3E8CB44832FE3F96047187291523CDA1, 999A10D4D50CD2C39309FDC04A9F4CB0959BA061AE9305D4DF7F00F37F3813F9 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
12:05:16.0073 0x0948  RasAuto - ok
12:05:16.0087 0x0948  [ 5279EC98F6218D29EADDFECCC0D80E9A, 6F376FC3BEFA9F521635192177962AF1F41173502EC067896B7C2A5FB71E7A3B ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
12:05:16.0126 0x0948  Rasl2tp - ok
12:05:16.0185 0x0948  [ D5E9823BC7CD1149917CC49AD4052D94, 4A40400FC1B43EF3EADA420F9898AF2A24585199B6F11AA8C2E7E15E2CDA3BAA ] RasMan          C:\WINDOWS\System32\rasmans.dll
12:05:16.0248 0x0948  RasMan - ok
12:05:16.0264 0x0948  [ D7FF75ED7A48FD60A573C9E959CF4DB5, C67673E2D678527F8C07C9BCC487D385B92282D9D73396CFB01F14F5211CA991 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:05:16.0288 0x0948  RasPppoe - ok
12:05:16.0306 0x0948  [ 6A4E45A7F17FA0B4B1B48C550E311944, 1E84A559B7AA5F07E8156D223EFFB1B2B43D1E4E90E561D8DF2C257FFBCFDC0D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
12:05:16.0343 0x0948  RasSstp - ok
12:05:16.0374 0x0948  [ F2C575A9657F7B2E027C6CE7BC8F1A2D, 5D002488CCEDCEBF0542F508FCE47DC9105C67D5685489970048437BD243AC0E ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:05:16.0405 0x0948  rdbss - ok
12:05:16.0422 0x0948  [ 9414B22E093243636D362BF8C8C12A67, 575CE91AFADD771CBF86377962EDFAF70150BBA575F8DF144FEE6CC1C0FF88E0 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
12:05:16.0444 0x0948  rdpbus - ok
12:05:16.0466 0x0948  [ 53A01D3FDB701AC5D9DDE4140227E3D9, 833AF0BAAB49B58C71C684D2AA20B900C27E19DDCE5E15355C7ABAAB33BC7673 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
12:05:16.0493 0x0948  RDPDR - ok
12:05:16.0528 0x0948  [ DF32ED51DC0C3F6F3B1C4CEF71B8B426, DBEAD271B5DE6439E3106BDDB8B1E47D7BA47AE203CF3E1F8924CE02FDCA6E0B ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
12:05:16.0543 0x0948  RdpVideoMiniport - ok
12:05:16.0569 0x0948  [ 2369A5B651308E0C3458143976E9B03B, 0EDE99F7E2A7668E90C2FCA11D4BCE0676FBEA2CCFB57A004827CE5FE96D1584 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
12:05:16.0593 0x0948  rdyboost - ok
12:05:16.0658 0x0948  [ 3581FB9529035F8EC6DB681664CA70B1, 0C7BCD6A3B4248683C52B69F0B373D5929C2375F9BBF6CA80C480A8E7446A30C ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
12:05:16.0736 0x0948  ReFS - ok
12:05:16.0777 0x0948  [ 79E1ADE19D8B7C56EF29D098EAF57AD0, 295D0F04359A00849759976710F6CB83DB96E5007946930EA19865620EA3EFE7 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
12:05:16.0827 0x0948  ReFSv1 - ok
12:05:16.0873 0x0948  [ D91C597DE82E1500525945E1FFF24B0F, 3F5837A743715FB2CCBFC9458FBE010AED170B46515925D4C7C59BBAC792F695 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
12:05:16.0917 0x0948  RemoteAccess - ok
12:05:16.0945 0x0948  [ 19D1072193DAF71C97E5A05FC7673BB3, 313C3762CCC490C20B5561A78E6002E7A52F0142B370F17849DD4AB2F0AF6513 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
12:05:16.0984 0x0948  RemoteRegistry - ok
12:05:17.0031 0x0948  [ A12D167F73C3E285AC623BCA62B3A8BC, 6E8213808C22C0688BD40721FBBBAA88BFEFA1BD304BC19AA015FC541CA5BF84 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
12:05:17.0092 0x0948  RetailDemo - ok
12:05:17.0114 0x0948  [ D31B2CD9458D2E212A5F24D56D2FB8D5, D8EC0BDB9D143C050A48217C57AA1BA6D60EEFEF67A98441064BD8FD339987DD ] RmSvc           C:\WINDOWS\System32\RMapi.dll
12:05:17.0158 0x0948  RmSvc - ok
12:05:17.0188 0x0948  [ C79F1F7C8A5FCBE90E3C833299AA1F59, 7969E79B2095BDA144AA369DE21F49C9FAD272B5864B2F0FD28CB28D148F2AD6 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
12:05:17.0213 0x0948  RpcEptMapper - ok
12:05:17.0248 0x0948  [ 1CE6928C1587F9760F7C3A036786CAE8, 3E4F5371E0DDDBA612BF61891D17D691DCAFB2E1010BBD84737FBD98DA8C03DE ] RpcLocator      C:\WINDOWS\system32\locator.exe
12:05:17.0283 0x0948  RpcLocator - ok
12:05:17.0327 0x0948  [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
12:05:17.0394 0x0948  RpcSs - ok
12:05:17.0421 0x0948  [ E87EECED9287C275B6CF30EB598B1D77, D0C5D4E37A3FAD422C0ECFFAB53904D9FD5385129DE2BC5AF75D91CD016EA6AC ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
12:05:17.0455 0x0948  rspndr - ok
12:05:17.0482 0x0948  [ AB7C0639DF052528C2CB06D0EAE115EC, 5D709DE453FBC3DD880859D2B11BCB780FEA8C0618AA47622C85BD414EC540BE ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
12:05:17.0531 0x0948  rt640x64 - ok
12:05:17.0574 0x0948  [ 4DBBD2B451A2C45536F14FA972DD3E83, 22B47D79452593E57640B70F3A2EAA9D448046BD1BACBFD2851366DD6FC6DCAE ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
12:05:17.0600 0x0948  RTSUER - ok
12:05:17.0614 0x0948  [ 6308366D3CDEA5F427CFF4BCF0081B4E, ABB91A41C09A1607C66BD380FD0A3EECAAF9AD534856CCC78DE1A4E450ADB07F ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
12:05:17.0634 0x0948  s3cap - ok
12:05:17.0668 0x0948  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] SamSs           C:\WINDOWS\system32\lsass.exe
12:05:17.0684 0x0948  SamSs - ok
12:05:17.0710 0x0948  [ 33B2DC5C2F19DA89F862484E23D9833D, 1C3BD1804767D087BE1510EEDCE94FFAC096922C821A123DB1BACDA5777246A7 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
12:05:17.0727 0x0948  sbp2port - ok
12:05:17.0753 0x0948  [ 53F03A8A228D6C8016139A4B2583A2D8, 8EA046C7537B2D926D3AE1F058A9880F823EBEA6DC77F312082EDE1722F08236 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
12:05:17.0785 0x0948  SCardSvr - ok
12:05:17.0806 0x0948  [ CBCC25CDF5D30ACB253CC92ADC7D569C, 0DF0DE3B0F0007E4F3D663EB7CC503C38B5A99F5859A6BD8564F8153F1D925D5 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
12:05:17.0835 0x0948  ScDeviceEnum - ok
12:05:17.0855 0x0948  [ 5CFEEFCC6FAD1FD09ACCFBD652DDD85B, F90104CC42073ACD48A2FCCEDF58B57D8663223406ECB0A270140A053E9260B3 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
12:05:17.0895 0x0948  scfilter - ok
12:05:17.0961 0x0948  [ 5BBFA6CA63E8A5BB8FA2FA84A5562CE2, C74CD0A76473343A8620D26C96F7300026C295EDF61B8A336AB326DFE861678D ] Schedule        C:\WINDOWS\system32\schedsvc.dll
12:05:18.0034 0x0948  Schedule - ok
12:05:18.0054 0x0948  [ 5C8620FAC0E3C1658C8EF7AD7BB7EA5F, FEBE7FC79FCDF692167D82DE54031FD68BD2941544007EEB3D82C21E7F1C5C83 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
12:05:18.0073 0x0948  scmbus - ok
12:05:18.0089 0x0948  [ 62E13528B9F900A5662E243D4315F10B, B3F4868E80A3A2EDEC19E5AA32C96FF90B08D6B9BD35B80EA01E6A098D46040B ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
12:05:18.0117 0x0948  SCPolicySvc - ok
12:05:18.0150 0x0948  [ 71A494A502F24465317E88E80F6C0C2C, D85F139982804B8419D7CCF01F35CCDDA580BA5276A6261D0662028080F7765B ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
12:05:18.0174 0x0948  sdbus - ok
12:05:18.0200 0x0948  [ 464B615872981015AC4FEEBDEA83A063, 5CF491352B267241CA11F08E72E6EA668A595662561892E0D02CCA5B71172E14 ] SDFRd           C:\WINDOWS\System32\drivers\SDFRd.sys
12:05:18.0216 0x0948  SDFRd - ok
12:05:18.0232 0x0948  [ 847F01FB8504425BB255856A14278A86, 41997D25D12779CA79551988C56FA0A302367076B09A82F620858EDDDBFCE3FF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
12:05:18.0259 0x0948  SDRSVC - ok
12:05:18.0282 0x0948  [ 6BC219F1D9CDE08CEB9084ADB41FBA01, DA8AC3B42A72515A1976961976203A52D4C8636586EB5EF6B466AAF967A6567E ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
12:05:18.0300 0x0948  sdstor - ok
12:05:18.0310 0x0948  [ 2AE8505519C7E8A903DD7BE793A79846, 7044B1BC183E028BCFB544489B033F0968F033696F9816F354329ABD26C6EE7E ] seclogon        C:\WINDOWS\system32\seclogon.dll
12:05:18.0344 0x0948  seclogon - ok
12:05:18.0382 0x0948  [ 1D4F5F50BEA1329FAEFA5D15F683F87F, C5E0BFFB4E4589AAD87D8BA0F779DC94ED6F85A8003B71D0A858CC32912A3F0F ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
12:05:18.0411 0x0948  SecurityHealthService - ok
12:05:18.0458 0x0948  [ 77FB9BE8EDDCC999D09F2B1A7878A2A9, 589774C006A339FCA9772C37C9103C73C8592E018553804B97F34E2A0069A3F7 ] SEMgrSvc        C:\WINDOWS\system32\SEMgrSvc.dll
12:05:18.0573 0x0948  SEMgrSvc - ok
12:05:18.0592 0x0948  [ 25456AF499A0C9C4A93CFAC70BDE9CC2, 885C1A9C8BFA73D9C9C454759DF871237F7C0F28D879E98B4BE0D0113C549B09 ] SENS            C:\WINDOWS\System32\sens.dll
12:05:18.0638 0x0948  SENS - ok
12:05:18.0709 0x0948  [ 892C955E1081412942F64679E0DD7A5D, 6A28012270FA1FB3BB279102C67FA5296564630181C887E1EA6EA1F952A30C37 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
12:05:18.0827 0x0948  SensorDataService - ok
12:05:18.0869 0x0948  [ AA4BA5CCB3B01E23605ACE13F4A94ECE, 7D8374FA03C33CFC7EA7CF680F81B0090AB22076E389EB6B6233F696FC63E1B0 ] SensorService   C:\WINDOWS\system32\SensorService.dll
12:05:18.0915 0x0948  SensorService - ok
12:05:18.0939 0x0948  [ 00897F867A525D2118DF98E2DCADA050, ADAEB414EE5F3EFE90AE8A56136FB0165CF68962661FE0B937150235DE1F4DE6 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
12:05:18.0970 0x0948  SensrSvc - ok
12:05:18.0987 0x0948  [ 585329F62195A4B7AAD0A95F6EC89751, E7ADED97ACA8E8E06C368E24702C22D4C2B0B9495DEA24A2DC2A30782099BDCE ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
12:05:19.0005 0x0948  SerCx - ok
12:05:19.0031 0x0948  [ C8F4FDA8B3D039D7947344614FF5BFB2, 1A3B88EC59F2A820AFE4F3AC65F7149EAC68672D1F0D729CBB575694005A8911 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
12:05:19.0051 0x0948  SerCx2 - ok
12:05:19.0077 0x0948  [ E5B450E4E0DC1591254BF9CCF6C57B40, 958E7378D9BDE1F2EBE736D8D9912D56835A606AABDD042443A35CA37EC70F11 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
12:05:19.0097 0x0948  Serenum - ok
12:05:19.0116 0x0948  [ 628D8DD136F92316BFEB58FA005338B7, 0CDA673D31F40EBD07E9F67667DB6077F23DCADE2DD8376AB550575224625D44 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
12:05:19.0140 0x0948  Serial - ok
12:05:19.0154 0x0948  [ E5BA0B7353ADC5C95AB466D2E4DC89B1, 98F2A22ED892B2610C85EAAAB51DF25939599955A27611FCE9E68C3701CFD4EA ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
12:05:19.0174 0x0948  sermouse - ok
12:05:19.0224 0x0948  [ 043D7B39E693C610036BD56DF30EF440, 329D29CE1CB5F502B7DFCBE24878CA61EC56787A1B02195E19499701B194DE08 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
12:05:19.0264 0x0948  SessionEnv - ok
12:05:19.0282 0x0948  [ 15CFCC4692DA8887B977CE5FC5181084, 31D86E122E35AB9E7275F2B0573EE98770BBE517ED3B9CCED97F4969C9A619F9 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
12:05:19.0301 0x0948  sfloppy - ok
12:05:19.0345 0x0948  [ 87B083252816171A17F833CBCB7AA85E, 200AB93CEF384791DC9B04D2AF17877CA10595B2CEDF4B9505E367A2382C4AB7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
12:05:19.0404 0x0948  SharedAccess - ok
12:05:19.0455 0x0948  [ 490F6144273A85A3CFF3D416850E0611, F703D32580405B9CEF0E601222C2CE584B076B2E58710D66A15AFEA2A6907514 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:05:19.0507 0x0948  ShellHWDetection - ok
12:05:19.0534 0x0948  [ 7CA2E9B6EDC87FCCA9C49D3D9BE62B65, 3FE1A2DD8581BF8D29EA2000424EB992BCA8E00986F107C22489D006F729D2E3 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
12:05:19.0566 0x0948  shpamsvc - ok
12:05:19.0597 0x0948  [ 2339F6B45E1D863B1D327F3AFD75A675, 03304ADC42EF6E8F671C8AA78A0D3E40408D870FBF2DA2B31A1727F86EF8F213 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
12:05:19.0613 0x0948  SiSRaid2 - ok
12:05:19.0634 0x0948  [ F520D50AD7266ED31D25DF4C8EA6BC2D, F68CF9EFB8319E59A8D9C24A36A198185DD79CBACD14510F5450F0024F0CD4D3 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
12:05:19.0652 0x0948  SiSRaid4 - ok
12:05:19.0688 0x0948  [ 8A6571231D93C08434A56E19E33A35CB, 78A12B58D129D5B2017C9A94734656B9F1ED41345DF1D01F82702D4D95C1BE3F ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
12:05:19.0702 0x0948  SmbDrvI - ok
12:05:19.0740 0x0948  [ 70A2FD5F5B7B1A5E1146BE45E4DFB75D, 598824F06BBC2E37B9A6474411637C73233C8D2E13AE963C3229279A8519A9D3 ] smphost         C:\WINDOWS\System32\smphost.dll
12:05:19.0779 0x0948  smphost - ok
12:05:19.0826 0x0948  [ 15684D78C67B63475EABAB5A6ECF32A8, 46BA6830BC42839E22F600ED591E23611E092C2342702F403553BB0B9177E835 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
12:05:19.0884 0x0948  SmsRouter - ok
12:05:19.0917 0x0948  [ 9977AFF389C0C32DE419226564886E09, 453ABAB020E3ACD04A45BD05B224C182A47534C23023C4E1AD1903E5377B3CCF ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
12:05:19.0938 0x0948  SNMPTRAP - ok
12:05:19.0985 0x0948  [ 2334ED0B61CAE7E7B1B454674206CDAC, 4EAA11805C2282E0306A381CF56E4B28D83C68BA1B401BFD512AE70C05C8A4CD ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
12:05:20.0021 0x0948  spaceport - ok
12:05:20.0048 0x0948  [ F3F0B8CAC1F3E6C3382EAFCE762475AD, 9F2EB373FB9216CDA71965979EE5E18F3AFDD26FF7E0C09DD7C3D880205C2554 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
12:05:20.0064 0x0948  SpatialGraphFilter - ok
12:05:20.0082 0x0948  [ 83E82B0E292DCDE4C75B9241BF0FB300, 494D2FD4CD082CC416CA5FF1ABE06BDC65A769F371CF0E18AD25C380B45AEE32 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
12:05:20.0100 0x0948  SpbCx - ok
12:05:20.0158 0x0948  [ 10CD42898C9E4849193E78A87337B2E9, 7C4FCB36EE1AF92C6962F14AE6DEF2CB154468EC3963DCDB9BDF8398C98B475B ] spectrum        C:\WINDOWS\system32\spectrum.exe
12:05:20.0222 0x0948  spectrum - ok
12:05:20.0264 0x0948  [ 29D813B5D84BC2C26BBC607CAA57A675, 2C4D5F4E2F7B6580E22ABF67690B0D32CAF5063DEA79E6F57E565782973F3990 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
12:05:20.0321 0x0948  Spooler - ok
12:05:20.0471 0x0948  [ E910861720DE6EDFB5CC6158CE3C7E17, 526BA8EEB9EE5312FEC39753D728E05F49AD81132346A354C95D4D4938001E2B ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
12:05:20.0680 0x0948  sppsvc - ok
12:05:20.0717 0x0948  [ 36EAC4FE629FC036632F13EC14788FD1, 6AEE37816306FE46FA99EADB23E98CE6A6674C11ED847F1F5575926E26B09F9A ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
12:05:20.0755 0x0948  srv - ok
12:05:20.0801 0x0948  [ A84B05C7C2A233497BE1D518A662C326, 85B291B6783AD48F2111B46050311A553BE6D6A7C3D90861DC010FA65730D2B5 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
12:05:20.0854 0x0948  srv2 - ok
12:05:20.0890 0x0948  [ 0351B28EEDFBD6C8CC69A7224A098CFA, D1D08D63F773CAEEA66585D090C073C0748AE96A2AAE8487E4B8BA54F7E59558 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
12:05:20.0932 0x0948  srvnet - ok
12:05:20.0969 0x0948  [ E95A6C339AE68515897B2E4C6B0842CA, 29DD7E83CD68432EAE4A7ED92CDA40AA52028F5FBB52152F0A1C752B572C2684 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
12:05:21.0016 0x0948  SSDPSRV - ok
12:05:21.0049 0x0948  [ FBD45746B2EDEECA10CCA6A861F8049B, 34383B0A07A93E0FA89CA32CD45AC5061F73723B2A9E0BF4AF93A53F70F1678E ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
12:05:21.0082 0x0948  SstpSvc - ok
12:05:21.0257 0x0948  [ AE1918EED1E4925778B92061CC2B8D18, 21B3D1685906BC4BA3C8A54C40ABC631F2F312926111BCE48AFEA8B96942DF22 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
12:05:21.0512 0x0948  StateRepository - ok
12:05:21.0536 0x0948  [ D40C589F80EB1C511263D0547C0259AE, A0236F6BB515AE006CC4C9F40FCCE250407888757A3646BB4BCB59EF8EEF1311 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
12:05:21.0552 0x0948  stexstor - ok
12:05:21.0598 0x0948  [ F83F43CD328E6CEEAAC27612F3EB1FF5, E3D35E5154CD228301806706E6EADCA36E9113EAF44BC06E3C43B2E902187326 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
12:05:21.0650 0x0948  stisvc - ok
12:05:21.0691 0x0948  [ 576A818562069B1E091CC719C143AED2, 48880CF4D33033E9A6024C2A0AD673AFBCE400C74574913F8E24717BA6BADE7C ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
12:05:21.0710 0x0948  storahci - ok
12:05:21.0746 0x0948  [ E5F703788DFA05411F1469E96838F438, A7E8D2DC23E23EA52B068C71D9387E69FF49798A27CE0243A994A2B1B09FA042 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
12:05:21.0761 0x0948  storflt - ok
12:05:21.0783 0x0948  [ 0D0128244FF55EAD3F878D3FE542DBA5, 4FCFA1B2113E07264A71A22298CA6E9FDC2AB722E0AE184A8F5656C18113A858 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
12:05:21.0800 0x0948  stornvme - ok
12:05:21.0818 0x0948  [ 3A62FF78619258E6126C5C4B4CC82C8E, C72CC295680B35E0EEE5A5310E0241E2FFE0E540BFAA49C35C06AA882229C1CD ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
12:05:21.0841 0x0948  storqosflt - ok
12:05:21.0890 0x0948  [ 212CB512B785E218667CCA56C4BFD71D, 5FD4CFEE5AB2187D928632076E6AD5C2C53D66884479C4D34930DCFCA3CCEE34 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
12:05:21.0946 0x0948  StorSvc - ok
12:05:21.0960 0x0948  [ C6097966F8EA3B288070CDF7C3C8C3E8, D12C4AF3E54DCE1E5DC9C8AA0E83420F481DC0165A7F7845083A85BABC102D37 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
12:05:21.0977 0x0948  storufs - ok
12:05:21.0987 0x0948  [ 3DC3B17E92DA02E36B4138733DF6C1AC, 398F20B6D6DAF6DA950C149F63F3B23864E1478119BFE53218C220CEADEC800D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
12:05:22.0003 0x0948  storvsc - ok
12:05:22.0036 0x0948  [ D284AB2CA6C30317D142D38CE1F848BE, 4C9EAE174F5C673CA550C9382E85CE7DAF5DC9965495BAB09078B634A4CDD4FB ] svsvc           C:\WINDOWS\system32\svsvc.dll
12:05:22.0062 0x0948  svsvc - ok
12:05:22.0082 0x0948  [ 2BC4D0EBC2467FE90302AE0AFAF23768, CF8BCC9CA1FBA8407FD044613A2497BEEC641DE463B076F0ED1FA7674C202ADE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
12:05:22.0098 0x0948  swenum - ok
12:05:22.0123 0x0948  [ 13985DA558FBCBFD9108A2CACB5FE494, DD457A73E82147AA90C36D695A47E862FF90D96FB1E22760FAB5780F7C332A46 ] swprv           C:\WINDOWS\System32\swprv.dll
12:05:22.0172 0x0948  swprv - ok
12:05:22.0209 0x0948  [ 572F81CF08972D53BAFFC2A110A2A586, D9AF8EBB31CE097849F93FC8C0F06178B2E1CA8C48D08BBDD85174CCD64A16D6 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
12:05:22.0231 0x0948  Synth3dVsc - ok
12:05:22.0298 0x0948  [ 7DC2B34FB6F1798F2D13453E0321D025, 60EF12A8824384DD88D9C5D188E8FB137F0F85A63C06AAF720CB2D616EB847F4 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
12:05:22.0331 0x0948  SynTP - ok
12:05:22.0416 0x0948  [ 6FBDBC24B1642868E041463795CBFA44, E9FA0DB094E7B2129ABD325BC91A48D6646380D6AA97BE6233C220E0C98637AF ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
12:05:22.0435 0x0948  SynTPEnhService - ok
12:05:22.0516 0x0948  [ 7C29BBF63178BB6788AD1C2B231150A5, 5114AC1260C5447D3B21C7C56D825C1E77FCE388C5630D0200C8256F69EFA6B4 ] SysMain         C:\WINDOWS\system32\sysmain.dll
12:05:22.0583 0x0948  SysMain - ok
12:05:22.0617 0x0948  [ 97E0FD613D031EAA73E8AD259169AC22, E86E9B9C18AF2E79D7CF80B177A12D89418CDBD3CBB74307809DD0377408DB82 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
12:05:22.0653 0x0948  SystemEventsBroker - ok
12:05:22.0686 0x0948  [ 7750219DFABC38261575B6CEFBF84EC6, 50DF85E34AF7C1343281AD0EF34FD94AB0E279DA5C61976ABA0135B8F013C543 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
12:05:22.0715 0x0948  TabletInputService - ok
12:05:22.0742 0x0948  [ C1C6A802C2A9A57029D4347E251F4D18, 9F75B7F003C829FFDB2CDC98231D32FE988754D23873048FA4F6EB82ED1DCED4 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
12:05:22.0779 0x0948  TapiSrv - ok
12:05:22.0879 0x0948  [ 02481DA7952E87F0EF007B54E0216DA8, E32BD56991560F608C843AF1CC6E4885435D8B13E9EE0003450C4B87D6CEF29D ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
12:05:23.0010 0x0948  Tcpip - ok
12:05:23.0101 0x0948  [ 02481DA7952E87F0EF007B54E0216DA8, E32BD56991560F608C843AF1CC6E4885435D8B13E9EE0003450C4B87D6CEF29D ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
12:05:23.0200 0x0948  Tcpip6 - ok
12:05:23.0224 0x0948  [ 1C35A5C62D110346379C55E39A3D547C, 5BDBD593AB51ECA5A6B703E86F300E3B2B153E128BEB9A006ABD827AE726BD62 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
12:05:23.0247 0x0948  tcpipreg - ok
12:05:23.0258 0x0948  [ D74756DD1518D28A09CDA99696273FA4, F01DDF8CDBBC70BB086970C324E60CF7A1828CA6DE5A4F5B1BA4686BC31C4058 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
12:05:23.0277 0x0948  tdx - ok
12:05:23.0307 0x0948  [ 96A35CDBA661D41C5A3914257CA1D200, 691ABBAA99C673E7D0B81D811BCC60976C3EC050F2B39B35B87A3BCC211F119A ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
12:05:23.0324 0x0948  terminpt - ok
12:05:23.0371 0x0948  [ 0B5C6D1683CDE89B3488326C60EA6EF2, 3B822CF005FA3002F27FF9BF39E7E133987230DA3481CFCF99F3B2B6B373A718 ] TermService     C:\WINDOWS\System32\termsrv.dll
12:05:23.0439 0x0948  TermService - ok
12:05:23.0451 0x0948  [ 6568EF1B30101979107055B7E515EE58, A318082E5FDD79C9F85E8C00A78EBFA0EC44B1046976E85633DC7BD123DA38B9 ] Themes          C:\WINDOWS\system32\themeservice.dll
12:05:23.0481 0x0948  Themes - ok
12:05:23.0513 0x0948  [ 2ABC11CFC2F03A919AF78A6E3E29C570, 54D91F89993A0FF090E2213EED92DE3659DCB693FBDA5932E31C6D6D7CFC8E80 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
12:05:23.0552 0x0948  TieringEngineService - ok
12:05:23.0596 0x0948  [ 4F9A5CE9F3C75AF1EE4B00D5E69F7CF7, 5FEE41C10629E89BD372E5D6C05A78FC0F2C394F4DE7C70AACC8720C6C6590DA ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
12:05:23.0648 0x0948  tiledatamodelsvc - ok
12:05:23.0660 0x0948  [ E59D4F92FE11B47AB727C6D192CC977F, 1DA06663889A20A1B22DDF90E5C99A5668023C0B89E252F3E820C0D1964B1948 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
12:05:23.0689 0x0948  TimeBrokerSvc - ok
12:05:23.0750 0x0948  [ 5379471B971D29EFCECBA87200C9FBFC, 7621258DA5EF0F4B2FFC344BCE0B6442E0AEE6BA795B65EBB5786D7A7C208A1F ] TokenBroker     C:\WINDOWS\System32\TokenBroker.dll
12:05:23.0864 0x0948  TokenBroker - ok
12:05:23.0902 0x0948  [ F76A92975340DAA99939DA297D677EA8, 51DA87E921BBA21BF39D7D9B691CEF8B1D2BCE2BBB0BA5B3C12B7E98CB5C702E ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
12:05:23.0924 0x0948  TPM - ok
12:05:23.0940 0x0948  [ 85E0D4431D61675A94EA99C9E1F56436, 9FA750703E04D20A62DBB0185CBDD70AFC4573FB65F86E61AAF7CF7A7D8E1E3E ] TrkWks          C:\WINDOWS\System32\trkwks.dll
12:05:23.0967 0x0948  TrkWks - ok
12:05:24.0021 0x0948  [ F21A69013A67B372675F523262AC1E33, C3F910E375C0F4B7FFA6F6D755622FF6B0CAE36DF691C938DE177C94815FE3C8 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
12:05:24.0055 0x0948  TrustedInstaller - ok
12:05:24.0078 0x0948  [ 9856BCCD1CD5DE4D17E8DBBA7CEFC688, F4B532DCE6F4728092848FE7B2FC05AB921EC7B3FDD7E62AB40EE0029C008398 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
12:05:24.0101 0x0948  TsUsbFlt - ok
12:05:24.0115 0x0948  [ 837AD2B941E721BCCEB7EF137E2DEE18, 84BE22616A50467B1957434C8BD19C8B0FC3B21CD77FFB8E16A09347CEAE0F4E ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
12:05:24.0138 0x0948  TsUsbGD - ok
12:05:24.0173 0x0948  [ B3142C6118703E98EB0510CF7B43D0F2, 40FDCBAA2AD93026AD479BF8C1B4EE7A4E2E65590608B6B1C5DEB3C4716E5C03 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
12:05:24.0215 0x0948  tunnel - ok
12:05:24.0270 0x0948  [ B097B77121A057AB6D70C647636978D4, 10F78A18AC898CDD0FA91D6FA29B8B45C6D8F6CE65B064C39256EB20FC6CD085 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
12:05:24.0316 0x0948  tzautoupdate - ok
12:05:24.0355 0x0948  [ B4C846ABD462558D45CA578C855759C3, E0F0DD39A6C101C2209CA46EF2B5A5F4559843C9EE37CC08ED78D9E124A566D2 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
12:05:24.0374 0x0948  UASPStor - ok
12:05:24.0385 0x0948  [ 5C2C0296D9EE7DC92A3F14642FBE656D, 94A7D549EC53C71095AD8DE4DB8F846D1DB3438FE2679E41DCAE62C34C0654DD ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
12:05:24.0409 0x0948  UcmCx0101 - ok
12:05:24.0429 0x0948  [ 8BB64E04CD97AD8C68543181D93E2AFC, FBA2FB9A9906721BAD42CDFFCCE0234AF3F72B83E2571E526801F19173B7C9CE ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
12:05:24.0457 0x0948  UcmTcpciCx0101 - ok
12:05:24.0488 0x0948  [ F083A400FB9CB8ADD1783848CB1C76F0, 7E543E5F81C04AF486ACC08B94F785B9702B743C96079241925C385BF8411EB9 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
12:05:24.0521 0x0948  UcmUcsi - ok
12:05:24.0544 0x0948  [ 5D4EAF3D0911338CB8FDB088386D6DCA, 1AC5B494C39570E66C4D4F867C6B8E37C174FB5D67C2865B07247122F60F8895 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
12:05:24.0567 0x0948  Ucx01000 - ok
12:05:24.0581 0x0948  [ 384E1F0D84B465820416338E52FE7C2B, 8F82778332EA1199987BA569536CBED8FEAF5E9D920321B0C9DFCBDDD91EEA35 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
12:05:24.0616 0x0948  UdeCx - ok
12:05:24.0640 0x0948  [ C82BE75239D412057C9E3DB1785680C6, AE712E40440F5725DA41C95C3E558B5E9ABB17C55B70297DD40D7D1BDA7CE45D ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
12:05:24.0683 0x0948  udfs - ok
12:05:24.0693 0x0948  [ CCDF6EFF952BF3BF34DC17600F479397, 2A2009B3C4BD1A44F1C6E334CB0A7DD02443BCE1EB48837C1C70A2A04CC7C54A ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
12:05:24.0708 0x0948  UEFI - ok
12:05:24.0746 0x0948  [ 00BEF71C45FD6B06E7525E7B31EFA88C, C0BDE8CB41BF9A34E395EA86756637E4CD6B88EF1C842364ECA639948D6CD59A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
12:05:24.0768 0x0948  Ufx01000 - ok
12:05:24.0808 0x0948  [ 9450AB15C30CF7D1F23C8A42E778C3A2, E62455008ED5B7220AEE62E0F459A67E26FB2878349ABA5AAF0164C2E7A8C0E9 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
12:05:24.0826 0x0948  UfxChipidea - ok
12:05:24.0845 0x0948  [ CEE12C7A689BDF448715024A7E0EB9C3, EC48E1469800E34A71C8A97A6F2F0B7C67385BCB8438844E6967DE0A82E39B94 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
12:05:24.0863 0x0948  ufxsynopsys - ok
12:05:24.0892 0x0948  [ 5A2F610B31CC3FD23D3E20C1D5F1EF52, D470B7C1CAE066C2DCDBA47001913FB1A7C9CC5B200FB8324DB896B641C1A132 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
12:05:24.0916 0x0948  UI0Detect - ok
12:05:24.0929 0x0948  [ F39ED750EDF5948FA8CD99D1F4EC9372, AE42AE50DE09F26D3CA4ACDCD5ECABD59D26926707030F0532A885266FE83EF9 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
12:05:24.0951 0x0948  umbus - ok
12:05:24.0966 0x0948  [ 55984D4E64C2F8E4223542CBCC15EDEB, ECBC832FBBA6AFCAEDEBB2728FA4A6DDCF52A6421929E72CA29B61CDBED840DF ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
12:05:24.0986 0x0948  UmPass - ok
12:05:25.0022 0x0948  [ FBEF4641E3E08A03CA84AF5C393CA86B, 9A14A0FB645AB6DD0B49F3A14FBF38FECC65796F2503324E93994113CC7AD52F ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
12:05:25.0054 0x0948  UmRdpService - ok
12:05:25.0101 0x0948  [ 5B17D5E9FBF65ED93078DEB687357BAF, 00BC68F16E36681254E72D8D39006F695D38246EAB6ABC6F40E5305D5ACE26A1 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
12:05:25.0172 0x0948  UnistoreSvc - ok
12:05:25.0199 0x0948  [ BBB6BDBE5ADCE6F87F70623D5A1EC5BC, E8BD5804FF82417890A9D1A44096B174E81A8C7AD3059B1F0C62740E0B39D137 ] upnphost        C:\WINDOWS\System32\upnphost.dll
12:05:25.0251 0x0948  upnphost - ok
12:05:25.0282 0x0948  [ 4D23214CB8B1C36B82061280EB8FDAB3, 387C01A7F9D8F89ED894EDF894AAAF8830DD7C90DF2F12A2CB4C4E9C7CB773BE ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
12:05:25.0296 0x0948  UrsChipidea - ok
12:05:25.0316 0x0948  [ 4329D880DB96B504F0DDC991A7374CCD, 1486BEF2C03ED281B24A17D3C18FEA2360E37A6B46D1A67D4690CD871B0A13DA ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
12:05:25.0332 0x0948  UrsCx01000 - ok
12:05:25.0348 0x0948  [ 93FAD0AC5879F274FA248A49E3F3EA33, D936F408E23040B33F30AB3B43D8B8BB9F3CCF2549E821F4C47357987AFF386F ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
12:05:25.0363 0x0948  UrsSynopsys - ok
12:05:25.0393 0x0948  [ FC318082D0793B76C766A8DFD4C247C5, F547C643A16D580BD96BC20DC901A8210875812EDABD57DD65F20A915A877CB3 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
12:05:25.0417 0x0948  usbaudio - ok
12:05:25.0459 0x0948  [ 6B09AA6A04C8261E787B6523229E7159, F97BED424E988AC6272D51025FD0D3180E89BAF0FFC83DAB609774D6269B353A ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
12:05:25.0489 0x0948  usbccgp - ok
12:05:25.0519 0x0948  [ ECE3AD18B4C22ED0C4AB1A2AD9AC32C8, 2062D400305075E886CF2C9D710A1C48B3F4AD48E7A75A77C66547357E96CB6E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
12:05:25.0542 0x0948  usbcir - ok
12:05:25.0564 0x0948  [ F8BCB536866474C6D8008F4C69B778A1, F86F4330DE2F50D48559C1ED46168ADB8F6AA7C8FE3834FFE00085C1783C5750 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
12:05:25.0581 0x0948  usbehci - ok
12:05:25.0599 0x0948  [ 1F723DA014062DBF3288B408A7611845, 0CCC9360259E6FBC510BBF69AE991A53A92516023AAC32C60A44BD3B43371C66 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
12:05:25.0630 0x0948  usbhub - ok
12:05:25.0671 0x0948  [ 0939AD44244AA9D348187015083E17DF, D48C8032333D30019BC5FD4BAF97A2AB1A80488D4881F3437C3D5341DE5294CA ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
12:05:25.0703 0x0948  USBHUB3 - ok
12:05:25.0723 0x0948  [ BE6ED98FD0D3FE5FB11762AD7CCD6C96, 54C6C929CA55EA6770474F7E230190FC7574C1FA52437B564B3B5FA4D6106D8A ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
12:05:25.0743 0x0948  usbohci - ok
12:05:25.0755 0x0948  [ CEE43CD5357DB8786CE6E2C430841AE4, 50F4629AE488A12D18EFFAD486D2F95545049AB1F6A3248BA44D2132EEC9A653 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
12:05:25.0775 0x0948  usbprint - ok
12:05:25.0792 0x0948  [ 99F0738B320B7A8D11351A32F68AA5F1, DAA887C31E3F56245C15F04044C12B6E832FA7E837F4107376A6F8D8E3A99FEC ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
12:05:25.0813 0x0948  usbser - ok
12:05:25.0825 0x0948  [ 67E26F56CF7EACCBD9C9F75343A3D7C2, 210FA280897CCCB2458E9E683A8B4CA8A5DF9606B54F8B9CE05CA4AA6FD810AB ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
12:05:25.0844 0x0948  USBSTOR - ok
12:05:25.0856 0x0948  [ 7BA802C9F73A84B75BB22538ADA495BE, 7D97E6305168C4CA86AB9BD5B63300156DFE97032251CB83DB1D4C4DB9C28DC8 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
12:05:25.0875 0x0948  usbuhci - ok
12:05:25.0909 0x0948  [ 50E70B3A95138AA4A30B095270EE0DE6, 9B7072C36230102A089C4A6DFE1980CD9DB28E566EF02830600DEBAF3AAD31C7 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
12:05:25.0936 0x0948  USBXHCI - ok
12:05:26.0038 0x0948  [ 3156FFFB2B3BF5375814F777D343AD9F, C4E63043EB9D9227CDD487608AF9BA25C755D85E5FF8E63C2079D68CCC79E4BB ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
12:05:26.0126 0x0948  UserDataSvc - ok
12:05:26.0188 0x0948  [ C0E60CC6D48013728C7E4168D61A0B39, CA283312E9669BCC74A3B5E6332502D1CAA7148C049B94AF3996F3C7CD2676EF ] UserManager     C:\WINDOWS\System32\usermgr.dll
12:05:26.0255 0x0948  UserManager - ok
12:05:26.0302 0x0948  [ 65D70A530105E0576641493D6292C9EA, 1059285060E700449C6BB99DB0E5E4FF4A32215323F45C11DA7617785F073276 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
12:05:26.0351 0x0948  UsoSvc - ok
12:05:26.0367 0x0948  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] VaultSvc        C:\WINDOWS\system32\lsass.exe
12:05:26.0384 0x0948  VaultSvc - ok
12:05:26.0404 0x0948  [ C1EC9211C7759D2487FD30934AA3EE96, 6914BB8B44550DFE75E5A3772E93ADF8459EB621CA400BDD9B7E3185A09B6F9A ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
12:05:26.0421 0x0948  vdrvroot - ok
12:05:26.0474 0x0948  [ 374CD93271184F04988FDC1C25B3E855, 09727093C5F7B258867C16D41F7F9835BF549CC339288BFE01A8F34AC7E93E23 ] vds             C:\WINDOWS\System32\vds.exe
12:05:26.0526 0x0948  vds - ok
12:05:26.0543 0x0948  [ C83F3BC00651448DB127D497CF955089, 31B8838CEED08E7D5DD8635A805A8010798BD9B10A3775FAFDB576FBD7303D39 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
12:05:26.0564 0x0948  VerifierExt - ok
12:05:26.0639 0x0948  [ 0E12F5F6B1C813D17AFDA197C4394423, B0AFDFE0E12633C6D984DA366197BE09ED2649BAFF525FA0DE84701E5B335DB9 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
12:05:26.0681 0x0948  vhdmp - ok
12:05:26.0713 0x0948  [ 1AD096A5C00E522398D0092D875A8CB6, 6959FCD6DD2115CD293DBD4BCD6D1BA0AE4F7495A9BBB48F7388384EEABB38E9 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
12:05:26.0732 0x0948  vhf - ok
12:05:26.0780 0x0948  [ FF9E47752DE943B35D00E5BC96BDC714, 953A14637E310E27BDBD46B3A711875DBE0963AF185A523BC7E002427EA0E710 ] vm331avs        C:\WINDOWS\System32\Drivers\vm331avs.sys
12:05:26.0817 0x0948  vm331avs - ok
12:05:26.0839 0x0948  [ EE9A22CFD9AEDD7B52F98B0272494609, F668131BABD048857F011A471936B52EDF0F2A42CB6000ACB4E0E43F88782AAD ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
12:05:26.0856 0x0948  vmbus - ok
12:05:26.0873 0x0948  [ BFBD0895926FD98A03AD6BB845B569B7, 5B7913ACD6CC132B2F36B079BC5F897C21884A7F21046B8996CC3D74C4B6DA4C ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
12:05:26.0892 0x0948  VMBusHID - ok
12:05:26.0905 0x0948  [ C123C97D351C56C75FE5335AB18255EE, 67315E332E863E5C233BA113826A5DEEE08C1A0A3358E6AC21F25DC5EAC86D07 ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
12:05:26.0924 0x0948  vmgid - ok
12:05:26.0951 0x0948  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
12:05:26.0982 0x0948  vmicguestinterface - ok
12:05:26.0993 0x0948  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
12:05:27.0024 0x0948  vmicheartbeat - ok
12:05:27.0036 0x0948  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
12:05:27.0066 0x0948  vmickvpexchange - ok
12:05:27.0085 0x0948  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
12:05:27.0116 0x0948  vmicrdv - ok
12:05:27.0129 0x0948  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
12:05:27.0159 0x0948  vmicshutdown - ok
12:05:27.0171 0x0948  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
12:05:27.0202 0x0948  vmictimesync - ok
12:05:27.0213 0x0948  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
12:05:27.0245 0x0948  vmicvmsession - ok
12:05:27.0259 0x0948  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
12:05:27.0292 0x0948  vmicvss - ok
12:05:27.0329 0x0948  [ 0AB9C264F13E2A070A8CF10EDD099ED2, 2E7EB4EE8DCBBCA497CC0E7F4BE057627E9702B6FAF56A7DBCA1325236C880EC ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
12:05:27.0346 0x0948  volmgr - ok
12:05:27.0360 0x0948  [ 6EE608257C1137A25B402EF8FC77E83A, 3AE684EBA32563468AD917155C93220F938460A699FBFC3DB8436F83C0C54209 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
12:05:27.0388 0x0948  volmgrx - ok
12:05:27.0403 0x0948  [ E3429DBBEA3965BB96E24B16EF4A2551, 0CEE2DEF75C6761DA67AFD3BBF8DEEB1331796719EB84D658B3E517DEC824B49 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
12:05:27.0430 0x0948  volsnap - ok
12:05:27.0436 0x0948  [ 86E790B503C771E674C7DF8FFCBFEFDB, 634B27C4FA363A2165D3D6929D3B22F41EE06198C579A70D446A48830924467B ] volume          C:\WINDOWS\system32\drivers\volume.sys
12:05:27.0452 0x0948  volume - ok
12:05:27.0494 0x0948  [ B25589A0892E6DF8CC07E5CB48BFC954, DA29974426EFD4472A3828FA0EF31AD3860AA8068AB66B5F4BE6A412BC3E73E9 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
12:05:27.0527 0x0948  vpci - ok
12:05:27.0548 0x0948  [ AA4466A47D2CA7ECE3DCF5256017DCC3, 83414BFBD3DF1CB7417F0F55709E8180D97FA20A74581C34EAAFF667FBEBFD93 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
12:05:27.0569 0x0948  vsmraid - ok
12:05:27.0649 0x0948  [ 0BB73BF6FDDD19DE3DE9377EA95E4C64, 74B6E612F9E009A5E43B603BCAD854F3711F6C8A7ED0328B1E3A9B2D4C9EA342 ] VSS             C:\WINDOWS\system32\vssvc.exe
12:05:27.0740 0x0948  VSS - ok
12:05:27.0767 0x0948  [ 98BB6C9AD39D8F2E883093F28282FAEC, 63F4036A1DB23C20AAEEC1CA8ABDE9B46FA09A55EA4E5DB0C0B5D6D58ABAD62F ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
12:05:27.0791 0x0948  VSTXRAID - ok
12:05:27.0808 0x0948  [ B47026E109828102266CBE2F5F9AD113, 28C76B34C48BACEA267A208CC758BB55539323B16300E869AE71B6A99A849AB5 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
12:05:27.0843 0x0948  vwifibus - ok
12:05:27.0862 0x0948  [ 799ECD541A9B2764B36A22A095885365, E255E74682927D662294AA3F88FDA211EEE603466EB264E8941C3BACC6A0E530 ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
12:05:27.0899 0x0948  vwififlt - ok
12:05:27.0908 0x0948  [ 82CA088A33517D1C8571D6850CC13D7E, 0401A08EAF36DB393B74FE8693C60F62EDE10BBC9300C76812C7D01B6AE9A051 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
12:05:27.0943 0x0948  vwifimp - ok
12:05:27.0990 0x0948  [ E75460AC4E936BFC0703021DB0BB17B8, D9985C3206B503659FD2F4EE7FD0B9AF8CB2DE821BFD68B13C9E3BD9CE5AEF6B ] W32Time         C:\WINDOWS\system32\w32time.dll
12:05:28.0044 0x0948  W32Time - ok
12:05:28.0061 0x0948  [ F0F477541F7AF67CC05DA1CF4921A500, F7DD2F49B61C484596DE3893683B1172A138386BD71F54BFCF37A31005C7368F ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
12:05:28.0083 0x0948  WacomPen - ok
12:05:28.0119 0x0948  [ A0957CBC1C054A87EE7A65A994102A96, CB6339F3F67D0E33C26E6756F88869574B84426B20C907E094F83B9DC5E36A3E ] WalletService   C:\WINDOWS\system32\WalletService.dll
12:05:28.0160 0x0948  WalletService - ok
12:05:28.0180 0x0948  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:05:28.0217 0x0948  wanarp - ok
12:05:28.0224 0x0948  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:05:28.0260 0x0948  wanarpv6 - ok
12:05:28.0329 0x0948  [ EA0524A2A01792796EC80AE2FE08307A, 68CC0F3451C6797222411C276376C7741C96C45E628DD77FB1FB17C10DC0EA8A ] wbengine        C:\WINDOWS\system32\wbengine.exe
12:05:28.0417 0x0948  wbengine - ok
12:05:28.0474 0x0948  [ 39A0B8DD517E3CBF0A6EED5A12BB182F, A25E7D3DC4DF9D0439627CFA0C4AD2292FDF29F4EFC832AEA5A2F774766F76D7 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
12:05:28.0546 0x0948  WbioSrvc - ok
12:05:28.0576 0x0948  [ 923200B78F5284D674A3712204D0FEFA, 4B00785D2E9D12052C2C8E80C568606E0148AA230285D4018A0A603E16224CEE ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
12:05:28.0596 0x0948  wcifs - ok
12:05:28.0643 0x0948  [ 9DDD15FCE0BE61F25C20CC7E2A96B77C, 072E6B3D86CD4F4A55305986E3848A47B7E8000FF5AEFE8A206FD4F7BE958872 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
12:05:28.0706 0x0948  Wcmsvc - ok
12:05:28.0754 0x0948  [ 2C396871F724DDF871A2EF4CADE5151D, 8CAD8A393F0CC447432E1BED21A691E25356F7DBC06E3887138A6F86CB1D656D ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
12:05:28.0799 0x0948  wcncsvc - ok
12:05:28.0814 0x0948  [ 1737BEF60CA384423CE4B32AF1C2BFFC, D61353D3B2EAEDFDCBB5DB3AD27E76396CC7755AFF01233307EAA1967493DE63 ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
12:05:28.0838 0x0948  wcnfs - ok
12:05:28.0856 0x0948  [ 38130C1C5FE0E08820EE57E1B087B659, 3705AA4699D4C402C0BBC5BC4E1EE67CB4A4B9C27702E88952A76891C3A3F496 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
12:05:28.0878 0x0948  WdBoot - ok
12:05:28.0937 0x0948  [ 0C6CBF3490EE5F0D62B5820568CA30B8, 97EDEC84DA72A900D7740B8763DDDAB600628F3F1E1DDE1212383C2E60FDC77C ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
12:05:28.0980 0x0948  Wdf01000 - ok
12:05:29.0026 0x0948  [ F7B6CB0F9ECD28848E2BDACEAB0D9204, B64D91A36600AEBE656F0514AF8653C294DE88054FE6DBB7B1A6D0A23D2A5131 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
12:05:29.0052 0x0948  WdFilter - ok
12:05:29.0061 0x0948  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
12:05:29.0097 0x0948  WdiServiceHost - ok
12:05:29.0103 0x0948  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
12:05:29.0136 0x0948  WdiSystemHost - ok
12:05:29.0189 0x0948  [ BF45B43BA47D0FA769CE5AFBF7104F01, CBEEC0E915162BEBFCD2CA9EF72C02E82AFAB2A016F1750A7982975A94599CF6 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
12:05:29.0248 0x0948  wdiwifi - ok
12:05:29.0270 0x0948  [ 82A4F22C884B4BAE8B531640859F9871, 1C662557F671FA680E7CC2FC565B198470E421778BD03749CD05B2928568C430 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
12:05:29.0293 0x0948  WdNisDrv - ok
12:05:29.0328 0x0948  WdNisSvc - ok
12:05:29.0356 0x0948  [ 9066FE8EAB91E15437CB3C43757F2A65, 1F8B3D8C90C7862CCAB91D170F49E7F1D58FABAFA1C8DDDE1796404D1DD98707 ] WebClient       C:\WINDOWS\System32\webclnt.dll
12:05:29.0397 0x0948  WebClient - ok
12:05:29.0415 0x0948  [ F322B8E6C5614E7975C8BF34B7A6710E, 299816001856E8C91BFBB9C48D87B7ACBD5A39F6A65147F5AE6EDB3065A893E9 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
12:05:29.0448 0x0948  Wecsvc - ok
12:05:29.0466 0x0948  [ 04CA184EB5743DE5A2CCEEF2DB2DA8B3, E16921496F57B78A152A103F8D58601C9687360048A6CB51E76A96E3B64CC0FA ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
12:05:29.0494 0x0948  WEPHOSTSVC - ok
12:05:29.0518 0x0948  [ 0941A50663B7F3BAB62687AC0E03A31B, 8AA98C22332217B3996028461747B88274D49B246FA432DB7B7C169527C75D14 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
12:05:29.0559 0x0948  wercplsupport - ok
12:05:29.0591 0x0948  [ 8DF4E4631338E8EE7CCDF7D6DC55D3A8, 043D0AF7FD1073603D8586E0BE9646FE3E8679A317AC18845811856A6E5027E1 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
12:05:29.0654 0x0948  WerSvc - ok
12:05:29.0707 0x0948  [ 4D64719B4819CA22A046EC32809BBD98, 0ABD6C7D039E57F5637E843388FA8D52072237061EB75C7CDEBC9E13A6C8F06E ] WFDSConMgrSvc   C:\WINDOWS\System32\wfdsconmgrsvc.dll
12:05:29.0754 0x0948  WFDSConMgrSvc - ok
12:05:29.0797 0x0948  [ 3C8F0ABD00E197101DCF43FEF8FB0D76, AF5C68B85EE1503ACD4AEA1D997F816C34293A77791D59A605DC18450B4906DE ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
12:05:29.0816 0x0948  WFPLWFS - ok
12:05:29.0846 0x0948  [ 2DEB40D6837956CE08A8F9EB3ECA5A01, B40D23E54CDF6BE05D6C5DA536BF6D998E79EDE9C391A42452F9F69EE206EA1E ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
12:05:29.0870 0x0948  WiaRpc - ok
12:05:29.0894 0x0948  [ 75014BF6510D4C6C69EEE5B7743A52AF, 11AEEF4D52C35E5A7006713836ECF1198A53CD02736E792B1C698144CA1363F0 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
12:05:29.0910 0x0948  WIMMount - ok
12:05:29.0915 0x0948  WinDefend - ok
12:05:29.0935 0x0948  [ C8EBCFED8FD2CDF725E44AF93016621E, A0B76E55CC535A0F1D79C3C0EC59753086EAB669EC7ADA4F97656DCAD2A69448 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
12:05:29.0952 0x0948  WindowsTrustedRT - ok
12:05:29.0962 0x0948  [ D318557F9D7CA3836104F0B8ECB1F32E, 6850BBFB4F65167B052F3CA22FD72E9188A14FD2A9CC085861B4BC40CBA34249 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
12:05:29.0977 0x0948  WindowsTrustedRTProxy - ok
12:05:30.0026 0x0948  [ 61F0D6574577499FB43D9F4870B08A7F, 757ACD4F292C43B04B6428D84A7147DE8E565716D94B6B02F288F3B5E2D1C135 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
12:05:30.0073 0x0948  WinHttpAutoProxySvc - ok
12:05:30.0090 0x0948  [ 31DDF1D001336B2DCE7DF24E99EF1D04, A1FCABF4A263BFAE042FE7A9F6C15FD9B3D8E985278C32AE8975ECE79B341277 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
12:05:30.0106 0x0948  WinMad - ok
12:05:30.0155 0x0948  [ 9A26F7834706A6D8C8824EB08FD7C362, 750F6A0759D70BE481C70FE4BB21D18E756A8F0C23A014C2CE1E7729A1E625FE ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
12:05:30.0194 0x0948  Winmgmt - ok
12:05:30.0234 0x0948  [ 2E1A614EFB0523E20860AE7978DDA0A4, E13564690F9977747CA676D3843B467506447F060A5FF6676835A9C7A30BA409 ] WinNat          C:\WINDOWS\system32\drivers\winnat.sys
12:05:30.0260 0x0948  WinNat - ok
12:05:30.0387 0x0948  [ 27DAA9AA3E03C1068678D5659461BB32, AFDED6D671C430F296C9EAA73590111D6A8A9FA93DFE0595B90467FFE28EFB35 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
12:05:30.0548 0x0948  WinRM - ok
12:05:30.0577 0x0948  [ 03858B18BB6DF6A400D9FC5153FD28A8, C7AD69B022AEFDDDAFB74CCCDF20AF9CCDBA0097634BBBD07A2EFBA5922560C1 ] WINUSB          C:\WINDOWS\System32\drivers\WinUsb.sys
12:05:30.0602 0x0948  WINUSB - ok
12:05:30.0633 0x0948  [ 0BF4A43CF1F3A4D50AFA4561C3B4628D, 2D0B4E7004C8AC8A9EE07E6D5241BF32395CA142BF3B03FA9CF00BC6720A6AC7 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
12:05:30.0651 0x0948  WinVerbs - ok
12:05:30.0698 0x0948  [ 2E15586B76465941D1DEE75625B9484E, 609E6BEAFF340A403F50A20D1609D3A8A2C990234064DD154A08C737DE3E0907 ] wisvc           C:\WINDOWS\system32\flightsettings.dll
12:05:30.0758 0x0948  wisvc - ok
12:05:30.0853 0x0948  [ E624376E7E7D9AC203113140D9E618A2, 3553D343665194492E38B8C437DE429CEAC135D69EC0CB951BA3E3A7549F673E ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
12:05:31.0008 0x0948  WlanSvc - ok
12:05:31.0100 0x0948  [ 2393C4DB3DF3D19B0B920AD607098E79, D632671247DE3808D9C5B36A3FF173C86BB3AD274D03C851BCD417CE62B3820D ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
12:05:31.0217 0x0948  wlidsvc - ok
12:05:31.0280 0x0948  [ 24A624FC6DED20C3B7980BD71D6540D7, A1564B903E2B54106E6665B212E4F8E1A90B2B6CB966F5E965BA5602A801B7D3 ] wlpasvc         C:\WINDOWS\System32\lpasvc.dll
12:05:31.0359 0x0948  wlpasvc - ok
12:05:31.0372 0x0948  [ 0D6E1347A891607759340B1E55BA2A77, 033DF14920A581FE7E21C6930280AE159B5634F2FEAF79423E8D0B7D46500048 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
12:05:31.0392 0x0948  WmiAcpi - ok
12:05:31.0437 0x0948  [ F7B122E8A238354DE344B77216E8D9AC, 3C4F864655CFF786B33333E643AA929B2D2B01ECD56EEEEADE7CEAB38249DA3B ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
12:05:31.0475 0x0948  wmiApSrv - ok
12:05:31.0513 0x0948  WMPNetworkSvc - ok
12:05:31.0540 0x0948  [ 1AE1076034392218EE89D2744EC2A071, 695C28E2697B12BBD919687176CE082E94887A5D8B6229F163A26F6EDF401C4C ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
12:05:31.0568 0x0948  Wof - ok
12:05:31.0650 0x0948  [ 5D9A8A2BB555B743334A096C5B1774E2, 660136C1E8D6CA1F7BD1AE0EC4E28B65527BFE69339589A8E3017EFE2BBDC41C ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
12:05:31.0749 0x0948  workfolderssvc - ok
12:05:31.0780 0x0948  [ 2AD9CC8445F0E1A8900A9DE123643CD2, A5928B26722DFBB201A32DEF48B25D4BF291815EA68CF50CBE79EEA9260A71E3 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
12:05:31.0815 0x0948  WPDBusEnum - ok
12:05:31.0847 0x0948  [ 1FD80CBB192A20375F3664639DEB57B5, 7A4789D4B2F8E289726E1C723DC00D5AC1F8C5E00FB2879C9D0E6DDC97D2B1A6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
12:05:31.0862 0x0948  WpdUpFltr - ok
12:05:31.0935 0x0948  [ 3369EF007E43B88EAC8F1789B43D4393, 347F9F7DF980BB739895EDFE72E2E595EF56634330DC63DAA36403AB232B5B5A ] WpnService      C:\WINDOWS\system32\WpnService.dll
12:05:31.0981 0x0948  WpnService - ok
12:05:31.0995 0x0948  [ 41403B9466EDA80FACD7713478A56DF8, A71BF9C7A2483FE1F660AC9688FCB38BA2310F16A69EB117C948458364953F34 ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
12:05:32.0022 0x0948  WpnUserService - ok
12:05:32.0058 0x0948  [ DAF4451760B46CB383D287C4FAFFE97D, 658AFE31EF50E934FEDD2E7048257DBFE9E6DE5F1ACDC658B21737391CF1CC5A ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
12:05:32.0094 0x0948  ws2ifsl - ok
12:05:32.0121 0x0948  [ D4A0661AB0FE542460CA76BFB4FAA2D6, 149F0A0720C47BFFCA68165A46382E5CBB273F48483DBB598CEA320801664718 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
12:05:32.0156 0x0948  wscsvc - ok
12:05:32.0164 0x0948  WSearch - ok
12:05:32.0285 0x0948  [ E1E58C86AE73A95329696C675D8C03E6, EF1497AFA6C472EB6C0C0806F1A82B814FB4E9CDF441C155AEC95735384DF878 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
12:05:32.0415 0x0948  wuauserv - ok
12:05:32.0443 0x0948  [ 455609BF60DA3B57EEAB863DEFCCF14D, F55271C42B7AFD17D01275703719C1F52C21996DB82AC78A70A8A8B62370623B ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
12:05:32.0467 0x0948  WudfPf - ok
12:05:32.0482 0x0948  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
12:05:32.0510 0x0948  WUDFRd - ok
12:05:32.0524 0x0948  [ 9EFE23CA208BF4B613FF4A6028DFAB10, 483D8D8DA578BF3EA5617EAB42457543EC6F97C1977BDD8ABFDF854AE3AAFD35 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
12:05:32.0549 0x0948  wudfsvc - ok
12:05:32.0562 0x0948  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys
12:05:32.0591 0x0948  WUDFWpdMtp - ok
12:05:32.0649 0x0948  [ 46D90B7476CDB119C548D970EF271D34, 0C47D8AB80CF55CC10747DFFB65CED1713160BE3AB1DAED234E9BBADACCBD6D5 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
12:05:32.0731 0x0948  WwanSvc - ok
12:05:32.0761 0x0948  [ FC0147AB34C7CDB2D8A1B29C207F2CD1, 737D40A4BE35AD13C091D8E320FAD3FD7C0C7E41C8B50E48D3C2151712A55718 ] xbgm            C:\WINDOWS\System32\xbgmsvc.dll
12:05:32.0787 0x0948  xbgm - ok
12:05:32.0851 0x0948  [ 7FE60B52DD841ED374285B7ED9210222, 0F7743A5A9289E47EE07477313083CE07B46F1C9C5CF83130303A7BAB2F3842B ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
12:05:32.0938 0x0948  XblAuthManager - ok
12:05:32.0995 0x0948  [ A8BD191F46CC58E45637CB3E262CF0F2, CA65524427ECDB5E1138A5F8E885566064E507BA60FC31E0D9D17B9556CC9ADC ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
12:05:33.0070 0x0948  XblGameSave - ok
12:05:33.0109 0x0948  [ B10655A4C2EFDC25483D670EF52A4854, 2D9DC81AE73FDFE7F4E395BEC8E806E6BAD8DE0470027EEEC256AC4A4B7C7AA4 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
12:05:33.0150 0x0948  xboxgip - ok
12:05:33.0160 0x0948  [ E099DED5C602AE4A7ECCF7CD4B1D2E33, 7FDAFFE13B87A8E6AA8721F8905FFF6EF04CAB93009F68EDA862B57EBB04514F ] XboxGipSvc      C:\WINDOWS\System32\XboxGipSvc.dll
12:05:33.0193 0x0948  XboxGipSvc - ok
12:05:33.0251 0x0948  [ EF83C2EF7F152DFDC6D9F1AEC6FBE66F, 21D4FCD12F9D40D066F05936131A4F7BAB301DD800C85921476EC182B9D27D0B ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
12:05:33.0325 0x0948  XboxNetApiSvc - ok
12:05:33.0351 0x0948  [ 2E50A379A8E4F6C5D85E87C26C08D329, ADA0C344FE58A3772FFF7417268160E488741C5B2F08CA12ED587AB7F75756F6 ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
12:05:33.0370 0x0948  xinputhid - ok
12:05:33.0401 0x0948  [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21          C:\WINDOWS\System32\drivers\xusb21.sys
12:05:33.0430 0x0948  xusb21 - ok
12:05:33.0431 0x0948  ================ Scan global ===============================
12:05:33.0460 0x0948  [ EEA8447A2E39A39F66C74BA66C421F92, 7FFC5294E0D0438E7450ED36947AB04D0C84DF4E1C9F2D49340D3BA586FFFAB2 ] C:\WINDOWS\system32\basesrv.dll
12:05:33.0489 0x0948  [ 961599D817655AB85646C7D56684D2B0, 1614D9EE8F02B8253EF54F26B5EE631FF17ED6504713625DBD3554257C7C50F4 ] C:\WINDOWS\system32\winsrv.dll
12:05:33.0528 0x0948  [ 7DD72CBE412C9567661F4B1CE9631FC1, 8D914805CBDAF448C8C132C4C3FEB1D90804F4F485180F7364A75EC5655A4DDB ] C:\WINDOWS\system32\sxssrv.dll
12:05:33.0577 0x0948  [ C81F9707DEA008EED4071B5A39B7C76E, 47FFEF27A479ED6B325B22296B6853D7E57B53E8E712824F3881E510D5C93667 ] C:\WINDOWS\system32\services.exe
12:05:33.0596 0x0948  [ Global ] - ok
12:05:33.0597 0x0948  ================ Scan MBR ==================================
12:05:33.0602 0x0948  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
12:05:33.0652 0x0948  \Device\Harddisk0\DR0 - ok
12:05:33.0661 0x0948  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
12:05:33.0773 0x0948  \Device\Harddisk1\DR1 - ok
12:05:33.0774 0x0948  ================ Scan VBR ==================================
12:05:33.0781 0x0948  [ 33AF541345FCC03A6CF6B6BAD5CC5BC5 ] \Device\Harddisk0\DR0\Partition1
12:05:33.0782 0x0948  \Device\Harddisk0\DR0\Partition1 - ok
12:05:33.0789 0x0948  [ A3249FDBA79B39DF0CDB32ACABBB8745 ] \Device\Harddisk0\DR0\Partition2
12:05:33.0791 0x0948  \Device\Harddisk0\DR0\Partition2 - ok
12:05:33.0824 0x0948  [ 63362A55D73D68B1BE5139508A01B07C ] \Device\Harddisk1\DR1\Partition1
12:05:33.0827 0x0948  \Device\Harddisk1\DR1\Partition1 - ok
12:05:33.0836 0x0948  [ 85D5F85DC7E80E7527B44A88B460F6C5 ] \Device\Harddisk1\DR1\Partition2
12:05:33.0838 0x0948  \Device\Harddisk1\DR1\Partition2 - ok
12:05:33.0855 0x0948  [ B208563621391F6F3421D7B04C1759D2 ] \Device\Harddisk1\DR1\Partition3
12:05:33.0856 0x0948  \Device\Harddisk1\DR1\Partition3 - ok
12:05:33.0862 0x0948  [ B2074CCE40FDB33A78082D74A346EAEC ] \Device\Harddisk1\DR1\Partition4
12:05:33.0866 0x0948  \Device\Harddisk1\DR1\Partition4 - ok
12:05:33.0890 0x0948  [ DB02CDB36CF742D697E76887A3D994E9 ] \Device\Harddisk1\DR1\Partition5
12:05:33.0893 0x0948  \Device\Harddisk1\DR1\Partition5 - ok
12:05:33.0905 0x0948  [ A5E893D4D33E15D5E9FC0D3F1FDB9215 ] \Device\Harddisk1\DR1\Partition6
12:05:33.0908 0x0948  \Device\Harddisk1\DR1\Partition6 - ok
12:05:33.0909 0x0948  ================ Scan generic autorun ======================
12:05:33.0909 0x0948  SecurityHealth - ok
12:05:33.0912 0x0948  SynTPEnh - ok
12:05:33.0946 0x0948  [ 69D50F8B1A5C1DCA66F5FA5A267B44E1, 4C74ED8A8E1FAAD8C5572B3D2260E0F3B2AE379BF1D697DA586D64E23A4B272C ] D:\360\Total Security\safemon\360Tray.exe
12:05:33.0965 0x0948  QHSafeTray - ok
12:05:34.0084 0x0948  [ 7B8AE5A341FF30BA7204A17F75BF332F, 799CEF54795902036F794DA8D9EB0903B3E0156BB122AB08E7A79E69B910C2E3 ] C:\Users\hoppe\AppData\Local\Temp\37c4c8ff1aa4da97e2cc0ad122e96803_remove360vpn.bat
12:05:34.0250 0x0948  360vpnuninst_37c4c8ff1aa4da97e2cc0ad122e96803 - detected UnsignedFile.Multi.Generic ( 1 )
12:05:34.0342 0x0948  360vpnuninst_37c4c8ff1aa4da97e2cc0ad122e96803 ( UnsignedFile.Multi.Generic ) - warning
12:05:34.0342 0x0948  Force sending object to P2P due to detect: C:\Users\hoppe\AppData\Local\Temp\37c4c8ff1aa4da97e2cc0ad122e96803_remove360vpn.bat
12:05:34.0532 0x0948  Object send P2P result: true
12:05:35.0418 0x0948  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
12:05:36.0206 0x0948  OneDriveSetup - ok
12:05:36.0878 0x0948  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
12:05:37.0533 0x0948  OneDriveSetup - ok
12:05:38.0218 0x0948  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
12:05:39.0013 0x0948  OneDriveSetup - ok
12:05:39.0087 0x0948  [ 9203CEE59C720D1D4BB9A97E4DE4152D, 55743BBED85C3EDB764F30648F23951FE8C76FC4984216596306F4E453D0CCB5 ] C:\Program Files (x86)\Windows Mail\wab.exe
12:05:39.0187 0x0948  WAB Migrate - ok
12:05:39.0196 0x0948  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.11.15063.332 ), 0x60100 ( disabled : updated )
12:05:39.0198 0x0948  AV detected via SS2: 360 Total Security, D:\360\Total Security\safemon\QHSafeTray.exe ( 9.2.0.1006 ), 0x51000 ( enabled : updated )
12:05:39.0200 0x0948  Win FW state via NFP2: enabled ( trusted )
12:05:39.0278 0x0948  ============================================================
12:05:39.0278 0x0948  Scan finished
12:05:39.0278 0x0948  ============================================================
12:05:39.0299 0x17dc  Detected object count: 1
12:05:39.0299 0x17dc  Actual detected object count: 1
12:05:58.0913 0x17dc  360vpnuninst_37c4c8ff1aa4da97e2cc0ad122e96803 ( UnsignedFile.Multi.Generic ) - skipped by user
12:05:58.0913 0x17dc  360vpnuninst_37c4c8ff1aa4da97e2cc0ad122e96803 ( UnsignedFile.Multi.Generic ) - User select action: Skip

Ich danke dir für deine Hilfsbereitschaft und hoffe, wir werden gut zusammen arbeiten

M-K-D-B · 06.09.2017, 13:04

Servus,

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- Tracing Schlüssel
- Prefetch Dateien
- Proxy
- Winsock
- IE Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist. Am Ende des Suchlaufs öffnet sich automatisch eine Logdatei. Schließe diese.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Klicke am Ende der Bereinigung auf Jetzt neu starten. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware 3 (Bebilderte Anleitung)

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die zwei neuen Logdateien von FRST.

BlackOnyx · 07.09.2017, 08:14

Code:

ATTFilter

# AdwCleaner 7.0.2.1 - Logfile created on Thu Sep 07 06:57:21 2017
# Updated on 2017/29/08 by Malwarebytes 
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Users\hoppe\AppData\Roaming\PARETOLOGIC


***** [ Files ] *****

Deleted: C:\Windows\Reimage.ini
Deleted: C:\Users\hoppe\AppData\Local\Temp\reimage.log
Deleted: C:\Users\hoppe\AppData\Local\Temp\ReimagePackage.exe


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Start Page [http:\\www1.online\?w=RD4623]
Deleted: [Key] - HKLM\SOFTWARE\ParetoLogic
Deleted: [Key] - HKU\S-1-5-21-2502170952-984855085-4023997487-1001\Software\ParetoLogic
Deleted: [Key] - HKCU\Software\ParetoLogic
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Deleted: [Key] - HKU\S-1-5-21-2502170952-984855085-4023997487-1001\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Deleted: [Key] - HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Deleted: [Key] - HKLM\SOFTWARE\Reimage
Deleted: [Key] - HKU\S-1-5-21-2502170952-984855085-4023997487-1001\Software\Reimage
Deleted: [Key] - HKCU\Software\Reimage
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [2956 B] - [2017/9/7 6:56:54]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 07.09.17
Scan-Zeit: 09:03
Protokolldatei: 9aeb0e36-939a-11e7-8a01-2089844961f4.json
Administrator: Ja

-Softwaredaten-
Version: 3.2.2.2018
Komponentenversion: 1.0.188
Version des Aktualisierungspakets: 1.0.2743
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 15063.540)
CPU: x64
Dateisystem: NTFS
Benutzer: BLACKHARMONICS\hoppe

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 374075
Erkannte Bedrohungen: 9
In die Quarantäne verschobene Bedrohungen: 9
Abgelaufene Zeit: 2 Min., 27 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 4
PUP.Optional.StartPage.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{F39B74E7-D674-4EC5-9B33-5169AACAE37B}, In Quarantäne, [1828], [396863],1.0.2743
PUP.Optional.StartPage.ShrtCln, HKU\S-1-5-21-2502170952-984855085-4023997487-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{F39B74E7-D674-4EC5-9B33-5169AACAE37B}, In Quarantäne, [1828], [396863],1.0.2743
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\REI_AxControl.ReiEngine.1, In Quarantäne, [1049], [327197],1.0.2743
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\REI_AxControl.ReiEngine, In Quarantäne, [1049], [327197],1.0.2743

Registrierungswert: 4
PUP.Optional.StartPage.ShrtCln, HKU\S-1-5-21-2502170952-984855085-4023997487-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{F39B74E7-D674-4EC5-9B33-5169AACAE37B}|FAVICONURL, In Quarantäne, [1828], [396863],1.0.2743
PUP.Optional.StartPage.ShrtCln, HKU\S-1-5-21-2502170952-984855085-4023997487-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{F39B74E7-D674-4EC5-9B33-5169AACAE37B}|URL, In Quarantäne, [1828], [396863],1.0.2743
PUP.Optional.StartPage.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{F39B74E7-D674-4EC5-9B33-5169AACAE37B}|FAVICONURL, In Quarantäne, [1828], [396862],1.0.2743
PUP.Optional.StartPage.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{F39B74E7-D674-4EC5-9B33-5169AACAE37B}|URL, In Quarantäne, [1828], [396862],1.0.2743

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 1
PUP.Optional.InstallCore, C:\PROGRAMDATA\MICROSOFT\WINDOWS DEFENDER\SCANS\FILESSTASH\10AA4DF1-2CA8-B46E-4EAC-1CA2EFE7B307_1D1F335DAFD3753, In Quarantäne, [2], [312671],1.0.2743

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
durchgeführt von hoppe (Administrator) auf BLACKHARMONICS (07-09-2017 09:11:09)
Gestartet von C:\Users\hoppe\Downloads
Geladene Profile: hoppe (Verfügbare Profile: defaultuser0 & hoppe)
Platform: Windows 10 Home Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(QIHU 360 SOFTWARE CO. LIMITED) D:\360\Total Security\safemon\QHActiveDefense.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(QIHU 360 SOFTWARE CO. LIMITED) D:\360\Total Security\safemon\QHWatchdog.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(QIHU 360 SOFTWARE CO. LIMITED) D:\360\Total Security\safemon\QHSafeTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM-x32\...\Run: [QHSafeTray] => D:\360\Total Security\safemon\360Tray.exe [345000 2017-08-11] (QIHU 360 SOFTWARE CO. LIMITED)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2174b39f-ac77-42cd-90ec-3f3c64d2b6a5}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{984abe61-1578-488e-87cb-455ffc6824f6}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-2502170952-984855085-4023997487-1001\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKLM -> DefaultScope {F39B74E7-D674-4EC5-9B33-5169AACAE37B} URL = 
SearchScopes: HKU\S-1-5-21-2502170952-984855085-4023997487-1001 -> DefaultScope {F39B74E7-D674-4EC5-9B33-5169AACAE37B} URL = 
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-10-01] (Oracle Corporation)

Edge: 
======
Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_2.2.0.0_neutral__c1wakc4j0nefm [2017-07-17]

FireFox:
========
FF DefaultProfile: r8cprlvn.default
FF ProfilePath: C:\Users\hoppe\AppData\Roaming\Mozilla\Firefox\Profiles\r8cprlvn.default [2017-09-07]
FF Extension: (GMX MailCheck) - C:\Users\hoppe\AppData\Roaming\Mozilla\Firefox\Profiles\r8cprlvn.default\Extensions\toolbar@gmx.net [2017-09-05]
FF Extension: (Adblock Plus) - C:\Users\hoppe\AppData\Roaming\Mozilla\Firefox\Profiles\r8cprlvn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-07-14]
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-10-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-10-01] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN)

Chrome: 
=======
CHR Profile: C:\Users\hoppe\AppData\Local\Google\Chrome\User Data\Default [2017-09-07]
CHR Extension: (Google Präsentationen) - C:\Users\hoppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-09-06]
CHR Extension: (Google Docs) - C:\Users\hoppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-09-06]
CHR Extension: (Google Drive) - C:\Users\hoppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-06]
CHR Extension: (YouTube) - C:\Users\hoppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-06]
CHR Extension: (Google Tabellen) - C:\Users\hoppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-09-06]
CHR Extension: (Tabs 2 Grid) - C:\Users\hoppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhhlffidbdcekjjclelmafdgfpekkgeh [2017-09-06]
CHR Extension: (Google Docs Offline) - C:\Users\hoppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\hoppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-06]
CHR Extension: (Google Mail) - C:\Users\hoppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-06]
CHR Extension: (Chrome Media Router) - C:\Users\hoppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-06]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3815712 2016-04-07] (INCA Internet Co., Ltd.)
R2 QHActiveDefense; D:\360\Total Security\safemon\QHActiveDefense.exe [929888 2017-08-11] (QIHU 360 SOFTWARE CO. LIMITED)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-17] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 360AntiHacker; C:\WINDOWS\System32\Drivers\360AntiHacker64.sys [183800 2017-04-21] (360.cn)
R3 360AvFlt; C:\WINDOWS\System32\DRIVERS\360AvFlt.sys [95232 2016-09-15] (360.cn)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [95232 2017-08-11] (360.cn)
R1 360Box64; C:\WINDOWS\System32\DRIVERS\360Box64.sys [339456 2017-08-11] (360.cn)
R1 360Camera; C:\WINDOWS\System32\Drivers\360Camera64.sys [57848 2017-04-21] (360.cn)
R1 360FsFlt; C:\WINDOWS\System32\DRIVERS\360FsFlt.sys [432120 2017-06-09] (360.cn)
R1 BAPIDRV; C:\WINDOWS\System32\DRIVERS\BAPIDRV64.sys [199160 2017-06-09] (360.cn)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-09-04] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-09-04] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-24] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-09-07] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-09-07] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-09-07] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [253888 2017-09-07] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-09-07] (Malwarebytes)
S3 MotioninJoyXFilter; C:\WINDOWS\System32\drivers\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [Datei ist nicht signiert]
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2017-03-18] (Intel Corporation)
S3 pwftap; C:\WINDOWS\System32\drivers\pwftap.sys [36736 2016-12-13] (The OpenVPN Project)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [422656 2016-03-09] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [648872 2015-09-03] (Vimicro Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-07 09:02 - 2017-09-07 09:06 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-07 09:02 - 2017-09-07 09:06 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-09-07 09:02 - 2017-09-07 09:06 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-09-07 09:02 - 2017-09-07 09:06 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-09-07 09:02 - 2017-09-07 09:02 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-09-07 09:02 - 2017-09-07 09:02 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-07 09:02 - 2017-09-07 09:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-07 09:02 - 2017-09-07 09:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-07 09:02 - 2017-09-07 09:02 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-07 09:02 - 2017-08-24 11:27 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-09-07 08:54 - 2017-09-07 08:57 - 000000000 ____D C:\AdwCleaner
2017-09-07 08:53 - 2017-09-07 08:54 - 066347240 _____ (Malwarebytes ) C:\Users\hoppe\Downloads\mb3-setup-consumer-3.2.2.2018.exe
2017-09-07 08:53 - 2017-09-07 08:53 - 008182736 _____ (Malwarebytes) C:\Users\hoppe\Desktop\adwcleaner_7.0.2.1.exe
2017-09-06 12:03 - 2017-09-06 12:16 - 000520986 _____ C:\TDSSKiller.3.1.0.15_06.09.2017_12.03.10_log.txt
2017-09-06 12:03 - 2017-09-06 12:03 - 004922400 _____ (AO Kaspersky Lab) C:\Users\hoppe\Downloads\tdsskiller.exe
2017-09-06 11:49 - 2017-09-06 11:49 - 000041612 _____ C:\Users\hoppe\Downloads\Shortcut.txt
2017-09-06 11:49 - 2017-09-06 11:49 - 000025253 _____ C:\Users\hoppe\Downloads\Addition.txt
2017-09-06 11:47 - 2017-09-07 09:12 - 000010756 _____ C:\Users\hoppe\Downloads\FRST.txt
2017-09-06 11:46 - 2017-09-07 09:11 - 000000000 ____D C:\FRST
2017-09-06 11:46 - 2017-09-06 11:46 - 002395648 _____ (Farbar) C:\Users\hoppe\Downloads\FRST64.exe
2017-09-06 11:24 - 2017-09-06 11:24 - 000002324 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-06 11:23 - 2017-09-06 11:23 - 000003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-09-06 11:23 - 2017-09-06 11:23 - 000003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-09-06 11:14 - 2017-09-06 11:14 - 001130328 _____ (Google Inc.) C:\Users\hoppe\Downloads\ChromeSetup.exe
2017-09-06 11:11 - 2017-09-06 11:11 - 007178424 _____ (VS Revo Group ) C:\Users\hoppe\Downloads\revosetup_v2.0.3.exe
2017-09-06 11:11 - 2017-09-06 11:11 - 000001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-09-06 11:11 - 2017-09-06 11:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-09-06 11:11 - 2017-09-06 11:11 - 000000000 ____D C:\Program Files\VS Revo Group
2017-09-06 10:50 - 2017-09-06 11:24 - 000002336 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-05 20:48 - 2017-08-01 04:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-09-05 20:48 - 2017-08-01 04:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-09-05 20:48 - 2017-08-01 04:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-09-05 20:48 - 2017-08-01 04:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-09-05 20:48 - 2017-08-01 04:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-09-05 20:48 - 2017-08-01 04:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-09-05 20:48 - 2017-08-01 04:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-05 20:48 - 2017-08-01 04:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-09-05 20:48 - 2017-08-01 04:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-09-05 20:48 - 2017-08-01 04:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-09-05 20:48 - 2017-08-01 04:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-09-05 20:48 - 2017-08-01 03:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-09-05 20:48 - 2017-07-28 07:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-09-05 20:48 - 2017-07-28 06:48 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-09-05 20:48 - 2017-07-28 06:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-09-05 20:48 - 2017-07-28 06:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-09-05 20:48 - 2017-07-28 06:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-09-05 20:48 - 2017-07-28 06:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-05 20:48 - 2017-07-28 06:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-09-05 20:48 - 2017-07-28 06:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-09-05 20:48 - 2017-07-28 06:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-09-05 20:48 - 2017-07-28 06:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-09-05 20:48 - 2017-07-28 06:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-09-05 20:48 - 2017-07-28 06:33 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-09-05 20:48 - 2017-07-28 06:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-09-05 20:48 - 2017-07-28 06:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll
2017-09-05 20:48 - 2017-07-28 06:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-09-05 20:48 - 2017-07-28 06:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-09-05 20:48 - 2017-07-28 06:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-09-05 20:48 - 2017-07-28 06:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-09-05 20:48 - 2017-07-28 06:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-09-05 20:48 - 2017-07-28 06:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-09-05 20:48 - 2017-07-28 06:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-09-05 20:48 - 2017-07-28 06:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-09-05 20:48 - 2017-07-28 06:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-09-05 20:48 - 2017-07-28 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-09-05 20:48 - 2017-07-28 06:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-09-05 20:48 - 2017-07-28 06:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-09-05 20:48 - 2017-07-28 06:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-09-05 20:48 - 2017-07-28 06:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-09-05 20:48 - 2017-07-28 06:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-09-05 20:48 - 2017-07-28 06:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-09-05 20:48 - 2017-07-28 06:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-09-05 20:48 - 2017-07-28 06:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-09-05 20:48 - 2017-07-28 06:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-09-05 20:47 - 2017-08-01 04:39 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-09-05 20:47 - 2017-08-01 04:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-09-05 20:47 - 2017-08-01 04:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-09-05 20:47 - 2017-08-01 04:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-09-05 20:47 - 2017-08-01 04:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-09-05 20:47 - 2017-08-01 04:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-09-05 20:47 - 2017-08-01 04:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-09-05 20:47 - 2017-08-01 04:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-09-05 20:47 - 2017-08-01 04:32 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-09-05 20:47 - 2017-08-01 04:31 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-09-05 20:47 - 2017-08-01 04:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-09-05 20:47 - 2017-08-01 04:30 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-09-05 20:47 - 2017-08-01 04:30 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-09-05 20:47 - 2017-08-01 04:30 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-09-05 20:47 - 2017-08-01 04:30 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-09-05 20:47 - 2017-08-01 04:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-09-05 20:47 - 2017-08-01 04:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-09-05 20:47 - 2017-08-01 04:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-09-05 20:47 - 2017-08-01 04:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-09-05 20:47 - 2017-08-01 04:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-09-05 20:47 - 2017-08-01 04:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-09-05 20:47 - 2017-08-01 04:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-09-05 20:47 - 2017-08-01 04:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-09-05 20:47 - 2017-08-01 04:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-09-05 20:47 - 2017-08-01 04:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-09-05 20:47 - 2017-08-01 04:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-09-05 20:47 - 2017-08-01 04:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-09-05 20:47 - 2017-08-01 04:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-09-05 20:47 - 2017-08-01 04:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-09-05 20:47 - 2017-08-01 04:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-09-05 20:47 - 2017-08-01 04:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-09-05 20:47 - 2017-08-01 04:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-09-05 20:47 - 2017-08-01 03:57 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-09-05 20:47 - 2017-08-01 03:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-09-05 20:47 - 2017-08-01 03:36 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-09-05 20:47 - 2017-08-01 03:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-09-05 20:47 - 2017-08-01 03:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-09-05 20:47 - 2017-08-01 03:32 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-09-05 20:47 - 2017-08-01 03:31 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-09-05 20:47 - 2017-08-01 03:30 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-09-05 20:47 - 2017-08-01 03:28 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-09-05 20:47 - 2017-08-01 03:28 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-09-05 20:47 - 2017-07-28 07:25 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-09-05 20:47 - 2017-07-28 07:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-09-05 20:47 - 2017-07-28 07:24 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-09-05 20:47 - 2017-07-28 07:24 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2017-09-05 20:47 - 2017-07-28 07:23 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-05 20:47 - 2017-07-28 07:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2017-09-05 20:47 - 2017-07-28 07:22 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-09-05 20:47 - 2017-07-28 07:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-09-05 20:47 - 2017-07-28 07:17 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-09-05 20:47 - 2017-07-28 07:16 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-09-05 20:47 - 2017-07-28 07:15 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-09-05 20:47 - 2017-07-28 07:15 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-09-05 20:47 - 2017-07-28 07:14 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-05 20:47 - 2017-07-28 07:13 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-05 20:47 - 2017-07-28 07:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-09-05 20:47 - 2017-07-28 07:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-09-05 20:47 - 2017-07-28 07:13 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-09-05 20:47 - 2017-07-28 07:13 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-09-05 20:47 - 2017-07-28 07:12 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-09-05 20:47 - 2017-07-28 07:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-09-05 20:47 - 2017-07-28 07:10 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-09-05 20:47 - 2017-07-28 07:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-09-05 20:47 - 2017-07-28 07:09 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-09-05 20:47 - 2017-07-28 07:09 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-09-05 20:47 - 2017-07-28 06:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2017-09-05 20:47 - 2017-07-28 06:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-09-05 20:47 - 2017-07-28 06:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-09-05 20:47 - 2017-07-28 06:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-09-05 20:47 - 2017-07-28 06:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-09-05 20:47 - 2017-07-28 06:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2017-09-05 20:47 - 2017-07-28 06:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2017-09-05 20:47 - 2017-07-28 06:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
2017-09-05 20:47 - 2017-07-28 06:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2017-09-05 20:47 - 2017-07-28 06:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-09-05 20:47 - 2017-07-28 06:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-09-05 20:47 - 2017-07-28 06:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-09-05 20:47 - 2017-07-28 06:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-09-05 20:47 - 2017-07-28 06:26 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-09-05 20:47 - 2017-07-28 06:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2017-09-05 20:47 - 2017-07-28 06:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-09-05 20:47 - 2017-07-28 06:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-09-05 20:47 - 2017-07-28 06:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-09-05 20:47 - 2017-07-28 06:24 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-09-05 20:47 - 2017-07-28 06:23 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-09-05 20:47 - 2017-07-28 06:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-09-05 20:47 - 2017-07-28 06:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-09-05 20:47 - 2017-07-28 06:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-09-05 20:47 - 2017-07-28 06:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-09-05 20:47 - 2017-07-28 06:21 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-09-05 20:47 - 2017-07-28 06:21 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-09-05 20:47 - 2017-07-28 06:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2017-09-05 20:47 - 2017-07-28 06:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-09-05 20:47 - 2017-07-28 06:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-09-05 20:47 - 2017-07-28 06:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-09-05 20:47 - 2017-07-28 06:19 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-09-05 20:47 - 2017-07-28 06:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-09-05 20:47 - 2017-07-28 06:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-09-05 20:47 - 2017-07-28 06:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2017-09-05 20:47 - 2017-07-28 06:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-09-05 20:47 - 2017-07-28 06:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-09-05 20:47 - 2017-07-28 06:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-09-05 20:47 - 2017-07-28 06:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-09-05 20:47 - 2017-07-28 06:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll
2017-09-05 20:47 - 2017-07-28 06:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-09-05 20:47 - 2017-07-28 06:14 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-05 20:47 - 2017-07-28 06:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-09-05 20:47 - 2017-07-28 06:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-09-05 20:47 - 2017-07-28 06:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-09-05 20:47 - 2017-07-28 06:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-09-05 20:47 - 2017-07-28 06:12 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-09-05 20:47 - 2017-07-28 06:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-09-05 20:47 - 2017-07-28 06:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-09-05 20:47 - 2017-07-28 06:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-09-05 20:47 - 2017-07-28 06:10 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-09-05 20:47 - 2017-07-28 06:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
2017-09-05 20:47 - 2017-07-28 06:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-09-05 20:47 - 2017-07-28 06:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2017-09-05 20:47 - 2017-07-28 06:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2017-09-05 20:47 - 2017-07-28 06:07 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-09-05 20:47 - 2017-07-28 06:07 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-09-05 20:47 - 2017-07-28 06:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-09-05 20:47 - 2017-07-28 06:06 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-09-05 20:47 - 2017-07-28 06:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-09-05 20:47 - 2017-07-28 06:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-09-05 20:47 - 2017-07-28 06:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-09-05 20:47 - 2017-07-28 06:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-09-05 20:47 - 2017-07-28 06:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2017-09-05 20:46 - 2017-08-01 04:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-09-05 20:46 - 2017-08-01 04:32 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-09-05 20:46 - 2017-08-01 04:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-09-05 20:46 - 2017-08-01 04:31 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-09-05 20:46 - 2017-08-01 04:31 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-09-05 20:46 - 2017-08-01 04:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-09-05 20:46 - 2017-08-01 04:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-09-05 20:46 - 2017-08-01 04:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-09-05 20:46 - 2017-08-01 03:45 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-09-05 20:46 - 2017-08-01 03:45 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-09-05 20:46 - 2017-08-01 03:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-09-05 20:46 - 2017-08-01 03:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-09-05 20:46 - 2017-08-01 03:44 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-09-05 20:46 - 2017-08-01 03:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-09-05 20:46 - 2017-08-01 03:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-09-05 20:46 - 2017-08-01 03:42 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-05 20:46 - 2017-08-01 03:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2017-09-05 20:46 - 2017-08-01 03:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-09-05 20:46 - 2017-08-01 03:40 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-05 20:46 - 2017-08-01 03:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-09-05 20:46 - 2017-08-01 03:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-09-05 20:46 - 2017-08-01 03:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-09-05 20:46 - 2017-08-01 03:38 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-09-05 20:46 - 2017-08-01 03:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2017-09-05 20:46 - 2017-08-01 03:37 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-09-05 20:46 - 2017-08-01 03:37 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-09-05 20:46 - 2017-08-01 03:33 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-09-05 20:46 - 2017-08-01 03:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-09-05 20:46 - 2017-08-01 03:32 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-05 20:46 - 2017-08-01 03:31 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-09-05 20:46 - 2017-08-01 03:31 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-09-05 20:46 - 2017-08-01 03:30 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-09-05 20:46 - 2017-08-01 03:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-09-05 20:46 - 2017-08-01 03:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-09-05 20:46 - 2017-08-01 03:27 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-09-05 20:46 - 2017-08-01 03:27 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2017-09-05 20:46 - 2017-08-01 03:27 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-09-05 20:46 - 2017-08-01 03:26 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-09-05 20:46 - 2017-08-01 03:25 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2017-09-05 20:46 - 2017-08-01 03:25 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-09-05 20:46 - 2017-08-01 03:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2017-09-05 20:46 - 2017-07-28 07:30 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-09-05 20:46 - 2017-07-28 07:24 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-09-05 20:46 - 2017-07-28 07:16 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-09-05 20:46 - 2017-07-28 07:15 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-09-05 20:46 - 2017-07-28 07:15 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-09-05 20:46 - 2017-07-28 07:14 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-09-05 20:46 - 2017-07-28 07:13 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2017-09-05 20:46 - 2017-07-28 07:13 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll
2017-09-05 20:46 - 2017-07-28 07:12 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-09-05 20:46 - 2017-07-28 07:12 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2017-09-05 20:46 - 2017-07-28 07:10 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-09-05 20:46 - 2017-07-28 06:31 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-09-05 20:46 - 2017-07-28 06:30 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-09-05 20:46 - 2017-07-28 06:29 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-05 20:46 - 2017-07-28 06:29 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-09-05 20:46 - 2017-07-28 06:26 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2017-09-05 20:46 - 2017-07-28 06:26 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll
2017-09-05 20:46 - 2017-07-28 06:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-09-05 20:46 - 2017-07-28 06:25 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-05 20:46 - 2017-07-28 06:24 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-09-05 20:46 - 2017-07-28 06:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-09-05 20:46 - 2017-07-28 06:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-09-05 20:46 - 2017-07-28 06:23 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-09-05 20:46 - 2017-07-28 06:23 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-09-05 20:46 - 2017-07-28 06:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-09-05 20:46 - 2017-07-28 06:22 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-05 20:46 - 2017-07-28 06:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-09-05 20:46 - 2017-07-28 06:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-09-05 20:46 - 2017-07-28 06:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-09-05 20:46 - 2017-07-28 06:21 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-09-05 20:46 - 2017-07-28 06:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-09-05 20:46 - 2017-07-28 06:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
2017-09-05 20:46 - 2017-07-28 06:20 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-09-05 20:46 - 2017-07-28 06:20 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-09-05 20:46 - 2017-07-28 06:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-09-05 20:46 - 2017-07-28 06:19 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-05 20:46 - 2017-07-28 06:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-09-05 20:46 - 2017-07-28 06:19 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-09-05 20:46 - 2017-07-28 06:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-09-05 20:46 - 2017-07-28 06:19 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-09-05 20:46 - 2017-07-28 06:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-09-05 20:46 - 2017-07-28 06:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2017-09-05 20:46 - 2017-07-28 06:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-05 20:46 - 2017-07-28 06:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-09-05 20:46 - 2017-07-28 06:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-09-05 20:46 - 2017-07-28 06:17 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-05 20:46 - 2017-07-28 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-05 20:46 - 2017-07-28 06:17 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-09-05 20:46 - 2017-07-28 06:17 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-09-05 20:46 - 2017-07-28 06:17 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-09-05 20:46 - 2017-07-28 06:16 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-09-05 20:46 - 2017-07-28 06:15 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-09-05 20:46 - 2017-07-28 06:15 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-09-05 20:46 - 2017-07-28 06:15 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll
2017-09-05 20:46 - 2017-07-28 06:14 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-09-05 20:46 - 2017-07-28 06:13 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-09-05 20:46 - 2017-07-28 06:13 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-09-05 20:46 - 2017-07-28 06:13 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-09-05 20:46 - 2017-07-28 06:12 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-09-05 20:46 - 2017-07-28 06:12 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-09-05 20:46 - 2017-07-28 06:12 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-09-05 20:46 - 2017-07-28 06:11 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-09-05 20:46 - 2017-07-28 06:10 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-09-05 20:46 - 2017-07-28 06:09 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-09-05 20:46 - 2017-07-28 06:09 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-09-05 20:46 - 2017-07-28 06:08 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-09-05 20:46 - 2017-07-28 06:06 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-09-05 20:46 - 2017-07-28 06:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2017-09-05 20:46 - 2017-07-28 06:05 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-09-05 20:46 - 2017-07-28 06:05 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-09-05 20:46 - 2017-07-28 06:05 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-09-05 20:46 - 2017-07-28 06:05 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-09-05 20:46 - 2017-07-28 06:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2017-09-05 19:54 - 2017-09-05 19:54 - 000000000 ____D C:\Users\hoppe\AppData\Local\Disc_Soft_Ltd
2017-09-05 19:52 - 2017-09-05 19:52 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2017-09-05 19:50 - 2017-09-05 19:50 - 000000000 ____D C:\ProgramData\DAEMON Tools Ultra
2017-09-05 15:26 - 2017-09-05 18:18 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-09-05 15:25 - 2017-09-06 09:20 - 000266304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-05 15:24 - 2017-09-05 18:24 - 000000000 ____D C:\WINDOWS\pss
2017-09-05 14:42 - 2017-09-07 08:57 - 000000008 __RSH C:\ProgramData\ntuser.pol
2017-09-04 22:41 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2017-09-04 22:41 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2017-09-04 22:41 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2017-09-04 22:41 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2017-09-04 20:12 - 2017-09-06 09:49 - 000000000 ____D C:\Users\hoppe\AppData\Local\NFS Underground 2
2017-09-04 20:08 - 2017-09-04 20:08 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2017-09-04 20:07 - 2017-09-05 19:54 - 000000000 ____D C:\Users\hoppe\AppData\Roaming\DAEMON Tools Lite
2017-09-04 20:07 - 2017-09-04 20:07 - 000047672 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2017-09-04 20:07 - 2017-09-04 20:07 - 000030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2017-09-04 18:23 - 2017-09-04 18:23 - 000000000 ____D C:\Users\hoppe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-09-04 18:23 - 2017-09-04 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-09-02 17:08 - 2017-09-02 17:08 - 000000000 ____D C:\Users\hoppe\AppData\Local\Steam
2017-08-15 18:27 - 2017-08-15 19:05 - 000000000 ____D C:\Users\hoppe\AppData\Roaming\discord
2017-08-15 18:27 - 2017-08-15 18:27 - 000000000 ____D C:\Users\hoppe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2017-08-15 18:26 - 2017-08-15 18:27 - 000000000 ____D C:\Users\hoppe\AppData\Local\SquirrelTemp
2017-08-15 18:26 - 2017-08-15 18:27 - 000000000 ____D C:\Users\hoppe\AppData\Local\Discord
2017-08-15 08:56 - 2017-08-15 08:56 - 000000000 ____D C:\Users\hoppe\AppData\Local\Pokemon Insurgence
2017-08-14 16:48 - 2017-08-15 14:49 - 000000444 _____ C:\Users\hoppe\AppData\Roaming\CSharpAnalytics-MeasurementSession
2017-08-14 16:48 - 2017-08-14 16:48 - 000000000 ____D C:\Users\hoppe\AppData\Local\InsurgenceLauncher
2017-08-08 19:47 - 2017-09-04 22:57 - 000003500 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-07 09:07 - 2016-08-09 21:06 - 000000000 __SHD C:\Users\hoppe\IntelGraphicsProfiles
2017-09-07 09:07 - 2016-08-09 20:44 - 000000000 ____D C:\Users\hoppe\AppData\LocalLow\360WD
2017-09-07 09:06 - 2017-07-17 08:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-07 09:06 - 2017-03-18 13:40 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2017-09-07 09:04 - 2017-07-17 08:39 - 002184590 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-07 09:04 - 2017-03-20 06:35 - 000985116 _____ C:\WINDOWS\system32\perfh007.dat
2017-09-07 09:04 - 2017-03-20 06:35 - 000213220 _____ C:\WINDOWS\system32\perfc007.dat
2017-09-07 08:58 - 2017-01-02 19:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-07 08:53 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-09-07 03:04 - 2017-07-17 08:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-07 00:12 - 2017-07-17 08:26 - 000000000 ____D C:\Users\hoppe
2017-09-06 15:02 - 2017-01-02 22:34 - 000000000 ____D C:\Users\hoppe\AppData\LocalLow\Mozilla
2017-09-06 15:02 - 2017-01-02 19:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-06 14:28 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-06 14:28 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-06 11:24 - 2016-08-09 20:37 - 000000000 ____D C:\Users\hoppe\AppData\Local\Google
2017-09-06 11:24 - 2016-08-09 20:36 - 000000000 ____D C:\Program Files (x86)\Google
2017-09-06 09:23 - 2016-08-09 20:22 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-05 23:22 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-09-05 23:22 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-09-05 23:22 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-09-05 23:22 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-09-05 23:22 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-09-05 23:22 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-09-05 23:22 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-05 23:22 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-05 23:19 - 2016-08-09 23:57 - 000046592 _____ C:\Users\hoppe\Desktop\Animeliste.xls
2017-09-05 20:54 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-05 20:51 - 2016-08-09 22:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-05 20:49 - 2016-08-09 22:40 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-05 18:32 - 2016-08-09 21:29 - 000000000 ___RD C:\Users\hoppe\Desktop\Stuff
2017-09-05 17:49 - 2017-05-31 21:24 - 000000000 ____D C:\download
2017-09-05 14:41 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-09-04 23:00 - 2016-09-27 22:56 - 000000000 ____D C:\ProgramData\360Quarant
2017-09-04 22:58 - 2017-05-31 21:24 - 000000000 __SHD C:\$360Section
2017-09-04 22:57 - 2017-07-18 11:51 - 000003816 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-09-04 22:57 - 2017-07-16 15:01 - 000000000 ___DC C:\WINDOWS\Panther
2017-08-17 17:07 - 2016-09-28 13:52 - 000000000 ____D C:\Users\hoppe\AppData\Roaming\.minecraft
2017-08-17 16:08 - 2016-08-10 12:44 - 000000000 ____D C:\Users\hoppe\AppData\Roaming\vlc
2017-08-16 07:31 - 2017-07-14 07:40 - 000000544 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2017-08-16 07:31 - 2016-08-09 20:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2017-08-11 11:41 - 2016-09-12 11:40 - 000095232 _____ (360.cn) C:\WINDOWS\SysWOW64\Drivers\360AvFlt.sys
2017-08-11 11:41 - 2016-08-09 20:44 - 000339456 _____ (360.cn) C:\WINDOWS\system32\Drivers\360Box64.sys
2017-08-08 19:47 - 2017-07-18 11:50 - 000000000 ____D C:\Users\hoppe\AppData\Local\Adobe
2017-08-08 19:46 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-08 19:46 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-08-14 16:48 - 2017-08-15 14:49 - 000000444 _____ () C:\Users\hoppe\AppData\Roaming\CSharpAnalytics-MeasurementSession

Einige Dateien in TEMP:
====================
2017-09-06 10:57 - 2017-09-04 20:12 - 000085353 _____ () C:\Users\hoppe\AppData\Local\Temp\Uninstall.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-09-03 11:23

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-08-2017
durchgeführt von hoppe (07-09-2017 09:12:51)
Gestartet von C:\Users\hoppe\Downloads
Windows 10 Home Version 1703 (X64) (2017-07-17 06:44:04)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2502170952-984855085-4023997487-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2502170952-984855085-4023997487-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2502170952-984855085-4023997487-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-2502170952-984855085-4023997487-501 - Limited - Disabled)
hoppe (S-1-5-21-2502170952-984855085-4023997487-1001 - Administrator - Enabled) => C:\Users\hoppe

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: 360 Total Security (Enabled - Up to date) {0371CA44-3F80-A1D3-BECE-910620B58D50}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 360 Total Security (Enabled - Up to date) {B8102BA0-19BA-AE5D-847E-AA745B32C7ED}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 9.2.0.1124 - 360 Security Center)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
AutoREALM Version 2.2.1 (HKLM-x32\...\AutoREALM_is1) (Version:  - )
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version:  - Cheat Engine)
Discord (HKU\S-1-5-21-2502170952-984855085-4023997487-1001\...\Discord) (Version: 0.0.298 - Discord Inc.)
Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.79 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
Malwarebytes Version 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-2502170952-984855085-4023997487-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1 - Mozilla)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
Project64 version 2.2.0.3 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.2.0.3 - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
WinRAR 5.50 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2502170952-984855085-4023997487-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\hoppe\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2502170952-984855085-4023997487-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\hoppe\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2502170952-984855085-4023997487-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ContextMenuHandlers1: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => D:\360\Total Security\MenuEx64.dll [2017-08-11] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Winrar\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Winrar\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers4: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => D:\360\Total Security\MenuEx64.dll [2017-08-11] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers6: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => D:\360\Total Security\MenuEx64.dll [2017-08-11] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Winrar\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Winrar\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2F01892E-7E19-4380-86FC-71AEA56BAE4F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-06] (Google Inc.)
Task: {7989CFF0-F2ED-4D6F-99A5-1D2F597CD98E} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_151_pepper.exe [2017-08-08] (Adobe Systems Incorporated)
Task: {8892460A-715A-4706-B9D5-B213DB997992} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-08] (Adobe Systems Incorporated)
Task: {FBD75506-8A59-4C90-9FB1-E2016FA08010} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-06] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-09-07 09:02 - 2017-08-24 11:27 - 002264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:36 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-07-17 16:25 - 2017-08-11 11:41 - 000099240 _____ () D:\360\Total Security\deepscan\qutmload.dll
2017-07-17 16:25 - 2017-08-11 11:41 - 000499296 _____ () D:\360\Total Security\safemon\wdui2.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2502170952-984855085-4023997487-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\hoppe\OneDrive\Bilder\Creepy\fcba139e5064c8e11cce742d2ed429bf.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "331BigDog"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{BC01A7B5-58D0-4687-AFED-8EDB29F60059}] => (Allow) C:\Users\hoppe\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{1604BF30-2566-40AD-BDE5-51234939D246}] => (Allow) C:\Users\hoppe\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [UDP Query User{6CD42DFF-4D14-4EC4-9E45-6463479EBEEF}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [TCP Query User{5B818941-119F-46E8-A544-D90F41ABE117}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [{9254EEC0-5926-4300-8099-20D16A8E3A8F}] => (Allow) C:\Users\hoppe\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{710F6A93-287E-48EC-AF70-70569C2C0BDF}] => (Allow) C:\Users\hoppe\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{D8B21F6A-617F-4225-A7A6-95880AFA55A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1394769F-C173-4B13-8343-436E5F71A435}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B333C503-9176-4CD9-956B-90381CEB9EC7}] => (Allow) C:\Users\hoppe\360\Total Security\LiveUpdate360.exe
FirewallRules: [{5B575C8D-9AA8-4CDE-AEBD-70674FA2E1EA}] => (Allow) C:\Users\hoppe\360\Total Security\LiveUpdate360.exe
FirewallRules: [UDP Query User{0FBEEF90-4E3B-43D7-9F34-9DAC6FFDC941}D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{7FF923A6-B411-413C-8335-16811F40A45D}D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{927E6533-27EA-44C3-AB6C-A124D3CF61F0}] => (Allow) C:\Users\hoppe\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{F19F6019-320C-477A-AAE9-18DB2AA9784D}] => (Allow) C:\Users\hoppe\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{6B8C4024-B119-4B73-8551-D78A52254403}] => (Allow) C:\Users\hoppe\360\Total Security\LiveUpdate360.exe
FirewallRules: [{D7251173-B444-46BD-9685-6C639ED829AE}] => (Allow) C:\Users\hoppe\360\Total Security\LiveUpdate360.exe
FirewallRules: [UDP Query User{F0D89397-D730-450F-BC4D-05D07F954AB4}D:\vlc\vlc.exe] => (Block) D:\vlc\vlc.exe
FirewallRules: [TCP Query User{A9F4F469-0278-45EC-9113-2EAC133D4060}D:\vlc\vlc.exe] => (Block) D:\vlc\vlc.exe
FirewallRules: [{C92D8FBC-7558-41AC-A425-AD7D86AA7957}] => (Allow) C:\Users\hoppe\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{290C8602-5D8D-4181-BB83-E16DC27112AD}] => (Allow) C:\Users\hoppe\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{7FA04874-D8EA-4647-819B-8566CC1C0616}] => (Allow) D:\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{D03CE87D-D813-4F08-A594-0AC4E3241C88}] => (Allow) D:\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{AA78FC5B-7784-4466-9452-58926436AF02}] => (Allow) D:\360\Total Security\LiveUpdate360.exe
FirewallRules: [{400AB802-CD84-4AC7-AEAF-94652CE462E8}] => (Allow) D:\360\Total Security\LiveUpdate360.exe
FirewallRules: [{84678429-9A96-4782-9C4B-054571C5309D}] => (Allow) D:\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{0602538A-2478-45C6-B64C-4BA33299FFA4}] => (Allow) D:\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{FB98DB5A-BC1E-4225-AA88-13714E4A8784}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{80E8E410-9AD7-4345-90DD-0630F36945C3}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{CAC972D7-0A86-4A53-9657-5B8A2B90F1CE}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{43236745-BF1B-468F-BFDC-BD91970F98FE}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{778C68A6-1442-43FF-93A8-E73AD15836AD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E4A9D8EB-5D7F-4431-A723-1CD7E6EC85A6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{66AA39F9-5C86-4B9E-BE6F-3346B1CB4426}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BD77CFC4-8BA0-43B3-8F69-301E284B0B15}] => (Allow) D:\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{9411AA1A-3A28-405D-82B8-3A11F81A4C17}] => (Allow) D:\360\Total Security\safemon\QHSafeTray.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/06/2017 02:59:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 54.0.1.6388, Zeitstempel: 0x5953d1f8
Name des fehlerhaften Moduls: xul.dll, Version: 54.0.1.6388, Zeitstempel: 0x5953d62e
Ausnahmecode: 0x80000003
Fehleroffset: 0x008a6bcb
ID des fehlerhaften Prozesses: 0x1464
Startzeit der fehlerhaften Anwendung: 0x01d326ec887cb7b1
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll
Berichtskennung: 8233c6b5-bd49-4f8b-a5ac-38e6e9344662
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/06/2017 10:50:38 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BLACKHARMONICS)
Description: Bei der Aktivierung der App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/06/2017 09:23:44 AM) (Source: MsiInstaller) (EventID: 11310) (User: BLACKHARMONICS)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\hoppe\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (09/06/2017 09:23:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BLACKHARMONICS)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/06/2017 09:23:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_AppReadiness, Version: 10.0.15063.0, Zeitstempel: 0x02799ef5
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.447, Zeitstempel: 0xa329d3a8
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f775f
ID des fehlerhaften Prozesses: 0xdd4
Startzeit der fehlerhaften Anwendung: 0x01d326e0c4fc2fe3
Pfad der fehlerhaften Anwendung: c:\windows\system32\svchost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 9055d150-675c-4638-bbc9-a2d7c4936166
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/05/2017 10:37:45 PM) (Source: MsiInstaller) (EventID: 11310) (User: BLACKHARMONICS)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\hoppe\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (09/05/2017 08:51:04 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (09/05/2017 08:08:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SPEED2.EXE, Version: 0.0.0.0, Zeitstempel: 0x214d4c48
Name des fehlerhaften Moduls: SPEED2.EXE, Version: 0.0.0.0, Zeitstempel: 0x214d4c48
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002f6af9
ID des fehlerhaften Prozesses: 0x11fc
Startzeit der fehlerhaften Anwendung: 0x01d326700a327637
Pfad der fehlerhaften Anwendung: D:\Need for Speed Underground 2\SPEED2.EXE
Pfad des fehlerhaften Moduls: D:\Need for Speed Underground 2\SPEED2.EXE
Berichtskennung: 9536c610-0bc1-470a-9648-6dfb713ff63f
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/05/2017 06:23:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: BLACKHARMONICS)
Description: Das Paket „Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy+CortanaUI“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (09/05/2017 06:21:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: BLACKHARMONICS)
Description: Das Paket „Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy+CortanaUI“ wurde beendet, da das Anhalten zu lange dauerte.


Systemfehler:
=============
Error: (09/07/2017 09:06:53 AM) (Source: DCOM) (EventID: 10016) (User: BLACKHARMONICS)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "BLACKHARMONICS\hoppe" (SID: S-1-5-21-2502170952-984855085-4023997487-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 und der APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/07/2017 09:06:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (09/07/2017 08:58:18 AM) (Source: DCOM) (EventID: 10016) (User: BLACKHARMONICS)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "BLACKHARMONICS\hoppe" (SID: S-1-5-21-2502170952-984855085-4023997487-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 und der APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/07/2017 08:58:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (09/07/2017 08:57:04 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/07/2017 08:57:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SynTPEnh Caller Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/07/2017 08:57:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) HD Graphics Control Panel Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/06/2017 10:50:38 AM) (Source: DCOM) (EventID: 10010) (User: BLACKHARMONICS)
Description: Der Server "windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/06/2017 09:23:24 AM) (Source: DCOM) (EventID: 10001) (User: BLACKHARMONICS)
Description: Ein DCOM-Server konnte nicht gestartet werden: Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy!CortanaUI als Nicht verfügbar/Nicht verfügbar. Fehler:
"15616"
Aufgetreten beim Start dieses Befehls:
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca

Error: (09/06/2017 09:23:04 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "App-Vorbereitung" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-3227U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 46%
Installierter physikalischer RAM: 3960.25 MB
Verfügbarer physikalischer RAM: 2137.44 MB
Summe virtueller Speicher: 4664.25 MB
Verfügbarer virtueller Speicher: 2781.59 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:98.96 GB) (Free:76.54 GB) NTFS
Drive d: (VOLUME) (Fixed) (Total:22.34 GB) (Free:19.49 GB) FAT32
Drive e: (Volume) (Fixed) (Total:365.76 GB) (Free:322.2 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 22.4 GB) (Disk ID: 2ADC09CE)

Partition: GPT.

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 2ADC09C7)

Partition: GPT.

==================== Ende von Addition.txt ============================

M-K-D-B · 07.09.2017, 09:40

Servus,

wegen eines Bugs in AdwCleaner hat das Programm die CHR-Erweiterung nicht erkannt. Wir versuchen es jetzt mit FRST.

Schritt 1

Kopiere den Inhalt der folgenden Code-Box:

Code:

ATTFilter

Start::
CloseProcesses:
C:\Users\hoppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhhlffidbdcekjjclelmafdgfpekkgeh
EmptyTemp:
End::

Starte nun FRST und klicke den Entfernen Button.
Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Schritt 2

Deinstalliere Google Chrome über die Systemsteuerung. (Bebilderte Anleitung)
Setze bei der Deinstallation auch einen Haken vor Auch die Browserdaten löschen (oder so ähnlich).
Starte den Rechner im Anschluss neu auf.
Installiere Google Chrome neu (falls benötigt). Keine Erweiterungen/Plugins installieren und nicht mit einem evtl. vorhandenen Konto verbinden/synchronisieren.

Schritt 3
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)

Doppelklicke auf die SystemLook.exe, um das Tool zu starten.

Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

Code:

ATTFilter

:regfind
ReiEngine
REI_AxControl
Reimage
ParetoLogic
fhhlffidbdcekjjclelmafdgfpekkgeh
www1.online

Klicke nun auf den Button Look, um den Scan zu starten.
Der Suchlauf kann einige Zeit dauern.
Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.

Schritt 4

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von SystemLook,
die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).

BlackOnyx · 07.09.2017, 09:52

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-08-2017
durchgeführt von hoppe (07-09-2017 10:47:21) Run:1
Gestartet von C:\Users\hoppe\Desktop\Repair
Geladene Profile: hoppe (Verfügbare Profile: defaultuser0 & hoppe)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************

CloseProcesses:
C:\Users\hoppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhhlffidbdcekjjclelmafdgfpekkgeh
EmptyTemp:

*****************

Prozesse erfolgreich geschlossen.
C:\Users\hoppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhhlffidbdcekjjclelmafdgfpekkgeh => erfolgreich verschoben

=========== EmptyTemp: ==========

BITS transfer queue => 6578176 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19219907 B
Java, Flash, Steam htmlcache => 14857727 B
Windows/system/drivers => 5009 B
Edge => 35439346 B
Chrome => 10128036 B
Firefox => 64975189 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 10156 B
LocalService => 4082 B
NetworkService => 0 B
defaultuser0 => 0 B
hoppe => 19966348 B

RecycleBin => 0 B
EmptyTemp: => 163.3 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 10:47:52 ====

M-K-D-B · 07.09.2017, 09:55

Ok, gut gemacht.

Und weiter.

BlackOnyx · 07.09.2017, 09:56

Ja, musste halt neustarten xD bin dabei :P

M-K-D-B · 07.09.2017, 10:01

Zitat:

Zitat von BlackOnyx

Ja, musste halt neustarten xD bin dabei :P

Ich weiß. Kein Stress.

BlackOnyx · 07.09.2017, 10:08

Vielen Dank noch einmal, dass du dir die Zeit dafür nimmst.

Ist ja echt nicht selbstverständlich.
Aber der SystemLook Scan dauert

Code:

ATTFilter

SystemLook 30.07.11 by jpshortstuff
Log created at 10:58 on 07/09/2017 by hoppe
Administrator - Elevation successful

========== regfind ==========

Searching for "ReiEngine"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}]
@="IReiEngine"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}]
@="_IReiEngineEvents"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}]
@="IReiEngine"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}]
@="_IReiEngineEvents"

Searching for "REI_AxControl"
No data found.

Searching for "Reimage"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"50"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Reimage Repair.lnk C:\Program Files\Reimage\Reimage Repair\ReimageRepair.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{081FD248-ADB4-4B64-A993-784789926ED5}]
@="IStoreImage"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{081FD248-ADB4-4B64-A993-784789926ED5}]
@="IStoreImage"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication]
"Name"="Reimage.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Services.Store.StoreImage]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\CLSID\{e6d42ef8-6742-35a5-b9b5-68b752305e6e}]
"ActivatableClassId"="Windows.Services.Store.StoreImage"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\360Safe\safemon\DownloadHistory]
"-1762784218"="C:\Users\hoppe\Downloads\ReimageRepair.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\360Safe\safemon\DownloadHistory]
"-1761954125"="C:\Users\hoppe\Downloads\ReImage_Plus_PC_Repair_Crack_Plus_Serial_Key.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Services.Store.StoreImage]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\WindowsRuntime\CLSID\{267b74da-489f-3f99-8631-6c729af7ee10}]
"ActivatableClassId"="Windows.Services.Store.StoreImage"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\WindowsRuntime\CLSID\{79f14f2a-ee09-35ad-a6e1-ae0605a37ad1}]
"ActivatableClassId"="Windows.Services.Store.StoreImage"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\Interface\{081FD248-ADB4-4B64-A993-784789926ED5}]
@="IStoreImage"
[HKEY_USERS\S-1-5-21-2502170952-984855085-4023997487-1001\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"50"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair\Reimage Repair.lnk C:\Program Files\Reimage\Reimage Repair\ReimageRepair.exe"

Searching for "ParetoLogic"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"49"="C:\Users\hoppe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic\PC Health Advisor\ParetoLogic PC Health Advisor.lnk C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\360Safe\safemon\DownloadHistory]
"-1764018875"="C:\Users\hoppe\Downloads\ParetoLogic PC Health Advisor_de.exe"
[HKEY_USERS\S-1-5-21-2502170952-984855085-4023997487-1001\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"49"="C:\Users\hoppe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic\PC Health Advisor\ParetoLogic PC Health Advisor.lnk C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe"

Searching for "fhhlffidbdcekjjclelmafdgfpekkgeh"
No data found.

Searching for "www1.online"
No data found.

-= EOF =-

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
durchgeführt von hoppe (Administrator) auf BLACKHARMONICS (07-09-2017 11:06:01)
Gestartet von C:\Users\hoppe\Desktop\Repair
Geladene Profile: hoppe (Verfügbare Profile: defaultuser0 & hoppe)
Platform: Windows 10 Home Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(QIHU 360 SOFTWARE CO. LIMITED) D:\360\Total Security\safemon\QHActiveDefense.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(QIHU 360 SOFTWARE CO. LIMITED) D:\360\Total Security\safemon\QHWatchdog.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(QIHU 360 SOFTWARE CO. LIMITED) D:\360\Total Security\safemon\QHSafeTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM-x32\...\Run: [QHSafeTray] => D:\360\Total Security\safemon\360Tray.exe [345000 2017-08-11] (QIHU 360 SOFTWARE CO. LIMITED)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2174b39f-ac77-42cd-90ec-3f3c64d2b6a5}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{984abe61-1578-488e-87cb-455ffc6824f6}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-2502170952-984855085-4023997487-1001\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKLM -> DefaultScope {F39B74E7-D674-4EC5-9B33-5169AACAE37B} URL = 
SearchScopes: HKU\S-1-5-21-2502170952-984855085-4023997487-1001 -> DefaultScope {F39B74E7-D674-4EC5-9B33-5169AACAE37B} URL = 
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-10-01] (Oracle Corporation)

Edge: 
======
Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_2.2.0.0_neutral__c1wakc4j0nefm [2017-07-17]

FireFox:
========
FF DefaultProfile: r8cprlvn.default
FF ProfilePath: C:\Users\hoppe\AppData\Roaming\Mozilla\Firefox\Profiles\r8cprlvn.default [2017-09-07]
FF Extension: (GMX MailCheck) - C:\Users\hoppe\AppData\Roaming\Mozilla\Firefox\Profiles\r8cprlvn.default\Extensions\toolbar@gmx.net [2017-09-05]
FF Extension: (Adblock Plus) - C:\Users\hoppe\AppData\Roaming\Mozilla\Firefox\Profiles\r8cprlvn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-07-14]
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-10-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-10-01] (Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\VLC\npvlc.dll [2016-06-01] (VideoLAN)

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3815712 2016-04-07] (INCA Internet Co., Ltd.)
R2 QHActiveDefense; D:\360\Total Security\safemon\QHActiveDefense.exe [929888 2017-08-11] (QIHU 360 SOFTWARE CO. LIMITED)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-17] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 360AntiHacker; C:\WINDOWS\System32\Drivers\360AntiHacker64.sys [183800 2017-04-21] (360.cn)
R3 360AvFlt; C:\WINDOWS\System32\DRIVERS\360AvFlt.sys [95232 2016-09-15] (360.cn)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [95232 2017-08-11] (360.cn)
R1 360Box64; C:\WINDOWS\System32\DRIVERS\360Box64.sys [339456 2017-08-11] (360.cn)
R1 360Camera; C:\WINDOWS\System32\Drivers\360Camera64.sys [57848 2017-04-21] (360.cn)
R1 360FsFlt; C:\WINDOWS\System32\DRIVERS\360FsFlt.sys [432120 2017-06-09] (360.cn)
R1 BAPIDRV; C:\WINDOWS\System32\DRIVERS\BAPIDRV64.sys [199160 2017-06-09] (360.cn)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-09-04] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-09-04] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-24] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-09-07] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-09-07] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-09-07] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [253888 2017-09-07] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-09-07] (Malwarebytes)
S3 MotioninJoyXFilter; C:\WINDOWS\System32\drivers\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [Datei ist nicht signiert]
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2017-03-18] (Intel Corporation)
S3 pwftap; C:\WINDOWS\System32\drivers\pwftap.sys [36736 2016-12-13] (The OpenVPN Project)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [422656 2016-03-09] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [648872 2015-09-03] (Vimicro Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-07 10:58 - 2017-09-07 11:05 - 000007124 _____ C:\Users\hoppe\Downloads\SystemLook.txt
2017-09-07 10:57 - 2017-09-07 10:57 - 000165376 _____ C:\Users\hoppe\Downloads\SystemLook_x64.exe
2017-09-07 09:17 - 2017-09-07 10:47 - 000000000 ___RD C:\Users\hoppe\Desktop\Repair
2017-09-07 09:02 - 2017-09-07 10:54 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-07 09:02 - 2017-09-07 10:54 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-09-07 09:02 - 2017-09-07 10:54 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-09-07 09:02 - 2017-09-07 10:54 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-09-07 09:02 - 2017-09-07 09:02 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-09-07 09:02 - 2017-09-07 09:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-07 09:02 - 2017-09-07 09:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-07 09:02 - 2017-09-07 09:02 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-07 09:02 - 2017-08-24 11:27 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-09-07 08:54 - 2017-09-07 08:57 - 000000000 ____D C:\AdwCleaner
2017-09-07 08:53 - 2017-09-07 08:54 - 066347240 _____ (Malwarebytes ) C:\Users\hoppe\Downloads\mb3-setup-consumer-3.2.2.2018.exe
2017-09-06 12:03 - 2017-09-06 12:16 - 000520986 _____ C:\TDSSKiller.3.1.0.15_06.09.2017_12.03.10_log.txt
2017-09-06 11:46 - 2017-09-07 11:06 - 000000000 ____D C:\FRST
2017-09-06 11:14 - 2017-09-06 11:14 - 001130328 _____ (Google Inc.) C:\Users\hoppe\Downloads\ChromeSetup.exe
2017-09-06 11:11 - 2017-09-06 11:11 - 007178424 _____ (VS Revo Group ) C:\Users\hoppe\Downloads\revosetup_v2.0.3.exe
2017-09-06 11:11 - 2017-09-06 11:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-09-06 11:11 - 2017-09-06 11:11 - 000000000 ____D C:\Program Files\VS Revo Group
2017-09-05 20:48 - 2017-08-01 04:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-09-05 20:48 - 2017-08-01 04:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-09-05 20:48 - 2017-08-01 04:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-09-05 20:48 - 2017-08-01 04:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-09-05 20:48 - 2017-08-01 04:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-09-05 20:48 - 2017-08-01 04:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-09-05 20:48 - 2017-08-01 04:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-05 20:48 - 2017-08-01 04:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-09-05 20:48 - 2017-08-01 04:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-09-05 20:48 - 2017-08-01 04:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-09-05 20:48 - 2017-08-01 04:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-09-05 20:48 - 2017-08-01 03:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-09-05 20:48 - 2017-07-28 07:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-09-05 20:48 - 2017-07-28 06:48 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-09-05 20:48 - 2017-07-28 06:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-09-05 20:48 - 2017-07-28 06:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-09-05 20:48 - 2017-07-28 06:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-09-05 20:48 - 2017-07-28 06:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-05 20:48 - 2017-07-28 06:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-09-05 20:48 - 2017-07-28 06:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-09-05 20:48 - 2017-07-28 06:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-09-05 20:48 - 2017-07-28 06:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-09-05 20:48 - 2017-07-28 06:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-09-05 20:48 - 2017-07-28 06:33 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-09-05 20:48 - 2017-07-28 06:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-09-05 20:48 - 2017-07-28 06:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll
2017-09-05 20:48 - 2017-07-28 06:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-09-05 20:48 - 2017-07-28 06:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-09-05 20:48 - 2017-07-28 06:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-09-05 20:48 - 2017-07-28 06:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-09-05 20:48 - 2017-07-28 06:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-09-05 20:48 - 2017-07-28 06:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-09-05 20:48 - 2017-07-28 06:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-09-05 20:48 - 2017-07-28 06:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-09-05 20:48 - 2017-07-28 06:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-09-05 20:48 - 2017-07-28 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-09-05 20:48 - 2017-07-28 06:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-09-05 20:48 - 2017-07-28 06:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-09-05 20:48 - 2017-07-28 06:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-09-05 20:48 - 2017-07-28 06:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-09-05 20:48 - 2017-07-28 06:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-09-05 20:48 - 2017-07-28 06:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-09-05 20:48 - 2017-07-28 06:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-09-05 20:48 - 2017-07-28 06:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-09-05 20:48 - 2017-07-28 06:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-09-05 20:47 - 2017-08-01 04:39 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-09-05 20:47 - 2017-08-01 04:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-09-05 20:47 - 2017-08-01 04:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-09-05 20:47 - 2017-08-01 04:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-09-05 20:47 - 2017-08-01 04:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-09-05 20:47 - 2017-08-01 04:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-09-05 20:47 - 2017-08-01 04:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-09-05 20:47 - 2017-08-01 04:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-09-05 20:47 - 2017-08-01 04:32 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-09-05 20:47 - 2017-08-01 04:31 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-09-05 20:47 - 2017-08-01 04:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-09-05 20:47 - 2017-08-01 04:30 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-09-05 20:47 - 2017-08-01 04:30 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-09-05 20:47 - 2017-08-01 04:30 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-09-05 20:47 - 2017-08-01 04:30 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-09-05 20:47 - 2017-08-01 04:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-09-05 20:47 - 2017-08-01 04:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-09-05 20:47 - 2017-08-01 04:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-09-05 20:47 - 2017-08-01 04:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-09-05 20:47 - 2017-08-01 04:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-09-05 20:47 - 2017-08-01 04:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-09-05 20:47 - 2017-08-01 04:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-09-05 20:47 - 2017-08-01 04:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-09-05 20:47 - 2017-08-01 04:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-09-05 20:47 - 2017-08-01 04:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-09-05 20:47 - 2017-08-01 04:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-09-05 20:47 - 2017-08-01 04:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-09-05 20:47 - 2017-08-01 04:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-09-05 20:47 - 2017-08-01 04:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-09-05 20:47 - 2017-08-01 04:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-09-05 20:47 - 2017-08-01 04:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-09-05 20:47 - 2017-08-01 04:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-09-05 20:47 - 2017-08-01 03:57 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-09-05 20:47 - 2017-08-01 03:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-09-05 20:47 - 2017-08-01 03:36 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-09-05 20:47 - 2017-08-01 03:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-09-05 20:47 - 2017-08-01 03:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-09-05 20:47 - 2017-08-01 03:32 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-09-05 20:47 - 2017-08-01 03:31 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-09-05 20:47 - 2017-08-01 03:30 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-09-05 20:47 - 2017-08-01 03:28 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-09-05 20:47 - 2017-08-01 03:28 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-09-05 20:47 - 2017-08-01 00:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-09-05 20:47 - 2017-07-28 07:25 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-09-05 20:47 - 2017-07-28 07:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-09-05 20:47 - 2017-07-28 07:24 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-09-05 20:47 - 2017-07-28 07:24 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2017-09-05 20:47 - 2017-07-28 07:23 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-05 20:47 - 2017-07-28 07:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2017-09-05 20:47 - 2017-07-28 07:22 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-09-05 20:47 - 2017-07-28 07:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-09-05 20:47 - 2017-07-28 07:17 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-09-05 20:47 - 2017-07-28 07:16 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-09-05 20:47 - 2017-07-28 07:15 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-09-05 20:47 - 2017-07-28 07:15 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-09-05 20:47 - 2017-07-28 07:14 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-05 20:47 - 2017-07-28 07:13 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-05 20:47 - 2017-07-28 07:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-09-05 20:47 - 2017-07-28 07:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-09-05 20:47 - 2017-07-28 07:13 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-09-05 20:47 - 2017-07-28 07:13 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-09-05 20:47 - 2017-07-28 07:12 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-09-05 20:47 - 2017-07-28 07:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-09-05 20:47 - 2017-07-28 07:10 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-09-05 20:47 - 2017-07-28 07:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-09-05 20:47 - 2017-07-28 07:09 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-09-05 20:47 - 2017-07-28 07:09 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-09-05 20:47 - 2017-07-28 06:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2017-09-05 20:47 - 2017-07-28 06:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-09-05 20:47 - 2017-07-28 06:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-09-05 20:47 - 2017-07-28 06:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-09-05 20:47 - 2017-07-28 06:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-09-05 20:47 - 2017-07-28 06:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2017-09-05 20:47 - 2017-07-28 06:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2017-09-05 20:47 - 2017-07-28 06:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
2017-09-05 20:47 - 2017-07-28 06:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2017-09-05 20:47 - 2017-07-28 06:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-09-05 20:47 - 2017-07-28 06:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-09-05 20:47 - 2017-07-28 06:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-09-05 20:47 - 2017-07-28 06:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-09-05 20:47 - 2017-07-28 06:26 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-09-05 20:47 - 2017-07-28 06:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2017-09-05 20:47 - 2017-07-28 06:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-09-05 20:47 - 2017-07-28 06:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-09-05 20:47 - 2017-07-28 06:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-09-05 20:47 - 2017-07-28 06:24 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-09-05 20:47 - 2017-07-28 06:23 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-09-05 20:47 - 2017-07-28 06:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-09-05 20:47 - 2017-07-28 06:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-09-05 20:47 - 2017-07-28 06:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-09-05 20:47 - 2017-07-28 06:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-09-05 20:47 - 2017-07-28 06:21 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-09-05 20:47 - 2017-07-28 06:21 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-09-05 20:47 - 2017-07-28 06:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2017-09-05 20:47 - 2017-07-28 06:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-09-05 20:47 - 2017-07-28 06:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-09-05 20:47 - 2017-07-28 06:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-09-05 20:47 - 2017-07-28 06:19 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-09-05 20:47 - 2017-07-28 06:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-09-05 20:47 - 2017-07-28 06:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-09-05 20:47 - 2017-07-28 06:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2017-09-05 20:47 - 2017-07-28 06:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-09-05 20:47 - 2017-07-28 06:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-09-05 20:47 - 2017-07-28 06:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-09-05 20:47 - 2017-07-28 06:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-09-05 20:47 - 2017-07-28 06:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll
2017-09-05 20:47 - 2017-07-28 06:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-09-05 20:47 - 2017-07-28 06:14 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-05 20:47 - 2017-07-28 06:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-09-05 20:47 - 2017-07-28 06:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-09-05 20:47 - 2017-07-28 06:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-09-05 20:47 - 2017-07-28 06:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-09-05 20:47 - 2017-07-28 06:12 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-09-05 20:47 - 2017-07-28 06:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-09-05 20:47 - 2017-07-28 06:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-09-05 20:47 - 2017-07-28 06:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-09-05 20:47 - 2017-07-28 06:10 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-09-05 20:47 - 2017-07-28 06:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
2017-09-05 20:47 - 2017-07-28 06:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-09-05 20:47 - 2017-07-28 06:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2017-09-05 20:47 - 2017-07-28 06:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2017-09-05 20:47 - 2017-07-28 06:07 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-09-05 20:47 - 2017-07-28 06:07 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-09-05 20:47 - 2017-07-28 06:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-09-05 20:47 - 2017-07-28 06:06 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-09-05 20:47 - 2017-07-28 06:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-09-05 20:47 - 2017-07-28 06:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-09-05 20:47 - 2017-07-28 06:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-09-05 20:47 - 2017-07-28 06:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-09-05 20:47 - 2017-07-28 06:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2017-09-05 20:46 - 2017-08-01 04:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-09-05 20:46 - 2017-08-01 04:32 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-09-05 20:46 - 2017-08-01 04:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-09-05 20:46 - 2017-08-01 04:31 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-09-05 20:46 - 2017-08-01 04:31 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-09-05 20:46 - 2017-08-01 04:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-09-05 20:46 - 2017-08-01 04:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-09-05 20:46 - 2017-08-01 04:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-09-05 20:46 - 2017-08-01 03:45 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-09-05 20:46 - 2017-08-01 03:45 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-09-05 20:46 - 2017-08-01 03:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-09-05 20:46 - 2017-08-01 03:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-09-05 20:46 - 2017-08-01 03:44 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-09-05 20:46 - 2017-08-01 03:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-09-05 20:46 - 2017-08-01 03:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-09-05 20:46 - 2017-08-01 03:42 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-05 20:46 - 2017-08-01 03:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2017-09-05 20:46 - 2017-08-01 03:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-09-05 20:46 - 2017-08-01 03:40 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-05 20:46 - 2017-08-01 03:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-09-05 20:46 - 2017-08-01 03:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-09-05 20:46 - 2017-08-01 03:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-09-05 20:46 - 2017-08-01 03:38 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-09-05 20:46 - 2017-08-01 03:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2017-09-05 20:46 - 2017-08-01 03:37 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-09-05 20:46 - 2017-08-01 03:37 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-09-05 20:46 - 2017-08-01 03:33 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-09-05 20:46 - 2017-08-01 03:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-09-05 20:46 - 2017-08-01 03:32 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-05 20:46 - 2017-08-01 03:31 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-09-05 20:46 - 2017-08-01 03:31 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-09-05 20:46 - 2017-08-01 03:30 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-09-05 20:46 - 2017-08-01 03:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-09-05 20:46 - 2017-08-01 03:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-09-05 20:46 - 2017-08-01 03:27 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-09-05 20:46 - 2017-08-01 03:27 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2017-09-05 20:46 - 2017-08-01 03:27 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-09-05 20:46 - 2017-08-01 03:26 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-09-05 20:46 - 2017-08-01 03:25 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2017-09-05 20:46 - 2017-08-01 03:25 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-09-05 20:46 - 2017-08-01 03:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2017-09-05 20:46 - 2017-07-28 07:30 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-09-05 20:46 - 2017-07-28 07:24 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-09-05 20:46 - 2017-07-28 07:16 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-09-05 20:46 - 2017-07-28 07:15 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-09-05 20:46 - 2017-07-28 07:15 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-09-05 20:46 - 2017-07-28 07:14 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-09-05 20:46 - 2017-07-28 07:13 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2017-09-05 20:46 - 2017-07-28 07:13 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll
2017-09-05 20:46 - 2017-07-28 07:12 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-09-05 20:46 - 2017-07-28 07:12 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2017-09-05 20:46 - 2017-07-28 07:10 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-09-05 20:46 - 2017-07-28 06:31 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-09-05 20:46 - 2017-07-28 06:30 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-09-05 20:46 - 2017-07-28 06:29 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-05 20:46 - 2017-07-28 06:29 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-09-05 20:46 - 2017-07-28 06:26 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2017-09-05 20:46 - 2017-07-28 06:26 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll
2017-09-05 20:46 - 2017-07-28 06:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-09-05 20:46 - 2017-07-28 06:25 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-05 20:46 - 2017-07-28 06:24 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-09-05 20:46 - 2017-07-28 06:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-09-05 20:46 - 2017-07-28 06:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-09-05 20:46 - 2017-07-28 06:23 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-09-05 20:46 - 2017-07-28 06:23 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-09-05 20:46 - 2017-07-28 06:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-09-05 20:46 - 2017-07-28 06:22 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-05 20:46 - 2017-07-28 06:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-09-05 20:46 - 2017-07-28 06:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-09-05 20:46 - 2017-07-28 06:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-09-05 20:46 - 2017-07-28 06:21 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-09-05 20:46 - 2017-07-28 06:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-09-05 20:46 - 2017-07-28 06:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
2017-09-05 20:46 - 2017-07-28 06:20 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-09-05 20:46 - 2017-07-28 06:20 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-09-05 20:46 - 2017-07-28 06:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-09-05 20:46 - 2017-07-28 06:19 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-05 20:46 - 2017-07-28 06:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-09-05 20:46 - 2017-07-28 06:19 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-09-05 20:46 - 2017-07-28 06:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-09-05 20:46 - 2017-07-28 06:19 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-09-05 20:46 - 2017-07-28 06:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-09-05 20:46 - 2017-07-28 06:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2017-09-05 20:46 - 2017-07-28 06:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-05 20:46 - 2017-07-28 06:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-09-05 20:46 - 2017-07-28 06:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-09-05 20:46 - 2017-07-28 06:17 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-05 20:46 - 2017-07-28 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-05 20:46 - 2017-07-28 06:17 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-09-05 20:46 - 2017-07-28 06:17 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-09-05 20:46 - 2017-07-28 06:17 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-09-05 20:46 - 2017-07-28 06:16 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-09-05 20:46 - 2017-07-28 06:15 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-09-05 20:46 - 2017-07-28 06:15 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-09-05 20:46 - 2017-07-28 06:15 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll
2017-09-05 20:46 - 2017-07-28 06:14 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-09-05 20:46 - 2017-07-28 06:13 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-09-05 20:46 - 2017-07-28 06:13 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-09-05 20:46 - 2017-07-28 06:13 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-09-05 20:46 - 2017-07-28 06:12 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-09-05 20:46 - 2017-07-28 06:12 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-09-05 20:46 - 2017-07-28 06:12 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-09-05 20:46 - 2017-07-28 06:11 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-09-05 20:46 - 2017-07-28 06:10 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-09-05 20:46 - 2017-07-28 06:09 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-09-05 20:46 - 2017-07-28 06:09 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-09-05 20:46 - 2017-07-28 06:08 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-09-05 20:46 - 2017-07-28 06:06 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-09-05 20:46 - 2017-07-28 06:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2017-09-05 20:46 - 2017-07-28 06:05 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-09-05 20:46 - 2017-07-28 06:05 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-09-05 20:46 - 2017-07-28 06:05 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-09-05 20:46 - 2017-07-28 06:05 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-09-05 20:46 - 2017-07-28 06:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2017-09-05 19:54 - 2017-09-05 19:54 - 000000000 ____D C:\Users\hoppe\AppData\Local\Disc_Soft_Ltd
2017-09-05 19:52 - 2017-09-05 19:52 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2017-09-05 19:50 - 2017-09-05 19:50 - 000000000 ____D C:\ProgramData\DAEMON Tools Ultra
2017-09-05 15:26 - 2017-09-05 18:18 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-09-05 15:25 - 2017-09-06 09:20 - 000266304 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-05 15:24 - 2017-09-05 18:24 - 000000000 ____D C:\WINDOWS\pss
2017-09-05 14:42 - 2017-09-07 08:57 - 000000008 __RSH C:\ProgramData\ntuser.pol
2017-09-04 22:41 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2017-09-04 22:41 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2017-09-04 22:41 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2017-09-04 22:41 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2017-09-04 20:12 - 2017-09-06 09:49 - 000000000 ____D C:\Users\hoppe\AppData\Local\NFS Underground 2
2017-09-04 20:08 - 2017-09-04 20:08 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2017-09-04 20:07 - 2017-09-05 19:54 - 000000000 ____D C:\Users\hoppe\AppData\Roaming\DAEMON Tools Lite
2017-09-04 20:07 - 2017-09-04 20:07 - 000047672 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2017-09-04 20:07 - 2017-09-04 20:07 - 000030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2017-09-04 18:23 - 2017-09-04 18:23 - 000000000 ____D C:\Users\hoppe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-09-04 18:23 - 2017-09-04 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-09-02 17:08 - 2017-09-02 17:08 - 000000000 ____D C:\Users\hoppe\AppData\Local\Steam
2017-08-15 18:27 - 2017-08-15 19:05 - 000000000 ____D C:\Users\hoppe\AppData\Roaming\discord
2017-08-15 18:27 - 2017-08-15 18:27 - 000000000 ____D C:\Users\hoppe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2017-08-15 18:26 - 2017-08-15 18:27 - 000000000 ____D C:\Users\hoppe\AppData\Local\SquirrelTemp
2017-08-15 18:26 - 2017-08-15 18:27 - 000000000 ____D C:\Users\hoppe\AppData\Local\Discord
2017-08-15 08:56 - 2017-08-15 08:56 - 000000000 ____D C:\Users\hoppe\AppData\Local\Pokemon Insurgence
2017-08-14 16:48 - 2017-08-15 14:49 - 000000444 _____ C:\Users\hoppe\AppData\Roaming\CSharpAnalytics-MeasurementSession
2017-08-14 16:48 - 2017-08-14 16:48 - 000000000 ____D C:\Users\hoppe\AppData\Local\InsurgenceLauncher
2017-08-08 19:47 - 2017-09-04 22:57 - 000003500 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-07 11:06 - 2016-08-09 20:44 - 000000000 ____D C:\Users\hoppe\AppData\LocalLow\360WD
2017-09-07 11:01 - 2017-07-17 08:39 - 002246850 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-07 11:01 - 2017-03-20 06:35 - 001019000 _____ C:\WINDOWS\system32\perfh007.dat
2017-09-07 11:01 - 2017-03-20 06:35 - 000222692 _____ C:\WINDOWS\system32\perfc007.dat
2017-09-07 10:54 - 2017-07-17 08:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-07 10:54 - 2016-08-09 21:06 - 000000000 __SHD C:\Users\hoppe\IntelGraphicsProfiles
2017-09-07 10:53 - 2017-03-18 13:40 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2017-09-07 10:53 - 2016-08-09 20:37 - 000000000 ____D C:\Users\hoppe\AppData\Local\Google
2017-09-07 10:53 - 2016-08-09 20:36 - 000000000 ____D C:\Program Files (x86)\Google
2017-09-07 10:52 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-07 10:48 - 2017-07-17 08:26 - 000000000 ____D C:\Users\hoppe
2017-09-07 08:58 - 2017-01-02 19:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-07 08:53 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-09-07 03:04 - 2017-07-17 08:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-06 15:02 - 2017-01-02 22:34 - 000000000 ____D C:\Users\hoppe\AppData\LocalLow\Mozilla
2017-09-06 15:02 - 2017-01-02 19:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-06 14:28 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-06 09:23 - 2016-08-09 20:22 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-05 23:22 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-09-05 23:22 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-09-05 23:22 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-09-05 23:22 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-09-05 23:22 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-09-05 23:22 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-09-05 23:22 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-05 23:22 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-05 23:19 - 2016-08-09 23:57 - 000046592 _____ C:\Users\hoppe\Desktop\Animeliste.xls
2017-09-05 20:54 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-05 20:51 - 2016-08-09 22:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-05 20:49 - 2016-08-09 22:40 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-05 18:32 - 2016-08-09 21:29 - 000000000 ___RD C:\Users\hoppe\Desktop\Stuff
2017-09-05 17:49 - 2017-05-31 21:24 - 000000000 ____D C:\download
2017-09-05 14:41 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-09-04 23:00 - 2016-09-27 22:56 - 000000000 ____D C:\ProgramData\360Quarant
2017-09-04 22:58 - 2017-05-31 21:24 - 000000000 __SHD C:\$360Section
2017-09-04 22:57 - 2017-07-18 11:51 - 000003816 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-09-04 22:57 - 2017-07-16 15:01 - 000000000 ___DC C:\WINDOWS\Panther
2017-08-17 17:07 - 2016-09-28 13:52 - 000000000 ____D C:\Users\hoppe\AppData\Roaming\.minecraft
2017-08-17 16:08 - 2016-08-10 12:44 - 000000000 ____D C:\Users\hoppe\AppData\Roaming\vlc
2017-08-16 07:31 - 2017-07-14 07:40 - 000000544 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2017-08-16 07:31 - 2016-08-09 20:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2017-08-11 11:41 - 2016-09-12 11:40 - 000095232 _____ (360.cn) C:\WINDOWS\SysWOW64\Drivers\360AvFlt.sys
2017-08-11 11:41 - 2016-08-09 20:44 - 000339456 _____ (360.cn) C:\WINDOWS\system32\Drivers\360Box64.sys
2017-08-08 19:47 - 2017-07-18 11:50 - 000000000 ____D C:\Users\hoppe\AppData\Local\Adobe
2017-08-08 19:46 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-08 19:46 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-08-14 16:48 - 2017-08-15 14:49 - 000000444 _____ () C:\Users\hoppe\AppData\Roaming\CSharpAnalytics-MeasurementSession

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-09-03 11:23

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-08-2017
durchgeführt von hoppe (07-09-2017 11:07:20)
Gestartet von C:\Users\hoppe\Desktop\Repair
Windows 10 Home Version 1703 (X64) (2017-07-17 06:44:04)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2502170952-984855085-4023997487-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2502170952-984855085-4023997487-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2502170952-984855085-4023997487-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-2502170952-984855085-4023997487-501 - Limited - Disabled)
hoppe (S-1-5-21-2502170952-984855085-4023997487-1001 - Administrator - Enabled) => C:\Users\hoppe

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: 360 Total Security (Enabled - Up to date) {0371CA44-3F80-A1D3-BECE-910620B58D50}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 360 Total Security (Enabled - Up to date) {B8102BA0-19BA-AE5D-847E-AA745B32C7ED}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 9.2.0.1124 - 360 Security Center)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
AutoREALM Version 2.2.1 (HKLM-x32\...\AutoREALM_is1) (Version:  - )
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version:  - Cheat Engine)
Discord (HKU\S-1-5-21-2502170952-984855085-4023997487-1001\...\Discord) (Version: 0.0.298 - Discord Inc.)
Dolphin (HKLM-x32\...\Dolphin) (Version: 5.0 - Dolphin Team)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
Malwarebytes Version 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-2502170952-984855085-4023997487-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1 - Mozilla)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
Project64 version 2.2.0.3 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.2.0.3 - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
WinRAR 5.50 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2502170952-984855085-4023997487-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\hoppe\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2502170952-984855085-4023997487-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\hoppe\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2502170952-984855085-4023997487-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ContextMenuHandlers1: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => D:\360\Total Security\MenuEx64.dll [2017-08-11] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Winrar\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Winrar\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers4: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => D:\360\Total Security\MenuEx64.dll [2017-08-11] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers6: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => D:\360\Total Security\MenuEx64.dll [2017-08-11] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Winrar\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Winrar\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {7989CFF0-F2ED-4D6F-99A5-1D2F597CD98E} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_151_pepper.exe [2017-08-08] (Adobe Systems Incorporated)
Task: {8892460A-715A-4706-B9D5-B213DB997992} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-08] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-09-07 09:02 - 2017-08-24 11:27 - 002264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:36 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-07-17 16:25 - 2017-08-11 11:41 - 000099240 _____ () D:\360\Total Security\deepscan\qutmload.dll
2017-07-17 16:25 - 2017-08-11 11:41 - 000499296 _____ () D:\360\Total Security\safemon\wdui2.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2502170952-984855085-4023997487-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\hoppe\OneDrive\Bilder\Creepy\fcba139e5064c8e11cce742d2ed429bf.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "331BigDog"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{BC01A7B5-58D0-4687-AFED-8EDB29F60059}] => (Allow) C:\Users\hoppe\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{1604BF30-2566-40AD-BDE5-51234939D246}] => (Allow) C:\Users\hoppe\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [UDP Query User{6CD42DFF-4D14-4EC4-9E45-6463479EBEEF}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [TCP Query User{5B818941-119F-46E8-A544-D90F41ABE117}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [{9254EEC0-5926-4300-8099-20D16A8E3A8F}] => (Allow) C:\Users\hoppe\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{710F6A93-287E-48EC-AF70-70569C2C0BDF}] => (Allow) C:\Users\hoppe\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{D8B21F6A-617F-4225-A7A6-95880AFA55A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1394769F-C173-4B13-8343-436E5F71A435}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B333C503-9176-4CD9-956B-90381CEB9EC7}] => (Allow) C:\Users\hoppe\360\Total Security\LiveUpdate360.exe
FirewallRules: [{5B575C8D-9AA8-4CDE-AEBD-70674FA2E1EA}] => (Allow) C:\Users\hoppe\360\Total Security\LiveUpdate360.exe
FirewallRules: [UDP Query User{0FBEEF90-4E3B-43D7-9F34-9DAC6FFDC941}D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{7FF923A6-B411-413C-8335-16811F40A45D}D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{927E6533-27EA-44C3-AB6C-A124D3CF61F0}] => (Allow) C:\Users\hoppe\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{F19F6019-320C-477A-AAE9-18DB2AA9784D}] => (Allow) C:\Users\hoppe\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{6B8C4024-B119-4B73-8551-D78A52254403}] => (Allow) C:\Users\hoppe\360\Total Security\LiveUpdate360.exe
FirewallRules: [{D7251173-B444-46BD-9685-6C639ED829AE}] => (Allow) C:\Users\hoppe\360\Total Security\LiveUpdate360.exe
FirewallRules: [UDP Query User{F0D89397-D730-450F-BC4D-05D07F954AB4}D:\vlc\vlc.exe] => (Block) D:\vlc\vlc.exe
FirewallRules: [TCP Query User{A9F4F469-0278-45EC-9113-2EAC133D4060}D:\vlc\vlc.exe] => (Block) D:\vlc\vlc.exe
FirewallRules: [{C92D8FBC-7558-41AC-A425-AD7D86AA7957}] => (Allow) C:\Users\hoppe\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{290C8602-5D8D-4181-BB83-E16DC27112AD}] => (Allow) C:\Users\hoppe\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{7FA04874-D8EA-4647-819B-8566CC1C0616}] => (Allow) D:\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{D03CE87D-D813-4F08-A594-0AC4E3241C88}] => (Allow) D:\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{AA78FC5B-7784-4466-9452-58926436AF02}] => (Allow) D:\360\Total Security\LiveUpdate360.exe
FirewallRules: [{400AB802-CD84-4AC7-AEAF-94652CE462E8}] => (Allow) D:\360\Total Security\LiveUpdate360.exe
FirewallRules: [{84678429-9A96-4782-9C4B-054571C5309D}] => (Allow) D:\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{0602538A-2478-45C6-B64C-4BA33299FFA4}] => (Allow) D:\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{FB98DB5A-BC1E-4225-AA88-13714E4A8784}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{80E8E410-9AD7-4345-90DD-0630F36945C3}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{CAC972D7-0A86-4A53-9657-5B8A2B90F1CE}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{43236745-BF1B-468F-BFDC-BD91970F98FE}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{778C68A6-1442-43FF-93A8-E73AD15836AD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E4A9D8EB-5D7F-4431-A723-1CD7E6EC85A6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{66AA39F9-5C86-4B9E-BE6F-3346B1CB4426}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C2966E21-DF73-4205-8EC6-1EE71D7B12A5}] => (Allow) D:\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{78B579C6-9623-4F1C-A3D1-ADC01E3CAA2B}] => (Allow) D:\360\Total Security\safemon\QHSafeTray.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/06/2017 02:59:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 54.0.1.6388, Zeitstempel: 0x5953d1f8
Name des fehlerhaften Moduls: xul.dll, Version: 54.0.1.6388, Zeitstempel: 0x5953d62e
Ausnahmecode: 0x80000003
Fehleroffset: 0x008a6bcb
ID des fehlerhaften Prozesses: 0x1464
Startzeit der fehlerhaften Anwendung: 0x01d326ec887cb7b1
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll
Berichtskennung: 8233c6b5-bd49-4f8b-a5ac-38e6e9344662
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/06/2017 10:50:38 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BLACKHARMONICS)
Description: Bei der Aktivierung der App „windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/06/2017 09:23:44 AM) (Source: MsiInstaller) (EventID: 11310) (User: BLACKHARMONICS)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\hoppe\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (09/06/2017 09:23:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BLACKHARMONICS)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/06/2017 09:23:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_AppReadiness, Version: 10.0.15063.0, Zeitstempel: 0x02799ef5
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.447, Zeitstempel: 0xa329d3a8
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f775f
ID des fehlerhaften Prozesses: 0xdd4
Startzeit der fehlerhaften Anwendung: 0x01d326e0c4fc2fe3
Pfad der fehlerhaften Anwendung: c:\windows\system32\svchost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 9055d150-675c-4638-bbc9-a2d7c4936166
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/05/2017 10:37:45 PM) (Source: MsiInstaller) (EventID: 11310) (User: BLACKHARMONICS)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\hoppe\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (09/05/2017 08:51:04 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (09/05/2017 08:08:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SPEED2.EXE, Version: 0.0.0.0, Zeitstempel: 0x214d4c48
Name des fehlerhaften Moduls: SPEED2.EXE, Version: 0.0.0.0, Zeitstempel: 0x214d4c48
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002f6af9
ID des fehlerhaften Prozesses: 0x11fc
Startzeit der fehlerhaften Anwendung: 0x01d326700a327637
Pfad der fehlerhaften Anwendung: D:\Need for Speed Underground 2\SPEED2.EXE
Pfad des fehlerhaften Moduls: D:\Need for Speed Underground 2\SPEED2.EXE
Berichtskennung: 9536c610-0bc1-470a-9648-6dfb713ff63f
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/05/2017 06:23:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: BLACKHARMONICS)
Description: Das Paket „Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy+CortanaUI“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (09/05/2017 06:21:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: BLACKHARMONICS)
Description: Das Paket „Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy+CortanaUI“ wurde beendet, da das Anhalten zu lange dauerte.


Systemfehler:
=============
Error: (09/07/2017 10:54:41 AM) (Source: DCOM) (EventID: 10016) (User: BLACKHARMONICS)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "BLACKHARMONICS\hoppe" (SID: S-1-5-21-2502170952-984855085-4023997487-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 und der APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/07/2017 10:54:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (09/07/2017 10:48:46 AM) (Source: DCOM) (EventID: 10016) (User: BLACKHARMONICS)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "BLACKHARMONICS\hoppe" (SID: S-1-5-21-2502170952-984855085-4023997487-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 und der APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/07/2017 10:48:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (09/07/2017 10:47:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/07/2017 10:47:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/07/2017 10:47:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SynTPEnh Caller Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/07/2017 10:47:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) HD Graphics Control Panel Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/07/2017 09:06:53 AM) (Source: DCOM) (EventID: 10016) (User: BLACKHARMONICS)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "BLACKHARMONICS\hoppe" (SID: S-1-5-21-2502170952-984855085-4023997487-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID 
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
 und der APPID 
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/07/2017 09:06:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.


CodeIntegrity:
===================================
  Date: 2017-09-07 10:53:09.482
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-09-07 10:53:09.098
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-09-07 10:53:08.854
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-3227U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 44%
Installierter physikalischer RAM: 3960.25 MB
Verfügbarer physikalischer RAM: 2217.44 MB
Summe virtueller Speicher: 4664.25 MB
Verfügbarer virtueller Speicher: 2775.12 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:98.96 GB) (Free:77.12 GB) NTFS
Drive d: (VOLUME) (Fixed) (Total:22.34 GB) (Free:19.49 GB) FAT32
Drive e: (Volume) (Fixed) (Total:365.76 GB) (Free:322.2 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 22.4 GB) (Disk ID: 2ADC09CE)

Partition: GPT.

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 2ADC09C7)

Partition: GPT.

==================== Ende von Addition.txt ============================

07.09.2017, 09:55	#12
M-K-D-B /// TB-Ausbilder	Bitte um Hilfe D: Hartnäckige Chrome Erweiterung mit unbekanntem Ausmaß Ok, gut gemacht. Und weiter.

Bitte um Hilfe D: Hartnäckige Chrome Erweiterung mit unbekanntem Ausmaß

Plagegeister aller Art und deren Bekämpfung: Bitte um Hilfe D: Hartnäckige Chrome Erweiterung mit unbekanntem Ausmaß