Zurück   Trojaner-Board > Web/PC > Alles rund um Windows
Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung)

Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung)


Alles rund um Windows: Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung)

Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows.

Antwort
Alt 26.05.2018, 10:53   #1
Stage2009
 
Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung) - Standard

Problem: Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung)


Hallo zusammen,

ich hoffe jemand kann mir helfen. Meine Lebensgefährtin und ich nutzen gemeinsam den PC (unterschiedliche ACC). Hauptsächlich nutze ich mein Dienstlaptop und habe nun mit erschrecken festgestellt, dass meine Partnerin ohne Virenschutz unterwegs ist bzw. war.
Jetzt ist mir aufgefallen, dass der PC extrem langsam bootet (ca. 5 Minuten), bis der Bildschrim nicht mehr schwarz ist. Passworteingabe für die unterschiedlichen ACC sind problemlos möglich, aber dann wird es sehr langsam.

Eine Additional.txt konnte ich leider nicht erstellen, da FRST64 direkt nach der Erstellung der FRST hängen bleibt.


FRST:


Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
durchgeführt von Menden (Administrator) auf DESKTOP-MLFPDC3 (26-05-2018 11:47:36)
Gestartet von D:\meine Daten\Desktop
Geladene Profile: Menden (Verfügbare Profile: Menden & Vivien)
Platform: Windows 10 Home Version 1803 17134.48 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17639.18041-0\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17639.18041-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8811776 2016-05-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1429248 2016-05-05] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [178496 2018-04-30] (ESET)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-03-11] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [202280 2015-09-29] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-28883196-2242087079-1024213347-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53130368 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-28883196-2242087079-1024213347-1001\...\Run: [BingSvc] => C:\Users\Menden\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-28883196-2242087079-1024213347-1001\...\Run: [Spotify] => C:\Users\Menden\AppData\Roaming\Spotify\Spotify.exe [21070224 2017-12-28] (Spotify Ltd)
HKU\S-1-5-21-28883196-2242087079-1024213347-1001\...\Run: [Spotify Web Helper] => C:\Users\Menden\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2017-12-28] (Spotify Ltd)
HKU\S-1-5-21-28883196-2242087079-1024213347-1001\...\Run: [AusweisApp2] => C:\Program Files (x86)\AusweisApp2 1.14.1\AusweisApp2.exe [872088 2018-03-22] (Governikus GmbH & Co. KG)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{05faad28-77db-48ae-ba30-dd9642e6615a}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2b8d6aa2-479d-470c-8a80-94459ed711ad}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-28883196-2242087079-1024213347-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-05-16] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-05-16] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-03-28] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-28] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-21] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-21] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-21] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-21] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: rkryd0qn.default
FF ProfilePath: C:\Users\Menden\AppData\Roaming\Mozilla\Firefox\Profiles\rkryd0qn.default [2018-05-10]
FF Homepage: Mozilla\Firefox\Profiles\rkryd0qn.default -> hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=de-de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-05-08] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-05-08] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2016-04-14] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-03-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-03-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-01-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-21] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7761584 2018-04-27] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2240264 2018-04-30] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2240264 2018-04-30] (ESET)
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [66088 2016-03-03] (Haufe-Lexware GmbH & Co. KG)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [280032 2017-11-29] (Realtek Semiconductor Corp.)
S3 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\NisSrv.exe [4632736 2018-04-30] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MsMpEng.exe [104680 2018-04-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111112 2017-11-07] (Advanced Micro Devices)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [137928 2018-02-14] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [110432 2018-01-08] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-01-05] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [196112 2018-01-08] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50136 2018-01-08] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82816 2018-01-08] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [108320 2018-01-08] (ESET)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [757216 2017-11-29] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [7959408 2017-11-21] (Realtek Semiconductor Corporation )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-04-30] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [313888 2018-04-30] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61472 2018-04-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Vielen Dank für die Unterstützung.

Gruß
Dennis

Alt 26.05.2018, 22:03   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung) - Standard

Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung) Anleitung / Hilfe


Zitat:
dass meine Partnerin ohne Virenschutz unterwegs ist bzw. war.
Das ist leider Quatsch. Denn 1. hat Windows 10 bereits einen eingebauen Virenscanner und 2. taucht im Logfile was von ESET auf.

Zeig uns mal die SMART-Werte. Wie das geht wird da erklärt --> Zustand der Festplatte herausfinden - so gehts - Anleitungen

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________
Alt 27.05.2018, 05:50   #3
Stage2009
 
Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung) - Standard

Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung) Details


Hallo Cosinus,

bei ESET ist mir aufgefallen, dass die Lizenz abgelaufen ist und meine Freundin sie nicht aktualisiert hat. Daher sind meine Sorgen entstanden.

Anbei die Smart-Werte:

Code:
ATTFilter
----------------------------------------------------------------------------
CrystalDiskInfo 7.6.0 (C) 2008-2018 hiyohiyo
                                Crystal Dew World : https://crystalmark.info/
----------------------------------------------------------------------------

    OS : Windows 10  [10.0 Build 17134] (x64)
  Date : 2018/05/27 6:47:28

-- Controller Map ----------------------------------------------------------
 + Standardmäßiger SATA AHCI- Controller [ATA]
   - ADATA SP550
   - TOSHIBA DT01ACA100
   - TSSTcorp DVDWBD SN-406AB
 - Microsoft-Controller für Speicherplätze [SCSI]

-- Disk List ---------------------------------------------------------------
 (1) ADATA SP550 : 240,0 GB [0/0/0, pd1] - m2
 (2) TOSHIBA DT01ACA100 : 1000,2 GB [1/0/0, pd1]

----------------------------------------------------------------------------
 (1) ADATA SP550
----------------------------------------------------------------------------
           Model : ADATA SP550
        Firmware : P0121AA
   Serial Number : 2G1620004603
       Disk Size : 240,0 GB (8,4/137,4/240,0/240,0)
     Buffer Size : Unbekannt
     Queue Depth : 32
    # of Sectors : 468862128
   Rotation Rate : ---- (SSD)
       Interface : Serial ATA
   Major Version : ACS-2
   Minor Version : ----
   Transfer Mode : SATA/600 | SATA/600
  Power On Hours : 198 Std.
  Power On Count : 355 mal
      Host Reads : 2404 GB
     Host Writes : 2097 GB
     NAND Writes : 2697 GB
     Temperature : 26 C (78 F)
   Health Status : Gut (100 %)
        Features : S.M.A.R.T., 48bit LBA, NCQ, TRIM, DevSleep
       APM Level : ----
       AAM Level : ----
    Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 __0 000000000000 Lesefehlerrate (roh)
05 100 100 __0 000000000000 Wiederzugewiesene Sektoren
09 100 100 __0 0000000000C6 Betriebsstunden
0C 100 100 __0 000000000163 Geräte-Einschaltvorgänge
A0 100 100 __0 000000000000 Uncorrectable Sector Count
A1 100 100 __0 000000000029 Valid Spare Blocks
A3 100 100 __0 0000000000C1 Initial Invalid Blocks
94 100 100 __0 00000000D79F Total SLC Erase Count
95 100 100 __0 000000000336 Maximum SLC Erase Count
96 100 100 __0 000000000275 Minimum SLC Erase Count
97 100 100 __0 00000000031F Average SLC Erase Count
A4 100 100 __0 000000003917 Total TLC Erase Count
A5 100 100 __0 000000000042 Maximum TLC Erase Count
A6 100 100 __0 000000000001 Minimum TLC Erase Count
A7 100 100 __0 00000000000B Average TLC Erase Count
A9 100 100 __1 000000000063 Percentage Lifetime Remaining
B5 100 100 __0 000000000000 Unausgerichtete Zugriffe
B6 100 100 __0 000000000000 Erase Fail Count
C0 100 100 __0 000000000015 Power-off Retract Count
C2 100 100 _70 22212125001A Temperatur
C7 100 100 __0 000000000000 UltraDMA-CRC-Fehler
E8 100 100 __0 000000000064 Available Reserved Space
F1 100 100 __0 00000001062A Total LBA Write
F2 100 100 __0 000000012C8A Schreibschutzfortschritt
F5 100 100 __0 00000001512F Gesamte NAND-Programmseiten
F6 100 100 __0 00000001AF3E Gelesene Host-Sektoren (gesamt)
F7 100 100 __0 000000000000 Host-Programmseiten

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 3247 3136 3230 3030 3436 3033 2020 2020 2020 2020
020: 0000 0000 0000 5030 3132 3141 4120 4144 4154 4120
030: 5350 3535 3020 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8002 4000 2F00
050: 4000 0000 0000 0007 3FFF 0010 003F FC10 00FB 9102
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 4D20
070: 0000 0000 0000 0000 0000 001F 870E 0086 014C 0040
080: 03F0 0000 746B 7501 4063 7469 B401 4063 207F 0001
090: 0001 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 44B0 1BF2 0000 0000 0000 0008 6003 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0100 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 4144
130: 4154 4120 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 107F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0200 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 F9A5

-- SMART_READ_DATA ---------------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 00 00 64 64 00 00 00 00 00 00 00 05 00
010: 00 64 64 00 00 00 00 00 00 00 09 00 00 64 64 C6
020: 00 00 00 00 00 00 0C 00 00 64 64 63 01 00 00 00
030: 00 00 A0 00 00 64 64 00 00 00 00 00 00 00 A1 00
040: 00 64 64 29 00 00 00 00 00 00 A3 00 00 64 64 C1
050: 00 00 00 00 00 00 94 00 00 64 64 9F D7 00 00 00
060: 00 00 95 00 00 64 64 36 03 00 00 00 00 00 96 00
070: 00 64 64 75 02 00 00 00 00 00 97 00 00 64 64 1F
080: 03 00 00 00 00 00 A4 00 00 64 64 17 39 00 00 00
090: 00 00 A5 00 00 64 64 42 00 00 00 00 00 00 A6 00
0A0: 00 64 64 01 00 00 00 00 00 00 A7 00 00 64 64 0B
0B0: 00 00 00 00 00 00 A9 00 00 64 64 63 00 00 00 00
0C0: 00 00 B5 00 00 64 64 00 00 00 00 00 00 00 B6 00
0D0: 00 64 64 00 00 00 00 00 00 00 C0 00 00 64 64 15
0E0: 00 00 00 00 00 00 C2 00 00 64 64 1A 00 25 21 21
0F0: 22 2A C7 00 00 64 64 00 00 00 00 00 00 00 E8 00
100: 00 64 64 64 00 00 00 00 00 00 F1 00 00 64 64 2A
110: 06 01 00 00 00 00 F2 00 00 64 64 8A 2C 01 00 00
120: 00 00 F5 00 00 64 64 2F 51 01 00 00 00 00 F6 00
130: 00 64 64 3E AF 01 00 00 00 00 F7 00 00 64 64 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 71
170: 02 00 01 00 01 02 01 00 00 00 00 00 00 00 00 00
180: 00 00 50 30 31 32 31 41 41 20 00 00 00 00 00 00
190: 53 4D 32 32 35 36 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5B

-- SMART_READ_THRESHOLD ----------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 00 00 00 00 00 00 00 00 00 00 00 05 00
010: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
020: 00 00 00 00 00 00 0C 00 00 00 00 00 00 00 00 00
030: 00 00 A0 00 00 00 00 00 00 00 00 00 00 00 A1 00
040: 00 00 00 00 00 00 00 00 00 00 A3 00 00 00 00 00
050: 00 00 00 00 00 00 94 00 00 00 00 00 00 00 00 00
060: 00 00 95 00 00 00 00 00 00 00 00 00 00 00 96 00
070: 00 00 00 00 00 00 00 00 00 00 97 00 00 00 00 00
080: 00 00 00 00 00 00 A4 00 00 00 00 00 00 00 00 00
090: 00 00 A5 00 00 00 00 00 00 00 00 00 00 00 A6 00
0A0: 00 00 00 00 00 00 00 00 00 00 A7 00 00 00 00 00
0B0: 00 00 00 00 00 00 A9 01 00 00 00 00 00 00 00 00
0C0: 00 00 B5 00 00 00 00 00 00 00 00 00 00 00 B6 00
0D0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0E0: 00 00 00 00 00 00 C2 46 00 00 00 1A 00 25 21 21
0F0: 22 28 C7 00 00 00 00 00 00 00 00 00 00 00 E8 00
100: 00 00 00 00 00 00 00 00 00 00 F1 00 00 00 00 00
110: 00 00 00 00 00 00 F2 00 00 00 00 00 00 00 00 00
120: 00 00 F5 00 00 00 00 00 00 00 00 00 00 00 F6 00
130: 00 00 00 00 00 00 00 00 00 00 F7 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 F8

----------------------------------------------------------------------------
 (2) TOSHIBA DT01ACA100
----------------------------------------------------------------------------
           Model : TOSHIBA DT01ACA100
        Firmware : MS2OA7L0
   Serial Number : 14AASW7NS
       Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
     Buffer Size : 23652 KB
     Queue Depth : 32
    # of Sectors : 1953525168
   Rotation Rate : 7200 RPM
       Interface : Serial ATA
   Major Version : ATA8-ACS
   Minor Version : ATA8-ACS version 4
   Transfer Mode : SATA/600 | SATA/600
  Power On Hours : 3593 Std.
  Power On Count : 910 mal
     Temperature : 28 C (82 F)
   Health Status : Gut
        Features : S.M.A.R.T., APM, 48bit LBA, NCQ
       APM Level : 0000h [OFF]
       AAM Level : ----
    Drive Letter : D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _16 000000000000 Lesefehlerrate
02 142 142 _54 000000000046 Datendurchsatz-Leistung
03 127 127 _24 000300B400B4 Mittlere Anlaufzeit
04 100 100 __0 000000000D10 Start/Stopp-Zyklen der Spindel
05 100 100 __5 000000000000 Wiederzugewiesene Sektoren
07 100 100 _67 000000000000 Suchfehler
08 113 113 _20 000000000023 Güte der Suchoperationen
09 100 100 __0 000000000E09 Betriebsstunden
0A 100 100 _60 000000000000 Misslungene Spindelanläufe
0C 100 100 __0 00000000038E Geräte-Einschaltvorgänge
C0 _98 _98 __0 000000000D19 Ausschaltungsabbrüche
C1 _98 _98 __0 000000000D19 Laden/Entladen-Zyklen
C2 214 214 __0 002A000F001C Temperatur
C4 100 100 __0 000000000000 Wiederzuweisungsereignisse
C5 100 100 __0 000000000000 Aktuell ausstehende Sektoren
C6 100 100 __0 000000000000 Nicht korrigierbare Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 045A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2031 3441 4153 5737 4E53
020: 0003 B8C8 0038 4D53 324F 4137 4C30 544F 5348 4942
030: 4120 4454 3031 4143 4131 3030 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 170E 0006 005E 0040
080: 01FC 0029 746B 7D69 4773 7469 BC41 4763 207F 0050
090: 0000 0000 FFFE 0000 0000 0008 00CA 00F9 2710 0000
100: 6DB0 7470 0000 0000 00CA 0000 6003 5A87 5000 039F
110: F7E1 145B 0000 0000 0000 0000 0000 0000 0000 409C
120: 409C 0000 0000 0000 0000 0000 0000 0000 0009 000B
130: 0000 0000 2180 0DF1 FA20 0001 4000 2804 0121 0000
140: 0000 0707 0708 0000 0000 0000 0000 0000 0000 0000
150: 0000 0005 3253 4237 0000 6802 0000 5DBD 7BC8 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 103F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 03E0 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 E9A5

-- SMART_READ_DATA ---------------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 64 64 00 00 00 00 00 00 00 02 05
010: 00 8E 8E 46 00 00 00 00 00 00 03 07 00 7F 7F B4
020: 00 B4 00 03 00 00 04 12 00 64 64 10 0D 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 0B
040: 00 64 64 00 00 00 00 00 00 00 08 05 00 71 71 23
050: 00 00 00 00 00 00 09 12 00 64 64 09 0E 00 00 00
060: 00 00 0A 13 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 64 64 8E 03 00 00 00 00 00 C0 32 00 62 62 19
080: 0D 00 00 00 00 00 C1 12 00 62 62 19 0D 00 00 00
090: 00 00 C2 02 00 D6 D6 1C 00 0F 00 2A 00 00 C4 32
0A0: 00 64 64 00 00 00 00 00 00 00 C5 22 00 64 64 00
0B0: 00 00 00 00 00 00 C6 08 00 64 64 00 00 00 00 00
0C0: 00 00 C7 0A 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 60 1C 01 5B
170: 03 00 01 00 01 79 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 47

-- SMART_READ_THRESHOLD ----------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 10 00 00 00 00 00 00 00 00 00 00 02 36
010: 00 00 00 00 00 00 00 00 00 00 03 18 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 05 00 00 00 00 00 00 00 00 00 00 07 43
040: 00 00 00 00 00 00 00 00 00 00 08 14 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 3C 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 64
__________________
Alt 27.05.2018, 19:32   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung) - Standard

Lösung: Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung)


Ja dann deinstalliere ESET! Was willst du denn mit einer eh schon zweifelhaften Suite v.a. wenn die abgelaufen ist??

Platten sind ok. Nach der Deinstallation von ESET bitte neue FRS-Logs erstellen und posten.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 28.05.2018, 06:46   #5
Stage2009
 
Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung) - Standard

Wie Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung)


So, anbei die aktuellen Logs:

FRST:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
durchgeführt von Menden (Administrator) auf DESKTOP-MLFPDC3 (28-05-2018 07:43:12)
Gestartet von D:\meine Daten\Desktop
Geladene Profile: Menden (Verfügbare Profile: Menden & Vivien)
Platform: Windows 10 Home Version 1803 17134.48 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17639.18041-0\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\userinit.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17639.18041-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Common Files\Lexware\LxWebAccess\LxWebAccess.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8811776 2016-05-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1429248 2016-05-05] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-03-11] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [202280 2015-09-29] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-28883196-2242087079-1024213347-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53130368 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-28883196-2242087079-1024213347-1001\...\Run: [BingSvc] => C:\Users\Menden\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-28883196-2242087079-1024213347-1001\...\Run: [Spotify] => C:\Users\Menden\AppData\Roaming\Spotify\Spotify.exe [21070224 2017-12-28] (Spotify Ltd)
HKU\S-1-5-21-28883196-2242087079-1024213347-1001\...\Run: [Spotify Web Helper] => C:\Users\Menden\AppData\Roaming\Spotify\SpotifyWebHelper.exe [780688 2017-12-28] (Spotify Ltd)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{05faad28-77db-48ae-ba30-dd9642e6615a}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2b8d6aa2-479d-470c-8a80-94459ed711ad}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-28883196-2242087079-1024213347-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-05-16] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-05-16] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-03-28] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-28] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-21] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-21] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-21] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-21] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: rkryd0qn.default
FF ProfilePath: C:\Users\Menden\AppData\Roaming\Mozilla\Firefox\Profiles\rkryd0qn.default [2018-05-28]
FF Homepage: Mozilla\Firefox\Profiles\rkryd0qn.default -> hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=de-de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-05-08] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-05-08] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2016-04-14] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-03-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-03-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-01-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-21] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7761584 2018-04-27] (Microsoft Corporation)
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [66088 2016-03-03] (Haufe-Lexware GmbH & Co. KG)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [280032 2017-11-29] (Realtek Semiconductor Corp.)
S3 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\NisSrv.exe [4632736 2018-04-30] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MsMpEng.exe [104680 2018-04-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111112 2017-11-07] (Advanced Micro Devices)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [757216 2017-11-29] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [7959408 2017-11-21] (Realtek Semiconductor Corporation )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-04-30] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [313888 2018-04-30] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61472 2018-04-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-05-28 07:37 - 2018-05-28 07:37 - 000001091 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2018-05-28 07:37 - 2018-05-28 07:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-05-28 07:37 - 2018-05-28 07:37 - 000000000 ____D C:\Program Files\VS Revo Group
2018-05-27 06:46 - 2018-05-27 06:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2018-05-27 06:46 - 2018-05-27 06:46 - 000000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2018-05-26 12:39 - 2018-05-26 12:41 - 000000000 ____D C:\AdwCleaner
2018-05-26 11:45 - 2018-05-28 07:43 - 000000000 ____D C:\FRST
2018-05-26 11:24 - 2018-05-26 11:24 - 000000000 ____D C:\Users\Menden\AppData\Local\D3DSCache
2018-05-18 08:23 - 2018-05-18 08:23 - 000000020 ___SH C:\Users\Menden\ntuser.ini
2018-05-17 19:41 - 2018-05-17 19:41 - 000000000 ____D C:\Users\Vivien\AppData\Local\D3DSCache
2018-05-16 13:11 - 2018-05-17 19:46 - 000000000 ____D C:\Users\Vivien\AppData\Local\PlaceholderTileLogoFolder
2018-05-16 12:03 - 2018-05-16 12:05 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-05-16 12:02 - 2018-05-16 12:03 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-05-16 12:02 - 2018-05-16 12:02 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-05-16 12:01 - 2018-05-16 12:01 - 025848832 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 023862272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 022707712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 022002688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 021389360 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 019399168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 013570560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 012712960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 011903488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 009159064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-05-16 12:01 - 2018-05-16 12:01 - 008623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 007583232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 007436624 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 006569952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 006044104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 005951488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 005782528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 004372992 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 004070400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 003732800 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 003655168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-05-16 12:01 - 2018-05-16 12:01 - 003440640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 003389952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 003283400 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 003086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 002961408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 002897408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-05-16 12:01 - 2018-05-16 12:01 - 002841312 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 002835864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-05-16 12:01 - 2018-05-16 12:01 - 002753040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 002700800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 002486976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 002422168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-05-16 12:01 - 2018-05-16 12:01 - 002366976 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 002242208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-05-16 12:01 - 2018-05-16 12:01 - 002170368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 001953280 _____ C:\WINDOWS\system32\rdpnano.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 001855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 001817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 001664512 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 001636352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 001634800 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 001565592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 001534976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 001456616 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-05-16 12:01 - 2018-05-16 12:01 - 001454016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 001426328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 001380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 001258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-05-16 12:01 - 2018-05-16 12:01 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 001191168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 001174424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-05-16 12:01 - 2018-05-16 12:01 - 001160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 001063320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-05-16 12:01 - 2018-05-16 12:01 - 001034624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-05-16 12:01 - 2018-05-16 12:01 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-05-16 12:01 - 2018-05-16 12:01 - 000976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-05-16 12:01 - 2018-05-16 12:01 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000885848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000788216 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000786168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000776880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000775680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000733992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000709816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-05-16 12:01 - 2018-05-16 12:01 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-05-16 12:01 - 2018-05-16 12:01 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-05-16 12:01 - 2018-05-16 12:01 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000665320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs4.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000606448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000604568 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-05-16 12:01 - 2018-05-16 12:01 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs3.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-05-16 12:01 - 2018-05-16 12:01 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000567136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000559968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2018-05-16 12:01 - 2018-05-16 12:01 - 000474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs2.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000473496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs1.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000434584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2018-05-16 12:01 - 2018-05-16 12:01 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000382872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-16 12:01 - 2018-05-16 12:01 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000269216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win81.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000170904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-05-16 12:01 - 2018-05-16 12:01 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Analog.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win8rtm.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000134552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-05-16 12:01 - 2018-05-16 12:01 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-05-16 12:00 - 2018-05-16 12:00 - 006350848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2018-05-16 12:00 - 2018-05-16 12:00 - 005739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2018-05-16 12:00 - 2018-05-16 12:00 - 005487616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2018-05-16 12:00 - 2018-05-16 12:00 - 004492288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-05-16 12:00 - 2018-05-16 12:00 - 003398144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-05-16 12:00 - 2018-05-16 12:00 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2018-05-16 12:00 - 2018-05-16 12:00 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2018-05-16 12:00 - 2018-05-16 12:00 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2018-05-16 12:00 - 2018-05-16 12:00 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2018-05-16 12:00 - 2018-05-16 12:00 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2018-05-16 12:00 - 2018-05-16 12:00 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2018-05-16 12:00 - 2018-05-16 12:00 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2018-05-16 12:00 - 2018-05-16 12:00 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2018-05-16 11:15 - 2018-05-28 07:40 - 001627820 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-16 11:13 - 2018-05-16 11:13 - 000001417 _____ C:\Users\Vivien\Desktop\Microsoft Edge.lnk
2018-05-16 11:13 - 2018-05-16 11:13 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-05-16 11:11 - 2018-05-28 07:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-16 11:11 - 2018-05-17 19:47 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-05-16 11:11 - 2018-05-16 11:11 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2018-05-16 11:11 - 2018-05-16 11:11 - 000011433 _____ C:\WINDOWS\diagerr.xml
2018-05-16 11:11 - 2018-05-16 11:11 - 000003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-05-16 11:11 - 2018-05-16 11:11 - 000003332 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-05-16 11:11 - 2018-05-16 11:11 - 000002852 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-28883196-2242087079-1024213347-1002
2018-05-16 11:11 - 2018-05-16 11:11 - 000002852 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-28883196-2242087079-1024213347-1001
2018-05-16 11:11 - 2018-05-16 11:11 - 000002146 _____ C:\WINDOWS\System32\Tasks\StartCN
2018-05-16 11:11 - 2018-05-16 11:11 - 000000020 ___SH C:\Users\Vivien\ntuser.ini
2018-05-16 11:10 - 2018-05-16 11:10 - 000000000 ____D C:\ProgramData\USOShared
2018-05-16 11:10 - 2018-04-12 01:33 - 002752000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-05-16 11:07 - 2018-05-28 07:35 - 000000000 ____D C:\Users\Menden
2018-05-16 11:07 - 2018-05-16 11:11 - 000000000 ____D C:\Users\Vivien
2018-05-16 11:07 - 2018-05-16 11:07 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-05-16 11:07 - 2018-05-16 11:07 - 000000000 _SHDL C:\Users\Vivien\Vorlagen
2018-05-16 11:07 - 2018-05-16 11:07 - 000000000 _SHDL C:\Users\Vivien\Startmenü
2018-05-16 11:07 - 2018-05-16 11:07 - 000000000 _SHDL C:\Users\Vivien\Netzwerkumgebung
2018-05-16 11:07 - 2018-05-16 11:07 - 000000000 _SHDL C:\Users\Vivien\Lokale Einstellungen
2018-05-16 11:07 - 2018-05-16 11:07 - 000000000 _SHDL C:\Users\Vivien\Eigene Dateien
2018-05-16 11:07 - 2018-05-16 11:07 - 000000000 _SHDL C:\Users\Vivien\Druckumgebung
2018-05-16 11:07 - 2018-05-16 11:07 - 000000000 _SHDL C:\Users\Vivien\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2018-05-16 11:07 - 2018-05-16 11:07 - 000000000 _SHDL C:\Users\Vivien\AppData\Local\Verlauf
2018-05-16 11:07 - 2018-05-16 11:07 - 000000000 _SHDL C:\Users\Vivien\AppData\Local\Anwendungsdaten
2018-05-16 11:07 - 2018-05-16 11:07 - 000000000 _SHDL C:\Users\Vivien\Anwendungsdaten
2018-05-16 11:07 - 2018-05-16 11:07 - 000000000 _SHDL C:\Users\Menden\Vorlagen
2018-05-16 11:07 - 2018-05-16 11:07 - 000000000 _SHDL C:\Users\Menden\Startmenü
2018-05-16 11:07 - 2018-05-16 11:07 - 000000000 _SHDL C:\Users\Menden\Netzwerkumgebung
2018-05-16 11:07 - 2018-05-16 11:07 - 000000000 _SHDL C:\Users\Menden\Lokale Einstellungen
2018-05-16 11:07 - 2018-05-16 11:07 - 000000000 _SHDL C:\Users\Menden\Eigene Dateien
2018-05-16 11:07 - 2018-05-16 11:07 - 000000000 _SHDL C:\Users\Menden\Druckumgebung
2018-05-16 11:07 - 2018-05-16 11:07 - 000000000 _SHDL C:\Users\Menden\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2018-05-16 11:07 - 2018-05-16 11:07 - 000000000 _SHDL C:\Users\Menden\AppData\Local\Verlauf
2018-05-16 11:07 - 2018-05-16 11:07 - 000000000 _SHDL C:\Users\Menden\AppData\Local\Anwendungsdaten
2018-05-16 11:07 - 2018-05-16 11:07 - 000000000 _SHDL C:\Users\Menden\Anwendungsdaten
2018-05-16 11:07 - 2018-04-12 01:34 - 000001105 _____ C:\Users\Vivien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-05-16 11:07 - 2018-04-12 01:34 - 000001105 _____ C:\Users\Menden\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-05-16 11:07 - 2016-10-07 15:48 - 000000000 ____D C:\Users\Vivien\Desktop\FRST-OlderVersion
2018-05-16 11:07 - 2016-08-22 18:04 - 000091283 _____ C:\Users\Vivien\Desktop\FRST.txt
2018-05-16 11:07 - 2016-08-22 18:04 - 000026068 _____ C:\Users\Vivien\Desktop\Addition.txt
2018-05-16 11:07 - 2016-08-22 18:01 - 011438608 _____ (SurfRight B.V.) C:\Users\Vivien\Desktop\HitmanPro_x64.exe
2018-05-16 11:07 - 2016-08-22 17:58 - 000002365 _____ C:\Users\Vivien\Desktop\Fixlog.txt
2018-05-16 11:07 - 2016-08-22 17:57 - 002396672 _____ (Farbar) C:\Users\Vivien\Desktop\FRST64.exe
2018-05-16 11:07 - 2016-08-21 14:44 - 000049649 _____ C:\Users\Vivien\Desktop\Shortcut.txt
2018-05-16 11:07 - 2016-08-21 14:43 - 001610560 _____ (Malwarebytes) C:\Users\Vivien\Desktop\JRT.exe
2018-05-16 11:07 - 2016-08-21 14:35 - 000001186 _____ C:\Users\Vivien\Desktop\mbam.txt
2018-05-16 11:07 - 2016-08-21 14:17 - 022851472 _____ (Malwarebytes ) C:\Users\Vivien\Desktop\mbam-setup-2.2.1.1043.exe
2018-05-16 11:07 - 2016-08-21 14:12 - 003784256 _____ C:\Users\Vivien\Desktop\AdwCleaner_6.000.exe
2018-05-16 11:07 - 2016-08-21 11:54 - 004747704 _____ (AO Kaspersky Lab) C:\Users\Vivien\Desktop\tdsskiller.exe
2018-05-16 11:06 - 2018-05-28 07:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-16 11:06 - 2018-05-16 11:08 - 000407368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-10 10:29 - 2018-05-10 10:32 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2018-05-09 20:12 - 2018-05-16 11:11 - 000000000 ___DC C:\WINDOWS\Panther

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-05-28 07:42 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-28 07:42 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-05-28 07:42 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-05-28 07:41 - 2017-01-17 19:39 - 000000000 ____D C:\Users\Menden\AppData\LocalLow\Mozilla
2018-05-28 07:40 - 2018-04-12 18:13 - 000704202 _____ C:\WINDOWS\system32\perfh007.dat
2018-05-28 07:40 - 2018-04-12 18:13 - 000141746 _____ C:\WINDOWS\system32\perfc007.dat
2018-05-28 07:40 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-05-27 17:48 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-27 10:32 - 2017-12-07 22:25 - 000000000 ____D C:\Users\Menden\AppData\Local\Packages
2018-05-27 10:32 - 2016-05-26 11:47 - 000000000 ____D C:\Users\Menden\AppData\Local\Publishers
2018-05-26 11:57 - 2016-05-26 18:56 - 000000000 ____D C:\Users\Menden\AppData\Local\PokerStars.EU
2018-05-26 11:57 - 2016-05-26 18:56 - 000000000 ____D C:\Program Files (x86)\PokerStars.EU
2018-05-26 11:22 - 2017-08-20 12:20 - 000000000 ____D C:\Users\Vivien\AppData\Local\ConnectedDevicesPlatform
2018-05-23 12:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-05-23 12:27 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-05-22 21:37 - 2017-12-07 22:25 - 000000000 ____D C:\Users\Vivien\AppData\Local\Packages
2018-05-22 21:36 - 2017-10-11 10:24 - 000000000 ____D C:\Users\Vivien\Desktop\Vivi
2018-05-18 08:35 - 2018-01-31 18:04 - 000002138 _____ C:\Users\Public\Desktop\TAXMAN 2018.lnk
2018-05-18 08:35 - 2016-09-03 11:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
2018-05-18 08:27 - 2017-12-09 13:32 - 000000000 ___RD C:\Users\Menden\3D Objects
2018-05-18 08:27 - 2016-05-26 11:47 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-05-17 21:51 - 2018-01-16 16:24 - 000000000 ____D C:\Users\Vivien\Desktop\Mamikreisel
2018-05-17 20:56 - 2018-04-17 12:05 - 000000000 ____D C:\Users\Vivien\Desktop\Babypearls
2018-05-17 19:47 - 2016-05-26 13:55 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-05-16 12:05 - 2018-04-12 01:41 - 000000000 ____D C:\WINDOWS\Setup
2018-05-16 12:05 - 2018-04-12 01:38 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-05-16 12:05 - 2018-04-12 01:38 - 000000000 __RHD C:\Users\Public\Libraries
2018-05-16 12:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-05-16 12:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-05-16 12:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\spool
2018-05-16 12:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-05-16 12:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-05-16 12:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-05-16 12:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-05-16 12:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Help
2018-05-16 12:05 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-05-16 12:05 - 2017-12-10 18:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2018-05-16 12:05 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-05-16 12:05 - 2017-09-16 21:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2018-05-16 12:05 - 2017-09-10 17:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD-Assistent für Problemberichte
2018-05-16 12:05 - 2017-09-10 17:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2018-05-16 12:05 - 2017-07-04 20:58 - 000000000 ____D C:\Program Files\AMD
2018-05-16 12:05 - 2017-06-18 21:19 - 000000000 ____D C:\Program Files\UNP
2018-05-16 12:05 - 2017-06-11 19:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
2018-05-16 12:05 - 2017-06-11 14:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2018-05-16 12:05 - 2017-06-11 14:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-05-16 12:05 - 2016-08-23 21:01 - 000000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2018-05-16 12:05 - 2016-08-23 21:01 - 000000000 ____D C:\WINDOWS\system32\STRING
2018-05-16 12:05 - 2016-08-23 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5400 series
2018-05-16 12:05 - 2016-08-23 20:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5400 series Manual
2018-05-16 12:05 - 2016-06-29 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-05-16 12:05 - 2016-05-26 14:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-05-16 12:05 - 2016-05-26 14:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-05-16 12:03 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\appcompat
2018-05-16 12:03 - 2017-07-04 20:58 - 000000000 ____D C:\Program Files\Realtek
2018-05-16 12:03 - 2017-07-04 20:58 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2018-05-16 12:03 - 2016-08-23 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\te-IN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\or-IN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\km-KH
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\is-IS
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\id-ID
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\be-BY
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\as-IN
2018-05-16 12:02 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2018-05-16 12:02 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-05-16 12:02 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2018-05-16 12:02 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\ta-in
2018-05-16 12:02 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\si-lk
2018-05-16 12:02 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\setup
2018-05-16 12:02 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-05-16 12:02 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\am-et
2018-05-16 12:02 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
2018-05-16 12:02 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-05-16 12:02 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-05-16 12:02 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-05-16 12:00 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\OCR
2018-05-16 12:00 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2018-05-16 12:00 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2018-05-16 12:00 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2018-05-16 12:00 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2018-05-16 12:00 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2018-05-16 12:00 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2018-05-16 12:00 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2018-05-16 12:00 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\et-EE
2018-05-16 12:00 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\es-MX
2018-05-16 12:00 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-05-16 11:28 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-05-16 11:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Registration
2018-05-16 11:11 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\windows nt
2018-05-16 11:11 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Windows Defender
2018-05-16 11:11 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-05-16 11:11 - 2017-11-30 22:39 - 000000000 ___RD C:\Users\Vivien\3D Objects
2018-05-16 11:10 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\USOPrivate
2018-05-16 11:09 - 2018-04-12 01:38 - 000000000 __RSD C:\WINDOWS\media
2018-05-16 11:09 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-05-16 11:09 - 2016-10-07 15:49 - 000023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-05-16 11:06 - 2017-07-04 20:58 - 000188565 _____ C:\WINDOWS\system32\Drivers\RTWAVES40.dat
2018-05-16 11:06 - 2017-07-04 20:58 - 000006786 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat
2018-05-16 11:06 - 2017-07-04 20:58 - 000002626 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat
2018-05-16 11:06 - 2017-07-04 20:58 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-05-16 09:55 - 2017-09-16 20:57 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-05-15 19:21 - 2017-11-16 13:52 - 000000000 ____D C:\Users\Vivien\Desktop\Grace
2018-05-10 09:36 - 2016-05-26 11:48 - 000000000 ___RD C:\Users\Menden\OneDrive
2018-05-08 21:55 - 2016-05-26 11:58 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-08 21:54 - 2017-10-11 10:28 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-08 21:54 - 2016-05-26 11:58 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-05-06 18:44 - 2017-09-13 15:34 - 000000000 ____D C:\Users\Vivien\Desktop\Anschreiben
2018-05-01 23:22 - 2018-04-12 01:41 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-05-01 23:22 - 2018-04-12 01:41 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-04-30 14:42 - 2018-03-02 07:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-05-16 11:06

==================== Ende von FRST.txt ============================

Additional:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
durchgeführt von Menden (28-05-2018 07:43:37)
Gestartet von D:\meine Daten\Desktop
Windows 10 Home Version 1803 17134.48 (X64) (2018-05-16 09:11:54)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-28883196-2242087079-1024213347-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-28883196-2242087079-1024213347-503 - Limited - Disabled)
Gast (S-1-5-21-28883196-2242087079-1024213347-501 - Limited - Disabled)
Menden (S-1-5-21-28883196-2242087079-1024213347-1001 - Administrator - Enabled) => C:\Users\Menden
Vivien (S-1-5-21-28883196-2242087079-1024213347-1002 - Limited - Enabled) => C:\Users\Vivien
WDAGUtilityAccount (S-1-5-21-28883196-2242087079-1024213347-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - ‪Canon Inc.‬)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon MG5400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5400_series) (Version: 1.01 - Canon Inc.)
Canon MG5400 series On-screen Manual (HKLM-x32\...\Canon MG5400 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.0 - Canon Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{85EC2DC7-901A-C7A8-69CC-D14B5311C057}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{155ABE97-ABF9-EE58-3270-334EF950F3A9}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{44167DA6-B26A-A06B-213E-A481135FCBF0}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{ED204021-2012-F4F3-E495-F4AFD74D66FF}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1D12B9AD-21F1-791A-6A85-47F27406282C}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{0101153A-CA07-4E2C-EF5E-D411604CF036}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{3BBAB5EA-62DA-2431-3A1F-3F89BBAE739D}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{975476BF-784B-0C34-09B3-AE6DC25C2B3C}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{2F028509-06B7-9869-5FD6-1F367A0B5827}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{8A5107B8-9CC4-141F-141D-B1952B84A62A}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{BFDF75E6-EBBE-FD30-7DED-A80A072A0452}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{665B0E99-0560-6850-876C-259CC785D49A}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{8191CEE4-C7AB-5A02-4587-9D12B6B443F2}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{E3D88B8D-BB11-D376-C3C6-EF7D0F8DD725}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{8831C53E-B6FA-3DE6-FB39-66BD5019F083}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{CB203E05-4AAA-9076-7D8B-5D7CAD7F0D39}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{4166E94C-7758-3D0E-1518-05BF181FBA21}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{E2D25167-8913-E00E-6755-270D9010DF62}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{4BE67694-29C6-6A69-85E4-D06EFCA12846}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{7B1A228A-7D97-3209-B386-AA878D3555C5}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{54603A0D-55EB-44D8-0D79-4B7CB94AD6B7}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
CrystalDiskInfo 7.6.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.6.0 - Crystal Dew World)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Lexware buchhalter 2016 (HKLM-x32\...\{CED64670-2AD5-4CBB-9A70-E5666B5E24F4}) (Version: 21.51.00.0377 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Einnahmen-Überschuss-Rechner 2016 (HKLM-x32\...\{4858827e-c6d3-4ad4-baa4-2f506d38fc84}) (Version: 21.51.0.280 - Haufe-Lexware GmbH & Co.KG)
Lexware Elster (HKLM-x32\...\{634C2093-AA35-4600-BA2D-41F8912E87E9}) (Version: 16.05.00.0033 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster 2016 (HKLM-x32\...\{c9c745c2-74e4-454e-91e0-ca041e6ed42c}) (Version: 16.5.0.33 - Haufe-Lexware GmbH & Co.KG)
Lexware Info Service (HKLM-x32\...\{1C3F4B46-9004-4830-BD7D-1137A615FBF0}) (Version: 16.00.00.0040 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Installations Dienst (HKLM-x32\...\{6FF55A3A-4E59-4CF8-9248-2EE747168B3E}) (Version: 5.01.00.0040 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware online banking (HKLM-x32\...\{2A594C9D-3011-4628-A524-1D5B7181C0A9}) (Version: 24.01.00.0124 - Haufe-Lexware GmbH & Co.KG)
Lexware PDF-Export 5 (HKLM-x32\...\{15D2ACF2-082D-4478-A011-B86C030B5A53}) (Version: 5.00.01.0009 - Haufe-Lexware GmbH & Co.KG) Hidden
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8431.2250 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-28883196-2242087079-1024213347-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Mozilla Firefox 59.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.2 (x64 en-US)) (Version: 59.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 59.0.2.6656 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8431.2250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7811 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-28883196-2242087079-1024213347-1001\...\Spotify) (Version: 1.0.70.388.g8e1ed5af - Spotify AB)
TAXMAN 2016 (HKLM-x32\...\{E4F52EC2-63AA-402B-A849-F3771F9CE142}) (Version: 21.39.109 - Haufe-Lexware GmbH & Co.KG)
TAXMAN 2017 (HKLM-x32\...\{BBF23ABC-E31E-4DAA-B2AA-8B660C5A6D45}) (Version: 22.34.85 - Haufe-Lexware GmbH & Co.KG)
TAXMAN 2018 (HKLM-x32\...\{1BE1DA7D-D463-4661-A814-27CB10CD8EAF}) (Version: 23.29.44 - Haufe-Lexware GmbH & Co.KG)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.0 (HKLM\...\VulkanRT1.0.11.0) (Version: 1.0.11.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Keine Datei
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Keine Datei
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Keine Datei
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Keine Datei
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Keine Datei
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-07-20] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00425953-3BC7-4074-86F1-D46551E0A92C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-21] ()
Task: {122C59DE-50A2-440B-9942-6DDB5B5A758F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-08] (Adobe Systems Incorporated)
Task: {26F474DA-85C3-4F19-BCD8-97756C57A37B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-04-30] (Microsoft Corporation)
Task: {341D5363-88D2-41F9-A11F-6C23EAEF4A5F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-05-16] (Microsoft Corporation)
Task: {3B30C53C-C65F-4F29-BD7C-F0F618963922} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-04-30] (Microsoft Corporation)
Task: {5B861891-FB8B-4867-9F82-AFE6C87A9848} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-05-16] (Microsoft Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6F871B01-D809-477A-BFCE-3252059FFA7A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-21] ()
Task: {987157C4-8A92-415A-9291-F0E39C487B72} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {A54D3B15-5D5C-4AA2-B1E4-8E1645BE4E9D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_Plugin.exe [2018-05-08] (Adobe Systems Incorporated)
Task: {A91641FC-88BF-49BB-8218-E80B0B03FC6A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-07-20] (Advanced Micro Devices, Inc.)
Task: {BE48A5D5-A6B4-4442-BF6B-2A05E1F2A0F8} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {C6A5C68E-F457-4493-9C79-27B36816777B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-04-30] (Microsoft Corporation)
Task: {DC403C58-8CF3-411E-8C54-7281DF7BECEF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-05-16] (Microsoft Corporation)
Task: {EA7CBE47-10A2-4019-81FF-2E70AB578E15} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MpCmdRun.exe [2018-04-30] (Microsoft Corporation)
Task: {EE22281A-FF16-410B-85FB-BD296E1352F6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-27] (Microsoft Corporation)
Task: {FD086A65-AD9C-4A3B-B0A8-24769C45A1C9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-27] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-05-09 00:44 - 2017-05-09 00:44 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 01:35 - 2018-04-12 18:18 - 002184704 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-05-22 21:36 - 2018-05-22 21:36 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-05-22 21:36 - 2018-05-22 21:36 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-05-22 21:36 - 2018-05-22 21:36 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-05-22 21:36 - 2018-05-22 21:36 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
2018-05-22 21:36 - 2018-05-22 21:36 - 000654848 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-03-28 16:34 - 2018-03-28 16:34 - 004734464 _____ () C:\Program Files\WindowsApps\Microsoft.Wallet_2.2.18065.0_x64__8wekyb3d8bbwe\Microsoft.Wallet.dll
2015-07-07 10:38 - 2015-07-07 10:38 - 000176168 _____ () C:\Program Files (x86)\Lexware\Update Manager\Haufe.Core.Diagnostics.Logging.Targets.Etw.dll
2015-07-07 10:38 - 2015-07-07 10:38 - 000043048 _____ () C:\Program Files (x86)\Lexware\Update Manager\Haufe.Core.Diagnostics.Etw.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 09:24 - 2015-10-30 09:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-28883196-2242087079-1024213347-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Menden\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-28883196-2242087079-1024213347-1001\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-28883196-2242087079-1024213347-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-28883196-2242087079-1024213347-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-28883196-2242087079-1024213347-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-28883196-2242087079-1024213347-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-28883196-2242087079-1024213347-1001\...\StartupApproved\Run: => "AusweisApp2"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{A65BBCC2-CFD4-48FC-8CC6-9777295E8A0B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [UDP Query User{4F044593-64D9-4420-A9AB-52EB4FB79C88}C:\users\menden\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\menden\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{111364C2-CE79-4866-9161-2531E6A12155}C:\users\menden\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\menden\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A6B4ADDF-4E3B-482A-8B53-AB63B2AC0A6D}] => (Allow) H:\fsetup.exe
FirewallRules: [{5E4532CD-C58F-4934-ABBE-69846D8093C8}] => (Allow) H:\fsetup.exe
FirewallRules: [{CC150C51-A92C-46F1-9870-55254583485A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{8A09874A-26D6-4950-9B59-D81C861DD6C1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{31AE2E8A-7DFE-4F09-8891-7FABB64EA57B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C3FDB8A0-1C97-49D8-B904-87BB0B489F72}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B2053B2A-13E2-42CC-B851-2AE9A44180A5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{46BF886C-FA03-477C-8038-FFBE88854C4E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{CB032EDB-5E30-47DF-8056-F0388828847C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{5D67F158-6525-45A1-AC7E-107795C76EC5}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{0EFB93A3-A94F-4297-BCD0-D895305EDAE7}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{0FCCA114-0771-4DBC-B4FA-1B0B757C86D4}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{F3C43473-249A-4E72-8C81-484847F0463E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
FirewallRules: [{93C84174-F9F4-43E5-A450-36069BB1C14A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DBCBA093-84C2-4111-98B6-F89F4778A5B5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{03726949-E3C8-4800-A9B5-321430EE9031}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{6E7CDD3F-BC7B-4637-A3DD-667099ADEA91}C:\users\menden\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\menden\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A9589309-D144-431B-BB75-9700DCCD97C8}C:\users\menden\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\menden\appdata\roaming\spotify\spotify.exe
FirewallRules: [{71A1BAE6-9806-4F1E-ABF0-154E2F863C06}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [{9F92EB7F-D222-4149-BEB5-67E102A364E0}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [{445CDCBA-2666-49CA-ADBE-59918EE114F3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{D8073878-6CE6-46AC-8638-1A2EC523839A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{7BF6A8A8-7BF6-4374-B984-4A667E3443E9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{A6F6A8E5-8616-4B3D-A760-03E6758B13CF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe

==================== Wiederherstellungspunkte =========================

17-05-2018 19:46:21 Windows Update
27-05-2018 07:26:10 Geplanter Prüfpunkt
28-05-2018 07:37:40 Revo Uninstaller's restore point - AusweisApp2
28-05-2018 07:37:52 AusweisApp2 wird entfernt
28-05-2018 07:38:32 Revo Uninstaller's restore point - ESET Security
28-05-2018 07:39:48 Revo Uninstaller's restore point - Malwarebytes Anti-Malware Version 2.2.1.1043
28-05-2018 07:40:34 Revo Uninstaller's restore point - Lexware Einnahmen-Überschuss-Rechner 2016

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: PnP-Monitor (Standard)
Description: PnP-Monitor (Standard)
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardmonitortypen)
Service: monitor
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/28/2018 07:42:50 AM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (05/28/2018 07:42:21 AM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (05/28/2018 07:40:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RadeonSettings.exe, Version: 10.1.1.1680, Zeitstempel: 0x597135e8
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x2360
Startzeit der fehlerhaften Anwendung: 0x01d3f645b8e13daa
Pfad der fehlerhaften Anwendung: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 3b5b6c98-88b6-458f-9805-57e34cb969d4
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/28/2018 07:37:40 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {73b4f129-70d5-47f6-8f14-b0a3f4efa371}

Error: (05/28/2018 07:35:29 AM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (05/27/2018 08:32:45 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SearchUI.exe, Version 10.0.17134.48 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1a6c

Startzeit: 01d3f5843a3facaa

Beendigungszeit: 4294967295

Anwendungspfad: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

Berichts-ID: 44ab5148-0721-4b7d-8ca7-9fec98221e80

Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy

Auf das fehlerhafte Paket bezogene Anwendungs-ID: CortanaUI

Error: (05/27/2018 08:30:38 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SearchUI.exe, Version 10.0.17134.48 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2aec

Startzeit: 01d3f580503a82b3

Beendigungszeit: 4294967295

Anwendungspfad: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

Berichts-ID: eeb66212-e71f-4580-a9af-872b083e799c

Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy

Auf das fehlerhafte Paket bezogene Anwendungs-ID: CortanaUI

Error: (05/27/2018 06:48:39 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-MLFPDC3)
Description: httphttp-2147467263


Systemfehler:
=============
Error: (05/28/2018 07:42:51 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/28/2018 07:42:51 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/28/2018 07:37:31 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID 
Windows.SecurityCenter.WscBrokerManager
 und der APPID 
Nicht verfügbar
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/28/2018 07:37:31 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID 
Windows.SecurityCenter.WscDataProtection
 und der APPID 
Nicht verfügbar
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/28/2018 07:36:18 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-MLFPDC3)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "DESKTOP-MLFPDC3\Menden" (SID: S-1-5-21-28883196-2242087079-1024213347-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 und der APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 im Anwendungscontainer "Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/28/2018 07:35:40 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/28/2018 07:35:40 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/28/2018 07:35:28 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎27.‎05.‎2018 um 21:56:51 unerwartet heruntergefahren.


Windows Defender:
===================================
Date: 2018-05-26 11:41:56.337
Description: 
Die Windows Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {6A61E8A0-2A59-49B0-AB06-E00B27A9B593}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2018-05-17 21:52:12.737
Description: 
Die Windows Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {8BD422F1-17DA-4879-B6C6-953763D57DB8}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2018-05-17 20:17:42.932
Description: 
Die Windows Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {69BC2E44-FF84-455A-A57E-E8D21F4162C6}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM

Date: 2018-05-27 10:32:43.259
Description: 
Fehler des Windows Defender Antivirus-Echtzeitschutz-Features.
Feature: Bei Zugriff
Fehlercode: 0x80004005
Fehlerbeschreibung: Unbekannter Fehler 
Ursache: Die Elementenüberprüfung des Filtertreibers wurde übersprungen, und er befindet sich nun im Durchleitungsmodus. Dies ist möglicherweise auf Ressourcenmangel zurückzuführen.

Date: 2018-05-27 07:51:10.275
Description: 
Fehler des Windows Defender Antivirus-Echtzeitschutz-Features.
Feature: Bei Zugriff
Fehlercode: 0x80004005
Fehlerbeschreibung: Unbekannter Fehler 
Ursache: Die Elementenüberprüfung des Filtertreibers wurde übersprungen, und er befindet sich nun im Durchleitungsmodus. Dies ist möglicherweise auf Ressourcenmangel zurückzuführen.

Date: 2018-05-27 07:26:10.354
Description: 
Fehler des Windows Defender Antivirus-Echtzeitschutz-Features.
Feature: Bei Zugriff
Fehlercode: 0x80004005
Fehlerbeschreibung: Unbekannter Fehler 
Ursache: Die Elementenüberprüfung des Filtertreibers wurde übersprungen, und er befindet sich nun im Durchleitungsmodus. Dies ist möglicherweise auf Ressourcenmangel zurückzuführen.

Date: 2018-05-22 21:53:25.042
Description: 
Fehler des Windows Defender Antivirus-Echtzeitschutz-Features.
Feature: Bei Zugriff
Fehlercode: 0x80004005
Fehlerbeschreibung: Unbekannter Fehler 
Ursache: Die Elementenüberprüfung des Filtertreibers wurde übersprungen, und er befindet sich nun im Durchleitungsmodus. Dies ist möglicherweise auf Ressourcenmangel zurückzuführen.

Date: 2018-05-22 21:36:20.306
Description: 
Fehler des Windows Defender Antivirus-Echtzeitschutz-Features.
Feature: Bei Zugriff
Fehlercode: 0x80004005
Fehlerbeschreibung: Unbekannter Fehler 
Ursache: Die Elementenüberprüfung des Filtertreibers wurde übersprungen, und er befindet sich nun im Durchleitungsmodus. Dies ist möglicherweise auf Ressourcenmangel zurückzuführen.

CodeIntegrity:
===================================

Date: 2018-05-26 12:36:25.283
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET Security\Updfiles\base_nonnups\nod724A.dll.nup.raw because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-05-26 12:36:25.128
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET Security\Updfiles\base_nonnups\nod724A.dll.nup.raw because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-05-26 12:36:25.009
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET Security\Updfiles\base_nonnups\nod724A.dll.nup.raw because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-05-26 12:36:24.383
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET Security\Updfiles\base_nonnups\nod3FEA.dll.nup.raw because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-05-26 12:36:24.220
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET Security\Updfiles\base_nonnups\nod3FEA.dll.nup.raw because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-05-26 12:36:24.096
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\ESET\ESET Security\Updfiles\base_nonnups\nod3FEA.dll.nup.raw because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 22%
Installierter physikalischer RAM: 8130.94 MB
Verfügbarer physikalischer RAM: 6322.59 MB
Summe virtueller Speicher: 9410.94 MB
Verfügbarer virtueller Speicher: 7573.18 MB

==================== Laufwerke ================================

Drive c: (System 240GB) (Fixed) (Total:222.62 GB) (Free:132.48 GB) NTFS
Drive d: (eigene Dateien) (Fixed) (Total:931.39 GB) (Free:912.6 GB) NTFS

\\?\Volume{4cd27692-0000-0000-0000-100000000000}\ (System-reserviert) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{4cd27692-0000-0000-0000-20c737000000}\ () (Fixed) (Total:0.46 GB) (Free:0.06 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 4CD27692)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=222.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=468 MB) - (Type=27)

========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================


Alt 28.05.2018, 09:59   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung) - Standard

Wo Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung) Lösung!


Schädlinge suchen mit Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
--> Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung)

Alt 28.05.2018, 10:05   #7
Stage2009
 
Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung) - Standard

Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung)


Code:
ATTFilter
11:01:56.0583 0x067c  TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17
11:02:14.0363 0x067c  ============================================================
11:02:14.0363 0x067c  Current date / time: 2018/05/28 11:02:14.0363
11:02:14.0363 0x067c  SystemInfo:
11:02:14.0363 0x067c  
11:02:14.0363 0x067c  OS Version: 10.0.17134 ServicePack: 0.0
11:02:14.0363 0x067c  Product type: Workstation
11:02:14.0363 0x067c  ComputerName: DESKTOP-MLFPDC3
11:02:14.0363 0x067c  UserName: Menden
11:02:14.0363 0x067c  Windows directory: C:\WINDOWS
11:02:14.0363 0x067c  System windows directory: C:\WINDOWS
11:02:14.0363 0x067c  Running under WOW64
11:02:14.0363 0x067c  Processor architecture: Intel x64
11:02:14.0363 0x067c  Number of processors: 8
11:02:14.0363 0x067c  Page size: 0x1000
11:02:14.0363 0x067c  Boot type: Normal boot
11:02:14.0363 0x067c  CodeIntegrityOptions = 0x00000001
11:02:14.0363 0x067c  ============================================================
11:02:14.0398 0x067c  KLMD registered as C:\WINDOWS\system32\drivers\43555505.sys
11:02:14.0398 0x067c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 17134.1, osProperties = 0x19
11:02:14.0441 0x067c  System UUID: {7686BB56-CE95-A59E-968A-713B3B2A4204}
11:02:14.0580 0x067c  Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 ( 223.57 Gb ), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:02:14.0602 0x067c  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:02:14.0613 0x067c  ============================================================
11:02:14.0613 0x067c  \Device\Harddisk0\DR0:
11:02:14.0613 0x067c  MBR partitions:
11:02:14.0613 0x067c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xFA000
11:02:14.0613 0x067c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFA800, BlocksNum 0x1BD3E2AE
11:02:14.0613 0x067c  \Device\Harddisk1\DR1:
11:02:14.0613 0x067c  GPT partitions:
11:02:14.0613 0x067c  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {4973300B-2041-4BA1-9E5C-9C818C180F26}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
11:02:14.0613 0x067c  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {435A0516-B6E8-4AAE-A772-2306FAD545A3}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x746C6000
11:02:14.0613 0x067c  MBR partitions:
11:02:14.0613 0x067c  ============================================================
11:02:14.0615 0x067c  C: <-> \Device\Harddisk0\DR0\Partition2
11:02:14.0641 0x067c  D: <-> \Device\Harddisk1\DR1\Partition2
11:02:14.0641 0x067c  ============================================================
11:02:14.0641 0x067c  Initialize success
11:02:14.0641 0x067c  ============================================================
11:02:57.0849 0x33ac  ============================================================
11:02:57.0849 0x33ac  Scan started
11:02:57.0849 0x33ac  Mode: Manual; SigCheck; TDLFS; 
11:02:57.0849 0x33ac  ============================================================
11:02:57.0849 0x33ac  KSN ping started
11:02:57.0944 0x33ac  KSN ping finished: true
11:02:58.0320 0x33ac  ================ Scan system memory ========================
11:02:58.0321 0x33ac  System memory - ok
11:02:58.0321 0x33ac  ================ Scan services =============================
11:02:58.0348 0x33ac  [ 4B45A2D37CCE3CC0F161B7C7286081A6, DF4EBAA12E083AE45411AABD3EDE916E2CC6963FBA664861AC9B2351B5E042DC ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
11:02:58.0392 0x33ac  1394ohci - ok
11:02:58.0401 0x33ac  [ F5E5BA493B7C497F1F769942E2EA4CE2, 4AD54DA24142BCE49FB64CFF2CB28764FAA93827E7DB02925090B68F8C73B1FB ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
11:02:58.0411 0x33ac  3ware - ok
11:02:58.0424 0x33ac  [ CA51BB1B81F97E896E116C839B92D9D8, 09F73D8FB93EA524D3C9A9C264F62340560DC7042589597A318626A0A198F91F ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
11:02:58.0443 0x33ac  ACPI - ok
11:02:58.0446 0x33ac  [ 75795E4B19BB3ED8D3C25A17CD15DC30, 22A13064E0B472A0A2258D61A889B73EE3F537DA7796CCE39DF973AFA8FA1567 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
11:02:58.0459 0x33ac  AcpiDev - ok
11:02:58.0464 0x33ac  [ DDA0FC1400A24988A7D3E746AEDF2C0F, 3A703A204FDE46C67017C274CA1F50F591D909EE182A82697E89442D4A5569CE ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
11:02:58.0473 0x33ac  acpiex - ok
11:02:58.0476 0x33ac  [ 1F2EC25DA23D1DF3ADA12FE5A26D321C, B165D72949E43F04312C95BF0FF5C25CFE5CA0CDF43415E01AB2B1550D06C737 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
11:02:58.0488 0x33ac  acpipagr - ok
11:02:58.0491 0x33ac  [ 6AFFD57803BBB6FBCB483F983900A5C4, A3A87984E70C8B47F919D2633E6378F3AACCBF3E74DB3B35BB2E15D036DB36E2 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
11:02:58.0503 0x33ac  AcpiPmi - ok
11:02:58.0506 0x33ac  [ 0FC8673FAFC7D78C1CDC000F892CAC64, 33FB109ABD18FBF4DA5047BAA9FAF63E88D5BA1826442DB02F9130DAD11D15F2 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
11:02:58.0514 0x33ac  acpitime - ok
11:02:58.0519 0x33ac  [ CA805DA983594B01F3554464B2E5158F, AC311C5D59AA1FA2B1B3CDB9CCEABEC85878BF6CA6106253186909AA9EB3C1BA ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:02:58.0527 0x33ac  AdobeARMservice - ok
11:02:58.0542 0x33ac  [ E53B27BE2E80B2B64311036CDBB632F6, C1BEF41A1198587FB65FF88383DB4E7629C33060DB18AEB1FC74ED616934AA41 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:02:58.0552 0x33ac  AdobeFlashPlayerUpdateSvc - ok
11:02:58.0573 0x33ac  [ A3D4CF2F3A433BE18CD4AD3E6665DC63, 9D62A7E2DDA15B2E75490CCB9C8E10A41030F496A93631EDED5F1003DF368290 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
11:02:58.0600 0x33ac  ADP80XX - ok
11:02:58.0616 0x33ac  [ 4DCCC3E02A22ED4A4ADB11386F226071, 40BB183049DE3ADCC7A5B1B269620C8534291BB7A956157434C857DE249559EE ] AFD             C:\WINDOWS\system32\drivers\afd.sys
11:02:58.0634 0x33ac  AFD - ok
11:02:58.0638 0x33ac  [ F267095A11A461BEF39FB180750BE801, CF90798C46892FF5225155D2C7BCC469A4A631E22919CBEDA2F4FEEF4F05E301 ] afunix          C:\WINDOWS\system32\drivers\afunix.sys
11:02:58.0658 0x33ac  afunix - ok
11:02:58.0664 0x33ac  [ 0CD0F0C62414217DE9EA7EC8D425277E, FD211157B85B841D0C94B36776572FADC7425F1B0B49EACC910D3E175208A7EC ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
11:02:58.0685 0x33ac  ahcache - ok
11:02:58.0689 0x33ac  [ 2BF4DA8EC5F1A0D88D2DDE1E6821076B, B9F4D499DB4CB91576ACE4847B96F2FC770B9BCC223B5E2261B2DEC22D7651E7 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
11:02:58.0703 0x33ac  AJRouter - ok
11:02:58.0708 0x33ac  [ 9E9D78D1C179EB2E3E2282A1DC409D93, EA7486B4425A87FDDD60542AAF0812A8DB868F569886B894883702B362A05D2C ] ALG             C:\WINDOWS\System32\alg.exe
11:02:58.0724 0x33ac  ALG - ok
11:02:58.0731 0x33ac  [ 87BA1BF9ECF65020791E452EEFAA2A43, 7AEB29EFC682A484745CC82327F3E09E3C4B205E44B0C0FDE07A8A055D28866B ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
11:02:58.0745 0x33ac  AMD External Events Utility - ok
11:02:58.0751 0x33ac  [ 6DF48AD26E6285FB137F11328B64A376, 76FF9A753C262065E819E862E7950127472C5E6AB7E97B57977C6DCE6180760A ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
11:02:58.0769 0x33ac  AmdK8 - ok
11:02:58.0773 0x33ac  [ 275B6F698CBEC36C42D3ABD7EE049BA1, C6CE3514947F67410B34E8973C87996A14FF485A2E5C7E5BA4FE276FB893D51C ] amdkmafd        C:\WINDOWS\system32\drivers\amdkmafd.sys
11:02:58.0787 0x33ac  amdkmafd - ok
11:02:58.0789 0x33ac  amdkmdag - ok
11:02:58.0803 0x33ac  [ E59CA16EC504092D44E80EDB96B9E5D4, E140B557E2FBC444940A71C5A6D269404C56C822E21EE5FE946D9C01AEBA49B4 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
11:02:58.0821 0x33ac  amdkmdap - ok
11:02:58.0828 0x33ac  [ D8804032BCDE4077A6D8D431D12AC6CC, F017A3FEAB2919A9662A9BFEF31AE7B7EC19F1136C9D0DC6C48A415B540A8062 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
11:02:58.0841 0x33ac  AmdPPM - ok
11:02:58.0846 0x33ac  [ A88F5E24B65228FB25F2051B3408A0E4, C124B486839EA15D6806EB51E91EBF99401CD7D226541320A7A4934A8477DCEF ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
11:02:58.0854 0x33ac  amdsata - ok
11:02:58.0860 0x33ac  [ AECD39E51DABC2BF045B2857F02FA2BD, 83E2AC3200B6EA1586E4E0204D81CEAF303D7C9EBE7E5D1273A41A4EC1390E56 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
11:02:58.0871 0x33ac  amdsbs - ok
11:02:58.0875 0x33ac  [ B4CC9943230CAEB05B46CC30C220E141, 013716E6911136EB0916A1D592198DD7953800549DA0C885093D2BA3CC9BA2A7 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
11:02:58.0882 0x33ac  amdxata - ok
11:02:58.0888 0x33ac  [ E4A18157BF5D8D714C05169A8A8D604C, 45D8CB25A9967D634F8331070BDFB3DF4ACB6295CF1520F9AAE8753D3BF4018A ] AppID           C:\WINDOWS\system32\drivers\appid.sys
11:02:58.0898 0x33ac  AppID - ok
11:02:58.0901 0x33ac  [ F1A04835C7FA75C8215961C1095D5EBF, 45D153404E601C0CE247058B78F328DD9F7F4F6A9480132F7CE6D9A7092F63CF ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
11:02:58.0914 0x33ac  AppIDSvc - ok
11:02:58.0919 0x33ac  [ 48EA4B4CCC920D130529A1EF85388B6A, 31F69543682E70DF0A6B2A70FC7553ECEE643C554E7F8FF18A2DD09359360F8E ] Appinfo         C:\WINDOWS\System32\appinfo.dll
11:02:58.0942 0x33ac  Appinfo - ok
11:02:58.0948 0x33ac  [ 7DEFAE8665BCEDDC2C9983138D69D7A5, BDD39E55DDFD33114EC36CBE79298149E6A920A6B8F440A8C1F7A7003D1867C9 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:02:58.0954 0x33ac  Apple Mobile Device Service - ok
11:02:58.0957 0x33ac  [ 769316CA5884FBBD02D45C28FE105922, 117168BFB2D8DBF1258EBA53DCE09E74000B35B7B7460251B4C46BDB9CEA709A ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
11:02:58.0967 0x33ac  applockerfltr - ok
11:02:58.0980 0x33ac  [ 922BBB78C86D1E3B34599E6513BAD2F3, 30904E54F0CE28273EC6EFE91B6237F656A158D7B976FB3322E3A25692528747 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
11:02:59.0016 0x33ac  AppReadiness - ok
11:02:59.0066 0x33ac  [ BAE38E49755CFF157B4EA06988465E10, 792E0D4E443DB997B4EDADF90F460FDB85D6AE762B83CB28873B0D65A8F2D388 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
11:02:59.0156 0x33ac  AppXSvc - ok
11:02:59.0164 0x33ac  [ 013E057DF3D13A4462AD912D7732E7E0, 7C89AD5799091D17EAED682058559DBAE882D0E18C347B5AECE7BCCFD0E2D21C ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
11:02:59.0173 0x33ac  arcsas - ok
11:02:59.0176 0x33ac  [ B25ACCD9BE5F5798E9DD8FFB04D7BE4C, 87577AD2E4A47518B8101C67F1025CB3CD2ABBA678774A5926192FCD56EF1350 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
11:02:59.0193 0x33ac  AsyncMac - ok
11:02:59.0196 0x33ac  [ 90AB4ED8EBD72A1C096A40CC35404B91, C343466D439552D154BBD1A5F9D391CDD3FA298A712594EA27C3049E3516D1AF ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
11:02:59.0203 0x33ac  atapi - ok
11:02:59.0208 0x33ac  [ 36DACA17F266DF9DD2B1F8894309D87F, 18D6C60BC8AC1F2758CC3854368D4C606605D5077C6F9D5F8A0AC3F91CF54D26 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
11:02:59.0217 0x33ac  AtiHDAudioService - ok
11:02:59.0230 0x33ac  [ 7B62AFBD877C2FC64E639A60B73D82B7, 4EA0B5E4BC11C03D1FBDA98B6F4CE844A127B7BFDB5D237A01F8B0EB4844E9B9 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
11:02:59.0259 0x33ac  AudioEndpointBuilder - ok
11:02:59.0287 0x33ac  [ D4DDEBD1EF825B0C2FE1A11BAFBE55E3, 2B5533E1A14821D37483FB85294A9227134E7FBF9E2E7E0B32D3EF9C6AF83CE6 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
11:02:59.0337 0x33ac  Audiosrv - ok
11:02:59.0343 0x33ac  [ D7BFD86F7A9ABE39351199869D093110, 90BB2C0A8185D3982FEFAC7C1E18783AF949EBECA3B9E44DCF89E2FD5FD6AA0C ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
11:02:59.0355 0x33ac  AxInstSV - ok
11:02:59.0366 0x33ac  [ F10E4C9444A9FC6DCBAB2C42F6999FA1, 4238B6DD49CBADFE2C737AC1B211AE045F458DDF1693EE54608455C1ECE1BCCA ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
11:02:59.0383 0x33ac  b06bdrv - ok
11:02:59.0387 0x33ac  [ 982FAA5686F67BFEF3E6094705C2621F, 02456312B0FD0ABE7B7EEC0FB385268AF34DDB5F13AF934F96FCA7C32EA51447 ] bam             C:\WINDOWS\system32\drivers\bam.sys
11:02:59.0394 0x33ac  bam - ok
11:02:59.0398 0x33ac  [ FA4973E379E872C61D0CF4E39F807833, 3320FAB0CF16BB1ABBBA222CC31D20B5AC7A4259DE4323B109A8F2FECC28C8A4 ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
11:02:59.0411 0x33ac  BasicDisplay - ok
11:02:59.0415 0x33ac  [ F024B80EA0076A318598DAB795F9C3D0, 6225A5FCD2B750A0E4FFFCCB1CDF49BAA7809A4B4AD7AB625A585CF4971CDE25 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
11:02:59.0424 0x33ac  BasicRender - ok
11:02:59.0448 0x33ac  [ 15971E9AE43AA92C6A527622F36C41A0, DD3F0B5F6231A0C32AE7135ECB5ACABD495801C0D5673D76821EA06112ED83F5 ] BcastDVRUserService C:\WINDOWS\System32\BcastDVRUserService.dll
11:02:59.0492 0x33ac  BcastDVRUserService - ok
11:02:59.0499 0x33ac  [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
11:02:59.0507 0x33ac  bcmfn2 - ok
11:02:59.0517 0x33ac  [ 255D1EA1F4EDA1B7B28A88581F12A1CE, 5B2D7F2EFA7BB539719890CF2E45568C544DD0EECEC44BBA56CCECB792E8BC44 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
11:02:59.0539 0x33ac  BDESVC - ok
11:02:59.0542 0x33ac  [ 9B068DF7B7B3DDF768D06DFD69B49FD0, DC2CD3A70506AEB1BCEB207A9B06657806E72C5432FA605FF9C6F11516F38132 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
11:02:59.0563 0x33ac  Beep - ok
11:02:59.0578 0x33ac  [ 8152A6374BB6DAF39C3215903A76F6CF, D991CBA589DB2482F2183EAF4BADD6C92183AF6A6EC48FD97F249AC1C1CC4D38 ] BFE             C:\WINDOWS\System32\bfe.dll
11:02:59.0606 0x33ac  BFE - ok
11:02:59.0611 0x33ac  [ BC1E5F20251E0AFDB955E7D91093B619, 5642E6B6CA6DBC8585834790A70CFF54252A631A9EA06D28F28EF7430FA42BE5 ] bindflt         C:\WINDOWS\system32\drivers\bindflt.sys
11:02:59.0619 0x33ac  bindflt - ok
11:02:59.0642 0x33ac  [ 97F4C0B9741E06BAC6AD2D93ABCEAED8, 25FD58F4BA2F8EC99241A580352D1EC49924829C61D89353B30CCEEE2CEBADE7 ] BITS            C:\WINDOWS\System32\qmgr.dll
11:02:59.0688 0x33ac  BITS - ok
11:02:59.0700 0x33ac  [ 30D75769E23CCFBE13DB41FC54243BB1, 4ED018F1DB103D3F354D8EF7DFE797028DBDF22294D355F6D38DF9C6AF61B69E ] BluetoothUserService C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll
11:02:59.0721 0x33ac  BluetoothUserService - ok
11:02:59.0733 0x33ac  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:02:59.0744 0x33ac  Bonjour Service - ok
11:02:59.0749 0x33ac  [ 00C33AC3096BB64BACD5554A55025F8F, E13669966AA69A9C18E8932491F722F595666163DA2C6695C8F415AD55836B53 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
11:02:59.0762 0x33ac  bowser - ok
11:02:59.0778 0x33ac  [ 53C4AF4DA254AED8D3EEBA4A319960FA, 707D27136D96044C2C964F34731D43CF94C583059414CFD9033276F999D4BEC0 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
11:02:59.0808 0x33ac  BrokerInfrastructure - ok
11:02:59.0820 0x33ac  [ 85F5808D19879E1803E46405090F29C8, E22E73BCE3B76BFBAC712DF1E5D7D38E189B80D1CE6E9A9AB3C94733CF18F04B ] BTAGService     C:\WINDOWS\System32\BTAGService.dll
11:02:59.0842 0x33ac  BTAGService - ok
11:02:59.0849 0x33ac  [ 2B5EB1BB42AEE7A77B1E9C794DFCEF3D, E94040AAE365CFCAEEC75F38EBDDB2C7F13B41F41D96C33FE3F25078BA21DA13 ] BthA2DP         C:\WINDOWS\system32\drivers\BthA2DP.sys
11:02:59.0863 0x33ac  BthA2DP - ok
11:02:59.0872 0x33ac  [ 063E91CD2CB1C372459FD6FBC02509E7, 29319290F73D8D87323584D938FBC86400AB37455E7E058A543A77F9BBF4579D ] BthAvctpSvc     C:\WINDOWS\System32\BthAvctpSvc.dll
11:02:59.0892 0x33ac  BthAvctpSvc - ok
11:02:59.0897 0x33ac  [ E0121734C2492406034FA23E3D394EBD, E855EB12DD35CC47F68C5C6B1622560599C7074E274E510528196D47BDA56960 ] BthEnum         C:\WINDOWS\system32\DRIVERS\BthEnum.sys
11:02:59.0909 0x33ac  BthEnum - ok
11:02:59.0913 0x33ac  [ F56B351A4E2B384911B2BA2A98261F34, A8140A2ABEC704A11776D29894ADD5D1FA9C125567EB6B270694573DB9B0E30E ] BthHFAud        C:\WINDOWS\system32\DRIVERS\BthHfAud.sys
11:02:59.0924 0x33ac  BthHFAud - ok
11:02:59.0930 0x33ac  [ 02FEC31842DD153D966AC227B6DDF8BB, 90EEEA049212E5FE8EFA2ACED45DFB6ABAFEA6D40FB4E1E2681F65A417237163 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
11:02:59.0942 0x33ac  BthHFEnum - ok
11:02:59.0947 0x33ac  [ 8EE632BFE4BABD4E7A299AF54476F9A5, 836675F295A033C0239DCF86D90985443A60D5A1F38B668CA82A30BDFD983352 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
11:02:59.0961 0x33ac  BthLEEnum - ok
11:02:59.0965 0x33ac  [ A0EC1D5C937995A2C5F1179538A8A6B4, CBFBDF2D8305BD72FFF64AAAB31EB5D5B8ADE537C35AC63DC3F6ADCBF96B3659 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
11:02:59.0979 0x33ac  BTHMODEM - ok
11:02:59.0984 0x33ac  [ B10E0CC936462BBA7BC659C0927617A0, B4F2A318384D176D0ACF26372756CE097F34EED59FBB023E7DB8F95D8F73F69A ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
11:02:59.0996 0x33ac  BthPan - ok
11:03:00.0015 0x33ac  [ EF105DBEB81F14EBDBA5F7977AD8FA91, A4D20038B72361CD95446854F2E538314C4C8B5EA4618AC7B18A43D8AF777A34 ] BTHPORT         C:\WINDOWS\system32\DRIVERS\BTHport.sys
11:03:00.0048 0x33ac  BTHPORT - ok
11:03:00.0055 0x33ac  [ 1EB49C9E2716D4924460B2FAA295E313, B96D39479BFD2ABCD3A3BB8897EAD7C5A03DFFD7266E82A1FBA0E7FEAF73E4B8 ] bthserv         C:\WINDOWS\system32\bthserv.dll
11:03:00.0070 0x33ac  bthserv - ok
11:03:00.0073 0x33ac  [ 0D5ECDF2601312025811F6AC413F851A, B7E99CF02C6B511BD643E7F8BB59E983D8B65073D9B55ED44457EDC2BBBBC419 ] BTHUSB          C:\WINDOWS\system32\DRIVERS\BTHUSB.sys
11:03:00.0085 0x33ac  BTHUSB - ok
11:03:00.0088 0x33ac  [ E3786BEBB7E4003DE324A18069DDA081, 4DDA70CCB011D74811BA51686E6ED9A404EBE549AE6B3CE0DDBCB83D09E8AABA ] bttflt          C:\WINDOWS\system32\drivers\bttflt.sys
11:03:00.0095 0x33ac  bttflt - ok
11:03:00.0099 0x33ac  [ 03C13BB635635B9152DBF49AA07B728C, F6141576EB54EFE5E329762EC548C7D256EFB57C42A46BB3426B779413F0C975 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
11:03:00.0108 0x33ac  buttonconverter - ok
11:03:00.0112 0x33ac  [ 9983FF8D9834F2E67787F4BDC42A8E36, 85260F4A657D657ACD394339DFDDE814AD6BCA65712EAD943833BE7AB0937C8D ] CAD             C:\WINDOWS\System32\drivers\CAD.sys
11:03:00.0120 0x33ac  CAD - ok
11:03:00.0127 0x33ac  [ 91EACB2FCD384C2D71EAF2BAB3FAA5C5, A3BB724570A9E882E8E6AF8CF29BC03DB77B3D31B87DDF6187C101E1B9C2617F ] camsvc          C:\WINDOWS\system32\CapabilityAccessManager.dll
11:03:00.0143 0x33ac  camsvc - ok
11:03:00.0148 0x33ac  [ 407B33DE151A3DFCF564AC4270E44B1D, 8B1419FEDDCEF9F9F239B4C1A629F4F2748FC09CF3E38CA01D8D6D1D32252346 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
11:03:00.0162 0x33ac  CapImg - ok
11:03:00.0166 0x33ac  [ D3CBC6DE5955D014407C7BD1FFE80F00, 9D185AED383FCBF16EE63192452DE888D8485D7BD9C0257BF92A68C42120A1B8 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
11:03:00.0187 0x33ac  cdfs - ok
11:03:00.0200 0x33ac  [ 0942C87ED45B1E227032AD154105F79B, A0A40589B9C399061C1C46247609CA514DCD21DDF1E7FCEE19F0CE75D0FC7996 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
11:03:00.0224 0x33ac  CDPSvc - ok
11:03:00.0235 0x33ac  [ 9FBF5849A6F51E3B3F8AF2A4171648DA, 7422BC5C87075F5008E6364C8AFAA794AB17CA2DC238DC00F377B942B6FCDC11 ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
11:03:00.0256 0x33ac  CDPUserSvc - ok
11:03:00.0263 0x33ac  [ AD4D24434C058AFAFD5AB319B4BF5B66, 362470CF93CC1A7B37AFFF8F41C5E0089EDCE16553DC9EC131E7202B52A745A2 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
11:03:00.0274 0x33ac  cdrom - ok
11:03:00.0280 0x33ac  [ 620E4F2FDD04FFB70702676423F1C2AC, 25A19FFA966605C229F5BFBCBBBEE36695FC673C7814CF13E79EE4A9B3D8CBE2 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
11:03:00.0295 0x33ac  CertPropSvc - ok
11:03:00.0303 0x33ac  [ 4A08B239F92B319AD31E3916D27AD4B9, 948772689F14090E9E096CF7423CE5D994E3F9964775AD5B2F78C37A987EE980 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
11:03:00.0315 0x33ac  cht4iscsi - ok
11:03:00.0344 0x33ac  [ C8EA9376E4D284F9DF24B27AC6E3AB85, DAD3B00A37797E7C80E0C359BA735B65BBBE5DC25480910737D86D2711A6FF8C ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
11:03:00.0382 0x33ac  cht4vbd - ok
11:03:00.0387 0x33ac  [ 3AA86DA04A561E8162C2DBBF92D12074, 9CB67299BEC25F2B357DDAA5A36B3464193B8BDAB4DCFAE0CD4315911027E409 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
11:03:00.0397 0x33ac  circlass - ok
11:03:00.0406 0x33ac  [ 5619FC2A3AE4F43D4B20D95472ED948E, A5D530FB6AC493FC01489A1D32C311F7D28F0D7B49C950E71F4ADF4FBA302689 ] CldFlt          C:\WINDOWS\system32\drivers\cldflt.sys
11:03:00.0425 0x33ac  CldFlt - ok
11:03:00.0435 0x33ac  [ DB26170CF6555B9AFF76CFA067ABCF90, A066E89267783A5E54A36D1CF193916218BE2E1D177F0ACA82E2B86211629806 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
11:03:00.0448 0x33ac  CLFS - ok
11:03:00.0556 0x33ac  [ AEA85358F32473F27F8DF052FDA17C7B, 215845D3E34C6CEB360126F06B21440F60B27F929C0D08AC0D747857CD5D8D92 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
11:03:00.0683 0x33ac  ClickToRunSvc - ok
11:03:00.0708 0x33ac  [ 5BD85187D6A6A37D2A4563F33D7A76E4, 6FF434BE93259229E0EA64EC1B6E09B1B814C2A467FC2859B94C79549E2F114C ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
11:03:00.0733 0x33ac  ClipSVC - ok
11:03:00.0739 0x33ac  [ 66CBF6F8FE6F436B315D7FEAF5D2BB40, 0F6AE6412EF73C74EF0EB1866E8CD85AACE4373D5C24F3D0121F5A7420E5A03B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
11:03:00.0748 0x33ac  CmBatt - ok
11:03:00.0762 0x33ac  [ 05E7964417FAA5A1F128CDC00D0AC570, 1617C15C27FF0E160F9FED43B39926D4729419F28C2F9152C73DBC2E33140217 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
11:03:00.0782 0x33ac  CNG - ok
11:03:00.0786 0x33ac  [ 037DCC7A71938729CB12E8174E03031C, 1BA2F74F639BF8D5BB38AA658A6D847BAE8D85CF72C4AD5F13BBA1D53145789F ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
11:03:00.0793 0x33ac  cnghwassist - ok
11:03:00.0803 0x33ac  [ E40C99A3E0FFF49687F2187BF3E3050D, 30723EC5767C3F6FAA3CF299440B71B5973F890FB54B9737B96FA0359E7D90FA ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys
11:03:00.0811 0x33ac  CompositeBus - ok
11:03:00.0814 0x33ac  COMSysApp - ok
11:03:00.0817 0x33ac  [ 3799A9DFB162D9AAD6AC12CB8185FD19, 942F2777049166EC43F93177F0084EA08B06CE9107AF55337124FE25CCB158C4 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
11:03:00.0825 0x33ac  condrv - ok
11:03:00.0842 0x33ac  [ 9D1E4820F8EE2DD5B9720C8DC62F4C4F, 82BC0228B88A745C628A6B1625FF597426CAAB791E629D00FA780A2B4DAE7175 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
11:03:00.0864 0x33ac  CoreMessagingRegistrar - ok
11:03:00.0873 0x33ac  [ 6C6073B45D65887A6035F1A8D073274A, F002B25E05D0894CD12BA3D046E11D4AD6F0BCE8796618B0EE54851223A65C15 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
11:03:00.0896 0x33ac  CryptSvc - ok
11:03:00.0900 0x33ac  [ 8711386E9B04357F8F58166760759F3A, 8912CFD220645002C9D3F9E49717D8B0B98704380B45F53D45D5674537B496FF ] dam             C:\WINDOWS\system32\drivers\dam.sys
11:03:00.0908 0x33ac  dam - ok
11:03:00.0930 0x33ac  [ 8CE6D7338F84B228450C8240BB77DB16, 3580ACCD3D1D31E2BA90A1A0FE7CE1FFBD12CF00931098664AAD2EA42F075FEF ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
11:03:00.0971 0x33ac  DcomLaunch - ok
11:03:00.0983 0x33ac  [ 7ECF8E55CAF04A8F7F7498C55A6EDAC5, F6E033A10338AD8746E1538B12B1B470E8F97210E4564893568D0C7EB165D794 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
11:03:01.0005 0x33ac  defragsvc - ok
11:03:01.0016 0x33ac  [ 8DF502E8116C625387DD789936D7A0C2, D42661E068F401199FAEA012C200EEF02C1409A09DACD30E6B08E3FBE4149BFA ] DeviceAssociationService C:\WINDOWS\system32\das.dll
11:03:01.0036 0x33ac  DeviceAssociationService - ok
11:03:01.0041 0x33ac  [ DBD6E8A5C358AAA3B4900EFD5CF94CC8, C8261CBE358562B3F31ADA0567723E0118A8687DFC8939FABC65E61C38BFE20B ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
11:03:01.0058 0x33ac  DeviceInstall - ok
11:03:01.0067 0x33ac  [ 38D6ED38A46F815C24C5656E8A5AB083, 730DD6D85771A60E5C089BF5D810E3AEA335BF7DD14FD72924A1A4FCF021A59D ] DevicePickerUserSvc C:\WINDOWS\System32\Windows.Devices.Picker.dll
11:03:01.0093 0x33ac  DevicePickerUserSvc - ok
11:03:01.0109 0x33ac  [ 372BD821867225F32DE87A6B3FEC8A2E, 20389A1861B5A451EE3383F68FC59B3C9A75D3123B2DF1669CBB5CC37A0128B0 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
11:03:01.0142 0x33ac  DevicesFlowUserSvc - ok
11:03:01.0147 0x33ac  [ C48C4D6B8D9C53F0399DEDA402A6FAE5, 25FBE2A51DCF7DB95AD2707502F8A9661B94FC61DFC405DA5BF23BED1BA123D2 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
11:03:01.0159 0x33ac  DevQueryBroker - ok
11:03:01.0163 0x33ac  [ 9E74A900CCCA3EA6C8533CF94B3F8223, A585A0EBCC604981BB648B709903A263CECC5D589F65411C297D0D68864947AE ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
11:03:01.0178 0x33ac  Dfsc - ok
11:03:01.0183 0x33ac  [ 5F78930AAB3900102EA8ACDD38F97324, 49CAE29CC7B1B846BDE603B1A411833162ACC1A9D1608BFDF67C2EA3A0EE0F85 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
11:03:01.0191 0x33ac  dg_ssudbus - ok
11:03:01.0200 0x33ac  [ 51D1F76C6EC94B0773D276C91B06A781, DF3E512D1FFA1E7AA75D4CEDD5D5AB8DAA13BE5C8427B6A4F064FDCF455C9589 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
11:03:01.0220 0x33ac  Dhcp - ok
11:03:01.0224 0x33ac  [ FF05980EEE93D2B4AB1284BF21D7F12B, 026C8489CC9232605B87F02E3276B81DB23A6B64BB66C01F0FD6E7D266ECD17C ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
11:03:01.0238 0x33ac  diagnosticshub.standardcollector.service - ok
11:03:01.0245 0x33ac  [ 6EC6BB6EF31C85FD72D14BE4A1BD1B03, E027124AD492ED22F0D604030CB0E2C3778331879FC73A614644FA8C8606ADD3 ] diagsvc         C:\WINDOWS\system32\DiagSvc.dll
11:03:01.0266 0x33ac  diagsvc - ok
11:03:01.0311 0x33ac  [ E74FCFD1499A4F816A99D35E297CCE63, 9C6D75200A8D0932CA77F68D78F11B89B0A45441ABB1662BE69567FE13138D19 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
11:03:01.0392 0x33ac  DiagTrack - ok
11:03:01.0399 0x33ac  [ A79FCB89805FA9EA9F48B671A4591D4E, 13CA8B9CB35DF9F8EFFF8E6ECC0F65E4F179FA9BEF4B68F3382CA4A6BF14FA54 ] Disk            C:\WINDOWS\system32\drivers\disk.sys
11:03:01.0407 0x33ac  Disk - ok
11:03:01.0422 0x33ac  [ 89FC056F9CEFB85FC7159AA063904AFF, 6B6F86F87C48EE92F616D4EEE624C9711D0606FD651F3B1D4DD5EF3767B76750 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
11:03:01.0452 0x33ac  DmEnrollmentSvc - ok
11:03:01.0456 0x33ac  [ F69D7A5D7EDEE16B85F08040836FB09C, 944730FA6CA6ED0ECA85848A2F00EE1E647F7DD4CC37E557A812ECE8A92B3999 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
11:03:01.0476 0x33ac  dmvsc - ok
11:03:01.0479 0x33ac  [ 8B3601E34BD1D693598F968D70361C37, 897C5AEB5ED6AC9DAB2E8E638A42FF588AF3A94EE4C731E97DFAB89BD3B658BC ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
11:03:01.0490 0x33ac  dmwappushservice - ok
11:03:01.0498 0x33ac  [ E65844BC31FE3687A745C2E48C845CBC, 826845A9FC00E4D68CDE5FA5C293DF6D41DB0E8D15B43647A1335F0A79AFD4D6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
11:03:01.0515 0x33ac  Dnscache - ok
11:03:01.0523 0x33ac  [ C79E79CD4DE45EC0EC0ECB5C76D6CB11, C1AFCA79A104EDF5C59C3E6A113467C7F73E84AACEDE97A22BCBA5B25563E163 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
11:03:01.0544 0x33ac  dot3svc - ok
11:03:01.0550 0x33ac  [ 5B1EF28DE7302A6BD5DF8459E2C598EF, F2292B8ED8FBFFA681942D5566BF1932D1E9B4F44C2D13329B60E5A8B9386CC9 ] DPS             C:\WINDOWS\system32\dps.dll
11:03:01.0562 0x33ac  DPS - ok
11:03:01.0565 0x33ac  [ AD1BEFBF96C0273925EDC9282557D984, E23B1B043E9EE25054DCEFB10C1C69009DCB1E12675DAE60B00A646735B03D99 ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
11:03:01.0571 0x33ac  drmkaud - ok
11:03:01.0578 0x33ac  [ 5242DC5849014BCFBB3147B76A899783, 759542B42D9DCC224D9CBD19A0C6B8939417F2F08B547BE07FFA3356918C1ED7 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
11:03:01.0593 0x33ac  DsmSvc - ok
11:03:01.0598 0x33ac  [ A8923D6A577D176A90A36A9EC0BD4BCB, 5EC87DA3DF7F1869D9542416651606C7731F4D1BDEC42C8A0D5285292EC7EF7C ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
11:03:01.0612 0x33ac  DsSvc - ok
11:03:01.0620 0x33ac  [ 974BC06C0EC847EA4DC8D9002D394FEB, 4952FEADD7A3EF541FD537EBBCD56ED573D712755798C42428E78267E50BAB34 ] DusmSvc         C:\WINDOWS\System32\dusmsvc.dll
11:03:01.0639 0x33ac  DusmSvc - ok
11:03:01.0680 0x33ac  [ 357D15FA5C15A44218770B40313E4856, EB5A8C01A9ABED5CE01DBDCCDC20716097351DB2E82684ED5F9488AC1072C249 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
11:03:01.0736 0x33ac  DXGKrnl - ok
11:03:01.0750 0x33ac  [ 83E4A14F851341C933C3235BFB882ECA, 152EDEF6B566D010FE519FE4B046050A5281069B48AFF8A2395D7D2BD0519701 ] e1iexpress      C:\WINDOWS\System32\drivers\e1i63x64.sys
11:03:01.0774 0x33ac  e1iexpress - ok
11:03:01.0779 0x33ac  [ 7E9A1608894297B133AF5EE18E404208, 9E2E4B4F6133375DB8E490337594BEFB86BA964223FB272A23ADD02FA8065253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
11:03:01.0796 0x33ac  Eaphost - ok
11:03:01.0846 0x33ac  [ 75CA88887850A74DDAAAF92500B6D9B9, 1C413719D0E659E20C66B0762B2FC708E55536961A1D9F21906ADBE9CF431489 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
11:03:01.0912 0x33ac  ebdrv - ok
11:03:01.0920 0x33ac  [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] EFS             C:\WINDOWS\System32\lsass.exe
11:03:01.0928 0x33ac  EFS - ok
11:03:01.0932 0x33ac  [ 7E838D857FC55535710C316441459C38, C4673014D3ED3E68E02DB5BE6DB53E45B1E4A3CE2B04B15BFD507AF703A60134 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
11:03:01.0940 0x33ac  EhStorClass - ok
11:03:01.0944 0x33ac  [ 49023DD6F646B8C70AE1C105415F3E2B, 16EC2920A2CB71C17BFA7A0E22EDAE1C0E7004C986BEBCA9435F6FDB5D8E64CF ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
11:03:01.0953 0x33ac  EhStorTcgDrv - ok
11:03:01.0958 0x33ac  [ 80D5BD4804C587B21A121566549A63FB, 9BDC1DEB8805E06851F2E2A8B8762265FDC6B12B873D391BFCB8300BDF425B36 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
11:03:01.0972 0x33ac  embeddedmode - ok
11:03:01.0979 0x33ac  [ 8BDB4EB138A93B9C4242D5ADC068899A, 528C0D16CE5D9A69EA75C43DC53D14F7BD2D8BB0B0B0F32BB1F36AC6659C6A27 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
11:03:01.0996 0x33ac  EntAppSvc - ok
11:03:01.0999 0x33ac  [ 1DF19D7A941CB06F8EADF89FA0BF59AD, 0A8891AD73AF277B764FA5CF163E6BC29DFFA0E35388A941AE27E001289C0A4A ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
11:03:02.0012 0x33ac  ErrDev - ok
11:03:02.0024 0x33ac  [ 9B538A1E44E1D61FA80E80EA75A085FA, 6431BBC533895BD466879C407B9BE7EB50345D666FEE69CAB0813283F07DBE82 ] EventSystem     C:\WINDOWS\system32\es.dll
11:03:02.0045 0x33ac  EventSystem - ok
11:03:02.0053 0x33ac  [ B2858C386B99A68C3E3F0DFAB935C232, D278EA60AED4C3769B827BF2DEE584135FFDCF9E1380B982A7AEFB531848F4A2 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
11:03:02.0070 0x33ac  exfat - ok
11:03:02.0079 0x33ac  [ CE38CED74D85849BB2C9894DCA712615, 087B9EA66C06F8AA185F78E482DCA128B0554B716A1740033FC624414AA1B237 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
11:03:02.0092 0x33ac  fastfat - ok
11:03:02.0105 0x33ac  [ BBD6407DA3DA4FC718710587E253C7BF, 8C9995A86EF9FC1FB47ADA1367A67A9829E0E3CE191D11E0AFB0F85E325D48DC ] Fax             C:\WINDOWS\system32\fxssvc.exe
11:03:02.0132 0x33ac  Fax - ok
11:03:02.0136 0x33ac  [ 6701B9973DE98578A491721B4BDE0926, 48D07092E6B44CAA529559DF620BDAA4DFCC16430DBA8178B461E556AC526DE1 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
11:03:02.0149 0x33ac  fdc - ok
11:03:02.0152 0x33ac  [ A2037943CCC079307A383C5543607CEF, 2FAC5F76526A8E4D7D7FAE80F9A0AF31D37DD12FF597769C87912B973C339BF4 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
11:03:02.0172 0x33ac  fdPHost - ok
11:03:02.0175 0x33ac  [ C11A1A9CF331B7AA2F04974EE262EC07, AA1C79FCCDEC3C7236B7BE73E6888D7DD5642EB16E13B4633C98EE34CB72A644 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
11:03:02.0187 0x33ac  FDResPub - ok
11:03:02.0192 0x33ac  [ 71CECDA2DCF81E0AD8C30440C77966E2, E26313CD895579A9F3380A648E6FC271EFED0E82C0FCFB287049C5C2D0CC35A9 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
11:03:02.0204 0x33ac  fhsvc - ok
11:03:02.0208 0x33ac  [ 9BC7FE262AF52B341048234809AA7D91, DF95BBEB59821357C69797AC659380C9F27C11B8A60A599C9A2C5623B7CBB6DB ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
11:03:02.0221 0x33ac  FileCrypt - ok
11:03:02.0226 0x33ac  [ A0AF205465482EE0FC6261782629566B, E0C0E9EB327F4DEEDF3E32EB5573A74436829078331A8EA1B795438892EE81B8 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
11:03:02.0234 0x33ac  FileInfo - ok
11:03:02.0237 0x33ac  [ 01D83D284E6B37902DB3C4D4DB0649E0, 4376F872575013DE87CA8173FABAD367FFF907086864C106A4C82933EF9DA308 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
11:03:02.0248 0x33ac  Filetrace - ok
11:03:02.0250 0x33ac  [ CE9CB1DB00B5007ABFFF0717E748E919, 314E1FA6B0CD9416894EED93ADF3DCB273FF37F6E56EF64C9E7B55E174EB3226 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
11:03:02.0259 0x33ac  flpydisk - ok
11:03:02.0269 0x33ac  [ C5374BA2CAE89DE7269EC61A969EF5D5, 520D7A4C50A9FFF308599C6EADDCADD3D9E398718786D82F02F7EE5C30E7D6A2 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
11:03:02.0283 0x33ac  FltMgr - ok
11:03:02.0313 0x33ac  [ 8F528FD267C55ABE2A156C5F6EA6B867, 540A852F250783553E042FC31D3F2D695DADA4777FF31F1BA8B60E3407333277 ] FontCache       C:\WINDOWS\system32\FntCache.dll
11:03:02.0367 0x33ac  FontCache - ok
11:03:02.0381 0x33ac  [ 4B5B18BF7E060A7FC7B80D79D542529C, 483E4D96D2E44A135FAD3B9D1AFA05B571418B3BA9864BE751DDA1DAE9D02D77 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
11:03:02.0407 0x33ac  FrameServer - ok
11:03:02.0412 0x33ac  [ 835F9C7193B6F9A796DE76897DC56968, 62D6CF40CD6B798E79FF3274DB156DAB17724EDEEC85F6602F3C0EDCDD2DBA11 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
11:03:02.0419 0x33ac  FsDepends - ok
11:03:02.0422 0x33ac  [ A01BA0506E07F316483E99D7AD9B6E75, B2CFB3AAE0E49C539C743A7F416CFC0DE2E0CFC2D5AE685F8B1BECBDB95C4308 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:03:02.0430 0x33ac  Fs_Rec - ok
11:03:02.0444 0x33ac  [ F00AA662A862BA1B5B0BB9FBDFAE2DFC, 1DBEA358E58370C1BD8D5797382FD22A19E92BA171AB70868359CF921F324CA7 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
11:03:02.0464 0x33ac  fvevol - ok
11:03:02.0468 0x33ac  [ 71DBED7FB264DB60341BC796EC2E8135, DBD29794A45AEFB16A5765D03962B311CB061D1EB8A281C5F34DABF39C66A3B2 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
11:03:02.0480 0x33ac  gencounter - ok
11:03:02.0483 0x33ac  [ EA5EE5EF9765A9157B346DF671952F18, FD0A8DBA6EA3E47D454B877CEC74B7B6BEC8B7A98BE37E9E1110D867009D9EA1 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
11:03:02.0493 0x33ac  genericusbfn - ok
11:03:02.0498 0x33ac  [ 6BE6550F1A32796A11EBC58BBC72C44D, 99DC4058EC1B3BF316F1470BF1208F0A2FC72A508BCC9E7548D91BB0FF04376A ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
11:03:02.0508 0x33ac  GPIOClx0101 - ok
11:03:02.0530 0x33ac  [ 3FC2377994D9D63FC128B6C48B22B68F, B47D6BE6FF596A23BBDB7261B1CA9CA67CD138CBF89AEA7A68882E62C0087561 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
11:03:02.0569 0x33ac  gpsvc - ok
11:03:02.0573 0x33ac  [ 508614CAC7BF8AEE4FB9002A413919B1, F60DE0236B0453FC99473A09A7FAC1140831E581C08F3F5C440F5EFCD30943AB ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
11:03:02.0583 0x33ac  GpuEnergyDrv - ok
11:03:02.0587 0x33ac  [ 248739BB0F3A1156A2C0AF51F39A9EA2, A94C43658BCCC88C2D229F40F5C03CA5839A2EAFD57CA088E3E85EB9264CCA3E ] GraphicsPerfSvc C:\WINDOWS\System32\GraphicsPerfSvc.dll
11:03:02.0600 0x33ac  GraphicsPerfSvc - ok
11:03:02.0604 0x33ac  [ DED74127C7A2266715C0B8EA2EE75214, 999507BECB4BAAC61317D98311962D446844CAC6271BFFE181F6CD6DFE221465 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
11:03:02.0614 0x33ac  HDAudBus - ok
11:03:02.0617 0x33ac  [ 95888B85956AF97320D1F5C354632957, C0218271A17897D4682192AB431658523EC87CB13551B2BDA40576BF766BB26C ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
11:03:02.0625 0x33ac  HidBatt - ok
11:03:02.0630 0x33ac  [ 33346BD26BB0AE4361DF1ED00D2876CF, 1777169606573646F7E7D54E01E421F62479DF57FAE86005B1EEFDC06F4898B7 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
11:03:02.0642 0x33ac  HidBth - ok
11:03:02.0646 0x33ac  [ 6D767FEB02DF712F783BEEFF09E06431, AB64C61E5729FB27BF9564CA8308D895CFFB992CE8606FDC31EFF01BB1FF8FFE ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
11:03:02.0657 0x33ac  hidi2c - ok
11:03:02.0661 0x33ac  [ 542AB7A14235C5227A9307ACF1636F0B, E54C4C4511727F4E70CB1C9259C56D4AC62E70BAB2F42E9AB402C1DF4AF3FA25 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
11:03:02.0668 0x33ac  hidinterrupt - ok
11:03:02.0672 0x33ac  [ 1553DF41F4EE4F60B4BEEEC62264BE71, 46AE8357E8038D35ADB82A51ED421293D7AB18C926C713F19149B97400D4C65E ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
11:03:02.0682 0x33ac  HidIr - ok
11:03:02.0685 0x33ac  [ 3030F19C6A73367D6D5EEDD157F5D01A, B1F13C2AE334C8CDF15BD96B70E92A81487308D841196A29AE3D1164CDAF9AA2 ] hidserv         C:\WINDOWS\system32\hidserv.dll
11:03:02.0702 0x33ac  hidserv - ok
11:03:02.0705 0x33ac  [ 6E3FB2047B8AE72E1B5F1C00A5F3E475, A5F791BECA43925D410751C114BCF2FC4A46D7A44BE80B02CD3259C6E271FF31 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
11:03:02.0715 0x33ac  HidUsb - ok
11:03:02.0721 0x33ac  [ 621B1FFB2E4E4745484EA01B013BF1D2, 6F6761922EF931DB95D6597A5884DEB3CC127FB9D763A5A27369F7881DE64B8D ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
11:03:02.0729 0x33ac  HpSAMD - ok
11:03:02.0746 0x33ac  [ 100CE4CEB62568F1B7B45AD1D8BE53D9, 31543F6EC6E4A20721B748979AD41C7E3FBF633333DDC2AE3F2B5E333EE4237F ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
11:03:02.0771 0x33ac  HTTP - ok
11:03:02.0775 0x33ac  [ 9E1F3BA540DB9F4942A3F50A92E5754F, 3FF53B60DC52886D6F2EC7F9D8C12009A4BECE5A046D827BC8C941E7401ED000 ] hvcrash         C:\WINDOWS\System32\drivers\hvcrash.sys
11:03:02.0782 0x33ac  hvcrash - ok
11:03:02.0785 0x33ac  [ 64A94654E5703D2E8830AA2500D8F0A4, A1E3C910DFF1485E412F01076A11B9441161224C0F08A9067082A9FD8A5D8E5B ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
11:03:02.0793 0x33ac  HvHost - ok
11:03:02.0797 0x33ac  [ 621042C19113527CF8FA89F3454576BF, AB072C44B9BA8CD3AFE0DA33E42A69210AE87F4314FA3A0DF984DDF12516F063 ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
11:03:02.0805 0x33ac  hvservice - ok
11:03:02.0808 0x33ac  [ B149905CD7451160B6BFA2191A3F6182, A706E4F12963A20F9767D8730973282B5830D97A087ADA8CA9B7D219513C127F ] HwNClx0101      C:\WINDOWS\system32\Drivers\mshwnclx.sys
11:03:02.0819 0x33ac  HwNClx0101 - ok
11:03:02.0822 0x33ac  [ FE36689912DEC37D45B7A6C6414046FE, 3AE4E52B4ECD50ABEF67DCD1E30E409908F53624D9854BDD472352E8B280F19D ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
11:03:02.0829 0x33ac  hwpolicy - ok
11:03:02.0831 0x33ac  [ A1133368F47D514D73DD7FB4C4FD2B75, 6019DABCAB9E2941D76EC62F4352FA76DDCD964671C490730BF725CA2234CA3D ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
11:03:02.0840 0x33ac  hyperkbd - ok
11:03:02.0842 0x33ac  [ B68252C53556FFB52CCE18FF30FACA99, 0463FB8661A9EF338EFBBE43EE76C63DE170510D0E9B612D62009D7D85669365 ] HyperVideo      C:\WINDOWS\System32\drivers\HyperVideo.sys
11:03:02.0855 0x33ac  HyperVideo - ok
11:03:02.0860 0x33ac  [ DA179667B8CEC22E4ECBBF4210DC0E35, 70CDB592E1775919B9AB1810A7BA18FE4851FBD493E4772741F36FC11A4CA47E ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
11:03:02.0872 0x33ac  i8042prt - ok
11:03:02.0877 0x33ac  [ B5EC43755E62591197DE5CBBDAA9FEB7, 1B4E0EAB677B09A050925879ECDA311404270DCF020AAD390692427198C73C9F ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
11:03:02.0890 0x33ac  iagpio - ok
11:03:02.0895 0x33ac  [ D8CA23F9C5FEF44296FDE1E005C06EC0, 0D7B03EF9E19B9B2A28C3318560488B3F9573CF364A533A9B4A2CD0A7FFA4F84 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
11:03:02.0911 0x33ac  iai2c - ok
11:03:02.0915 0x33ac  [ 7B769C9D19C013F94874C4B15D59A005, 53A15F0480AEC43B5A01CFB17360188885B6ECBFFF6E566D27E5B6D4C7737243 ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
11:03:02.0925 0x33ac  iaLPSS2i_GPIO2 - ok
11:03:02.0930 0x33ac  [ E0F1B3A2A70FABE3BE1C9140BB55E607, 34E5B055619F3A26B7BB6054EA49D40B7D6DAFE234F57F358FE7C8EE83E10618 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
11:03:02.0940 0x33ac  iaLPSS2i_GPIO2_BXT_P - ok
11:03:02.0946 0x33ac  [ 89A869BCC0588A3009ECB875B09ECD39, 5ECC2C6E661B326511682D8EA1C82F942C63835890687285FEF455C5C9DC2476 ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
11:03:02.0959 0x33ac  iaLPSS2i_I2C - ok
11:03:02.0965 0x33ac  [ 2E693DF3C02A0859DB8DE25772751100, 3EFFDA44B247E04258429ADC85E88E23F926FD487A3A85BF879E6E5802197B3F ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
11:03:02.0977 0x33ac  iaLPSS2i_I2C_BXT_P - ok
11:03:02.0981 0x33ac  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
11:03:02.0989 0x33ac  iaLPSSi_GPIO - ok
11:03:02.0993 0x33ac  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
11:03:03.0005 0x33ac  iaLPSSi_I2C - ok
11:03:03.0021 0x33ac  [ 26405FA714257E449581DE5D6E6200E6, 1C3055AF6BB53308B7E6268A11929881263767619FF524674C51C03B7990C0A8 ] iaStorAVC       C:\WINDOWS\system32\drivers\iaStorAVC.sys
11:03:03.0044 0x33ac  iaStorAVC - ok
11:03:03.0054 0x33ac  [ 11AC0355FE52CC8813EE6864DE7531E4, 4D77C451C230395E03B3DB592B1BDCDB8B2142961906A25F0FD070D3A8B670EB ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
11:03:03.0068 0x33ac  iaStorV - ok
11:03:03.0080 0x33ac  [ 62CD9FA7394BCDF7784CCEFC9D00C9AA, 2A09A921EBD998EC45470675FC8D803EAE5F9E2E16B9313591987AA574835CFE ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
11:03:03.0096 0x33ac  ibbus - ok
11:03:03.0103 0x33ac  [ F8CFDD8FED56E1261367A81A731BC1C0, 408187B2E7B403B47AF0D4BF089439D9BA3B3090A430983F77A55DEF2AB381DB ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
11:03:03.0119 0x33ac  icssvc - ok
11:03:03.0136 0x33ac  [ 25793D173BD83ACF8B248C97ABC3B860, 0133EEB7C08E02F3C732FA89381920E5C4BB0CD2190E49C19619FAB43C68708A ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
11:03:03.0168 0x33ac  IKEEXT - ok
11:03:03.0173 0x33ac  [ AA38C19A3D65E8228D822EB18037E19D, 54943929E398C67A5A9C72EA65F0FD7A06BB43F03A2291CAEA29443CD10C5169 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
11:03:03.0183 0x33ac  IndirectKmd - ok
11:03:03.0209 0x33ac  [ CC03A8D6443D1BB148A499366612683E, 1EF1A69B60CAB33F63C9A58B2DA0B0FCD8F21AA122F4CE8D953682C20A4BA585 ] InstallService  C:\WINDOWS\system32\InstallService.dll
11:03:03.0252 0x33ac  InstallService - ok
11:03:03.0324 0x33ac  [ 90A731E80DA9602B36887B572F5EEC23, 138221661AA91035341D08882EFD727920168FF5AC8CE2E4AD7CE0D081B8B2B3 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
11:03:03.0408 0x33ac  IntcAzAudAddService - ok
11:03:03.0416 0x33ac  [ F1B552F7ACDF6E3E4DDDB76118CAFDE3, C4047BAAECF6FA3B73EB684F53C7F81A08AA39F42F8DC7C31BF35DFA93B7C647 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
11:03:03.0423 0x33ac  intelide - ok
11:03:03.0428 0x33ac  [ E6CC7C1E7CEDC81D6B15BF2CF4C99109, 1B181F55CD2E500468FE07C9BA6F20B207FA4B601C4971D1551B80A480D42EBD ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
11:03:03.0438 0x33ac  intelpep - ok
11:03:03.0444 0x33ac  [ 2CEF9DEB97B2CA327175EE8AD5F195A1, 1D6A3B47A844A235B73F8DC2BF872A943FE980480480843EDD5935307C115B3E ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
11:03:03.0456 0x33ac  intelppm - ok
11:03:03.0459 0x33ac  [ 917931A6116F03DB3CA56CFCE8634667, 27B661B6143F4AE94BF28DE1133001F95A451C18804F6DFED1D7D1F36B5E5350 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
11:03:03.0466 0x33ac  iorate - ok
11:03:03.0470 0x33ac  [ FB72A49FAD5C343C8C38948F92D87BBF, 3947D9393D6F4F104D2D07D5FBA61041A8D6006BE2497F2A6337462F8B04A124 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:03:03.0490 0x33ac  IpFilterDriver - ok
11:03:03.0505 0x33ac  [ 9064A49C03F1CED42EAC2B4636C87192, CF388E05EA782BC0645FD0B42A41C9334C074BE6D7C193FA4F9819905CBCEA9C ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
11:03:03.0533 0x33ac  iphlpsvc - ok
11:03:03.0537 0x33ac  [ 5C58142E0F1F8AA379748CC123BA7527, 1D6D42F2595DF3C0EE8FEF751F13119951A2D040D2B22A7F0CBD6083B49F8A37 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
11:03:03.0546 0x33ac  IPMIDRV - ok
11:03:03.0552 0x33ac  [ 7408B83959A4B8271EF67FD06A6B366B, C22DDB76AC3351A50B889AD7D2756EF8612450AC8EE72C88A1044691A0071BE5 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
11:03:03.0567 0x33ac  IPNAT - ok
11:03:03.0580 0x33ac  [ 8A2A79444C72D6342976724F6908495B, 11F1246457C2171BA73C9B2BB78BC88662B3DD174C0249980528911F794C6A62 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
11:03:03.0596 0x33ac  iPod Service - ok
11:03:03.0599 0x33ac  [ 7BEA2228C81FB6E1EADDD54D615B4C7E, 8640865C98F951B1B8D99E841D9A3FDC6E0251AFAC6B02F815DC409627A50112 ] IPT             C:\WINDOWS\System32\drivers\ipt.sys
11:03:03.0612 0x33ac  IPT - ok
11:03:03.0616 0x33ac  [ AD0574F12AA812340BD39071FD30AD1E, 765F1EDFEDEA1F2728108D7A1187A468F529A883886006F74DB9EAD0BFE7B1B6 ] IpxlatCfgSvc    C:\WINDOWS\System32\IpxlatCfg.dll
11:03:03.0629 0x33ac  IpxlatCfgSvc - ok
11:03:03.0633 0x33ac  [ 030AE3773151CFA728C67E38416FAD8D, 167E698035F2F07E822B430B31F02FABF3997BAC93039786747053344CE6E6D3 ] irda            C:\WINDOWS\system32\drivers\irda.sys
11:03:03.0646 0x33ac  irda - ok
11:03:03.0649 0x33ac  [ 79D02DC54AB4F85D2C13A728A0E36193, 3B6BA678ED269195D506D29EBD9E070603F02AC0FAA92364E7C553B8856C3EDB ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
11:03:03.0659 0x33ac  IRENUM - ok
11:03:03.0662 0x33ac  [ 6ADE9DCAF71DCD888320CA47DB8B05EF, 6FA1EBB3D025546AAD14D968DF7CABD3002598F2F561CCC1D4F07A9B0322DE02 ] irmon           C:\WINDOWS\System32\irmon.dll
11:03:03.0672 0x33ac  irmon - ok
11:03:03.0675 0x33ac  [ 38A6EC08D0067DECF7B5BA4C871B846C, 0FAB8EACA2BB4A0BF3895B6BB7CA9BCF74447CF640535A57998C6A4A35EAC030 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
11:03:03.0682 0x33ac  isapnp - ok
11:03:03.0689 0x33ac  [ 5529131AAB75E07D9295B19E20C54DAE, C2F2C7D33945C13DDC5EF540581772CEF73EFB23F19E6BCDBB6A99D8C96A302B ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
11:03:03.0701 0x33ac  iScsiPrt - ok
11:03:03.0706 0x33ac  [ C35FD802C800F3CBB4FD426D5A542A22, B2325956DB68222C5FBB43DFA0BF5EEC073470010E13997F2A5635CC89D66872 ] ItSas35i        C:\WINDOWS\system32\drivers\ItSas35i.sys
11:03:03.0715 0x33ac  ItSas35i - ok
11:03:03.0720 0x33ac  [ 17F3B012B28F27E7B813A7B037A3D790, DADE75BB016438B7E0A11A1CF1FFA596C27246EF7F4E04D96366029C9F65F0C5 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
11:03:03.0727 0x33ac  kbdclass - ok
11:03:03.0731 0x33ac  [ 843B4BBD15DD0340C5C293CD419D4A76, F6D17CCE13697669DA4EF1F83E394F5496C437496E0E09307F8B615DE3216CC5 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
11:03:03.0741 0x33ac  kbdhid - ok
11:03:03.0744 0x33ac  [ 5BBB86F3F1700E0ACE1DF10F0EF7B227, 348FE61522F8C24F407F87D2966F62BD816DF27CD824AC103699CA66EE799640 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
11:03:03.0756 0x33ac  kdnic - ok
11:03:03.0759 0x33ac  [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] KeyIso          C:\WINDOWS\system32\lsass.exe
11:03:03.0766 0x33ac  KeyIso - ok
11:03:03.0771 0x33ac  [ D54931F61470509C2DEBF6B99F9C314F, D054A3E8EC01AF0175B7764E98E0C764F5CD446C89E156FE4035D032CC30B026 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
11:03:03.0780 0x33ac  KSecDD - ok
11:03:03.0786 0x33ac  [ C52C20AACA6DEB2711C247CA24008CF1, B64D033983F4516977B31BB6A622A2A661B6AE89366031C86E1C8481DE741525 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
11:03:03.0795 0x33ac  KSecPkg - ok
11:03:03.0798 0x33ac  [ 10F2EBC1F1C4549C355781715DE47B66, 9D23CBA56245532D88396DF99C62A26E71A7EEEF7CD8BA98FFF9FD2804DDF946 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
11:03:03.0808 0x33ac  ksthunk - ok
11:03:03.0817 0x33ac  [ C4151271434A490707B4FD4E6AAE9EED, DDB809D002039645CDED08322B9CDCA04C483A119380098FF9EBA998A1A3811D ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
11:03:03.0835 0x33ac  KtmRm - ok
11:03:03.0843 0x33ac  [ 081D030BC669BDEDC68B8FE81A67E6A7, B5C1FA89ACAE1683A524CD14E2D7D6C3C1FAE0ABCD330841D493FC6DB0843798 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
11:03:03.0861 0x33ac  LanmanServer - ok
11:03:03.0868 0x33ac  [ 514E8BD07F42D95667F54777D57403D0, 3D024A18F7AC70A846FAB3255AA1048F8DD1DC4301F1B70B647B71F5E7A1AA24 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
11:03:03.0886 0x33ac  LanmanWorkstation - ok
11:03:03.0892 0x33ac  [ 808AEDFB82408AF854A32EFBF54F7066, CBD0E6F367BD6DEE1A2C9F6754BC3BE18AFD5715D3D69399D3104406127BB32A ] Lexware_Update_Service C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
11:03:03.0898 0x33ac  Lexware_Update_Service - ok
11:03:03.0902 0x33ac  [ C2A49E8EEE7C3D06ECA80847A42F65D5, E1559EF96E6F2146E4AC0BE46CBFF5FA29829812A64A6F09803C00E3E0AAB1F0 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
11:03:03.0913 0x33ac  lfsvc - ok
11:03:03.0917 0x33ac  [ DB8F10ED986BFE0A5B663A1D067F2CCC, 88EE540F545C8838E9F855094A2A4AAC096BD24F77103E06464CCD77C3FCFFFD ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
11:03:03.0928 0x33ac  LicenseManager - ok
11:03:03.0932 0x33ac  [ 3CF979AFF0196DF3DF5E54DFC049EB1F, FEA82EF2AA4222171E80548EB00A4F0FBD27363B84AA9E6B8F82147C568BADEE ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
11:03:03.0943 0x33ac  lltdio - ok
11:03:03.0950 0x33ac  [ D6DD748EAC3BC540CFE65C73FE20C099, 8A79E1F1834D949D027B4D3471297ADFB539B9282DE5DF5FDBE60AE171F3CFFC ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
11:03:03.0967 0x33ac  lltdsvc - ok
11:03:03.0970 0x33ac  [ BD35F484DA59014D091736F8F10BFB42, 7004408EEE281BA707248369910483928A15F3304F4A8F594EA2E04D43929926 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
11:03:03.0982 0x33ac  lmhosts - ok
11:03:03.0987 0x33ac  [ 48380096385DB46E43D85CD92B9500DB, D93F4FDAA5A665E09004F7676E821AEAD0ED059F0E006FF73F02BB8FF1C0F9FC ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
11:03:03.0996 0x33ac  LSI_SAS - ok
11:03:04.0001 0x33ac  [ F708223E5829510DF0D5AF209D11C8B8, DE82ACC6D04092C22BA4E63CF527814467870A10B93D7E9B061DBA23CEF9424B ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
11:03:04.0010 0x33ac  LSI_SAS2i - ok
11:03:04.0015 0x33ac  [ B91BCC8F670F128A4BB826ACF2C2B9D5, D905232E3E49EA6CACE04CDB241D12CA9E84F106D15340C921B980610C1080FB ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
11:03:04.0024 0x33ac  LSI_SAS3i - ok
11:03:04.0029 0x33ac  [ FA31CDF977CD31AF9AEAAA422966ACC1, 705761786930A2534CD1B797F5F16F56F58647192175F5D19E13642A89462CAA ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
11:03:04.0038 0x33ac  LSI_SSS - ok
11:03:04.0051 0x33ac  [ 52B6D805C60127F0456DF019775F5740, 3005C49349072EDD68DBFC6DBF884FC75E060920EA3FA90A60C39F5A83939595 ] LSM             C:\WINDOWS\System32\lsm.dll
11:03:04.0076 0x33ac  LSM - ok
11:03:04.0081 0x33ac  [ E86400D7B6E095E89CF63667D94D3F50, 4E30374B82FB1D8904B9803109C4557C565023FA94C7AE61BB2ADAAACAE0E179 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
11:03:04.0093 0x33ac  luafv - ok
11:03:04.0099 0x33ac  [ 07514F5635999D7DDB5F3A62B5C5AEB3, D3717437D14C36873E2D0C1AA65F29EB9A5DB1DE60A7EE86A093FD126B7EBC05 ] LxpSvc          C:\WINDOWS\System32\LanguageOverlayServer.dll
11:03:04.0113 0x33ac  LxpSvc - ok
11:03:04.0117 0x33ac  [ 1C1FF36E51F73989FB4DD2DBAFAE11EC, B5C0B169BFEF5FD769745F924B3F30C960A555F8B0C0C7315B273435D9F246D5 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
11:03:04.0130 0x33ac  MapsBroker - ok
11:03:04.0140 0x33ac  [ BD3D311802427608403C5E73A8D6137D, C85DCB557E931E302AF90270731C3F5AA820CDF14D7DBACA95284FD9E4BF5F3D ] mausbhost       C:\WINDOWS\System32\drivers\mausbhost.sys
11:03:04.0156 0x33ac  mausbhost - ok
11:03:04.0160 0x33ac  [ 61C2D9790943D8E3AD05AE35E4A313EF, 96BBA5333F4AEEE41FAD28124DD448CFECD8111F931758CAB60FCB1DAA05E239 ] mausbip         C:\WINDOWS\System32\drivers\mausbip.sys
11:03:04.0167 0x33ac  mausbip - ok
11:03:04.0171 0x33ac  [ 61BCE12529E96E6F0335A2A8DEB83C61, BFDD1E52736311CF53AE9C778C664D37B5B711B544BC41BDFB137F7A9789AD2A ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
11:03:04.0178 0x33ac  megasas - ok
11:03:04.0182 0x33ac  [ CA22763F12783A9C81C512ED747CECDD, 8D2403364D5479D89479FA0C23BB9511A4360F51504F78AA1675220CDCD21398 ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
11:03:04.0190 0x33ac  megasas2i - ok
11:03:04.0194 0x33ac  [ FDB06D857FC43D654547BBB31D039DB4, 4CBE0F0FBDD88A5DB4F333466BB4E1C886E0742D41B4ED418587B40C4F59B307 ] megasas35i      C:\WINDOWS\system32\drivers\megasas35i.sys
11:03:04.0201 0x33ac  megasas35i - ok
11:03:04.0213 0x33ac  [ 230361AF74DDB91705284E024A22DF4F, 82F13E3E4A8B3CB6AE65C1C9F878702D16D101B0DCC79B9FF8368F9B87E0F285 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
11:03:04.0230 0x33ac  megasr - ok
11:03:04.0237 0x33ac  [ 8EC6459491D8508BBA5E3CEC5C930914, E01AEE2E6F569429BC5582AEB63A2CB288499A878B0806D21CC9D78F00E0B284 ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
11:03:04.0249 0x33ac  MEIx64 - ok
11:03:04.0252 0x33ac  [ 69259AFDF347B5F4AF06E900C4A1F62E, 167FF155F3E1B362A5D5FDB010A5F539F5E13CAD7E64E6F105CC770DA3639EEB ] MessagingService C:\WINDOWS\System32\MessagingService.dll
11:03:04.0264 0x33ac  MessagingService - ok
11:03:04.0269 0x33ac  [ 1ECAB1D7A88F953397D09ECFCF789B91, 42AFE658FABAA6816700886B2F0697A692DE6B5DB0B90B361E099BF79B44E389 ] Microsoft_Bluetooth_AvrcpTransport C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys
11:03:04.0279 0x33ac  Microsoft_Bluetooth_AvrcpTransport - ok
11:03:04.0294 0x33ac  [ A8931C3820D5F392D89176E0628E766E, 0F035833B1CBABDF9E5142F3E5EB6413DC7DDBF3A0562170018A8EBA20992CA4 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
11:03:04.0316 0x33ac  mlx4_bus - ok
11:03:04.0320 0x33ac  [ EB4D7C9354CB88DE4B085EA3EEA5BC76, DD842967ED5A9232AF34E68548C98F9760487D5626C9628A44598A97B28F24D3 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
11:03:04.0331 0x33ac  MMCSS - ok
11:03:04.0334 0x33ac  [ CA25F2D78FDD0D36E3F3071B4B317BD4, 21B5902EF802FAFA7DC6FD737CE9888C74526983FDCE31CDFAB11630E1476FD1 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
11:03:04.0344 0x33ac  Modem - ok
11:03:04.0347 0x33ac  [ 13142B3B30F633F407D5256B2FFCCEF0, 0A8DD229FD752E8B7E1D11E1A066BCF8B3E2023068AD731FF23ACBF4D182D23D ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
11:03:04.0360 0x33ac  monitor - ok
11:03:04.0364 0x33ac  [ 66C9CCC6A100ACF7A4514BD3091CE566, 1423EC39D4203D717B79BF2E5F4A89A0541CCEA2162351A670EA46AA69A0859D ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
11:03:04.0371 0x33ac  mouclass - ok
11:03:04.0374 0x33ac  [ 6BE61DAF4CDC0E13940096EAC4A9F490, 954DA0C9FE3881030EC0B9A428C2C2BBC86353EC9421009AC48FDC047315160F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
11:03:04.0383 0x33ac  mouhid - ok
11:03:04.0388 0x33ac  [ 2CFB54C638F75E39FBB22723401A8A56, 5E4B1107534AF4ADCD031FC4931B6819B8371720A3D68B5C9788C2AB34DA2C21 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
11:03:04.0396 0x33ac  mountmgr - ok
11:03:04.0401 0x33ac  [ 9ED85AE9682DE81A22B3FDA490766303, D5998EC9F47F805B70E1667CAF1D52210F7DA565BF944411E455C0AA2F83147F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:03:04.0410 0x33ac  MozillaMaintenance - ok
11:03:04.0416 0x33ac  [ BF2513029E231BE96D82F7C3ABFF87F4, F6DB64112CC50EEE495E2D7C61B8BDBE757A31B03144B0396615FD38C312824E ] MpKsla74aa3e8   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4E4501E8-5B48-4EB6-8533-729DC47AC233}\MpKsla74aa3e8.sys
11:03:04.0423 0x33ac  MpKsla74aa3e8 - ok
11:03:04.0427 0x33ac  [ E2E2C07657D8A724FC0B97E828E89701, B72D0C08CB7C7E647E01E19D717D4A6B97E14A60F6600E4039EBE4F26F576D8D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
11:03:04.0439 0x33ac  mpsdrv - ok
11:03:04.0455 0x33ac  [ A69A8D833AB4C94710E00604EAC09BA7, DDE0563780CE6F43ADB0D8DD7993C3576ED49EC1AF35AE7BE3F644CD4C2B545C ] mpssvc          C:\WINDOWS\system32\mpssvc.dll
11:03:04.0486 0x33ac  mpssvc - ok
11:03:04.0493 0x33ac  [ 1E49E45D68E4E7779B9E36F39407C5D9, 08E422BE41A69EE3D9AC482DED2A35D0EF1F366CCC7E6675720479D28E23B6A8 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
11:03:04.0504 0x33ac  MRxDAV - ok
11:03:04.0515 0x33ac  [ 3C0FA2ED75875481D00F3D77B1A3E336, 031E1A6F826CEDB44D9FAAA1615872087B822F7A4E0731D3023AEF1CFCD10A2F ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:03:04.0530 0x33ac  mrxsmb - ok
11:03:04.0536 0x33ac  [ 42FE3D84EFE835443151DC2A50D05643, 3582EA0CAA2A02AA9A6FDECF9DE0F962BF10FB1C2E7E804A3F0D62C4A4C365B1 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
11:03:04.0547 0x33ac  mrxsmb20 - ok
11:03:04.0551 0x33ac  [ F14DE177087F9E990EDE95ACE1F94662, E0B8C7DAF8C13CAD08B974D681981038E33ED8871717C550477EDCFD05A3B96D ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
11:03:04.0564 0x33ac  MsBridge - ok
11:03:04.0569 0x33ac  [ 9A94F32C1DC90A7E5A35D0F820A8FB1D, 4CAFCE804D9135BE9CBF80307D570F24E4A102890DAB504E3DEFF3B335C9B80E ] MSDTC           C:\WINDOWS\System32\msdtc.exe
11:03:04.0583 0x33ac  MSDTC - ok
11:03:04.0587 0x33ac  [ 128E1D8C23F690DF1DD7AFDB214DB6ED, 9A04B77E91956B76B2FA2FE5F192C794E0C1DA708AE99B64B3B3D39902452E39 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
11:03:04.0596 0x33ac  Msfs - ok
11:03:04.0599 0x33ac  [ 5A5ABA987943317300A4E55A5C5EB8C4, 9AC863F537BBB2D776C3F240B510DEE94BD84A7675C695D1270770609E77F65B ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
11:03:04.0607 0x33ac  msgpiowin32 - ok
11:03:04.0609 0x33ac  [ D727DEA75E316C80793C7098225D3F56, F6E7F01DDDED03E29BE64796873875A4CC7215B3C8152192A465EE2E76FFC8A1 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
11:03:04.0618 0x33ac  mshidkmdf - ok
11:03:04.0621 0x33ac  [ E12A703CE10B068727499276340D5296, 67F513A83D896DBF014D7446D66F1A1F9F0D03ADB23B57FD1A3CCC880ED50299 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
11:03:04.0630 0x33ac  mshidumdf - ok
11:03:04.0633 0x33ac  [ 8E42D6B92CB4567467E29F58F2E31715, F1EEB6811526C079EF8C3702A535B23FA14C5A33CA2B14C9A65BAE136568B724 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
11:03:04.0639 0x33ac  msisadrv - ok
11:03:04.0644 0x33ac  [ C9930B9F2ABF42C732202813951A9A26, FFCE4E4FEC9F8393C75828C1D5CC380A666D4606891789D3A6923CE6701D5D99 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
11:03:04.0658 0x33ac  MSiSCSI - ok
11:03:04.0660 0x33ac  msiserver - ok
11:03:04.0663 0x33ac  [ 6CF0815F0A75828CE1E0EE87EF0082F9, 5F6C7DE2A9EE5E98C02B903F13EF98C95162DAECEC08098972507F626BD71F4B ] MSKSSRV         C:\WINDOWS\System32\drivers\MSKSSRV.sys
11:03:04.0673 0x33ac  MSKSSRV - ok
11:03:04.0677 0x33ac  [ AECFFBE104D428E8A74BCABF5B3B9912, EA94A7FA1F9BE357311E411293F4D3CC8F80ED1523BFE362DA56A3C2AC65DF58 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
11:03:04.0690 0x33ac  MsLldp - ok
11:03:04.0693 0x33ac  [ 83364A92271339D8042C9DD5FD938A84, 23B9A90411DEF1ABA0A9EBFA6CC39F7EA2BFABD578F3783AD398551816AFEC2A ] MSPCLOCK        C:\WINDOWS\System32\drivers\MSPCLOCK.sys
11:03:04.0703 0x33ac  MSPCLOCK - ok
11:03:04.0706 0x33ac  [ AE5A4B89CDFF544B6481970BFD48A056, 6BE9ABE33305387AA61B29AB075C2C72CCFC01A7E86C573B6BE9B4A0FFA9D3EC ] MSPQM           C:\WINDOWS\System32\drivers\MSPQM.sys
11:03:04.0715 0x33ac  MSPQM - ok
11:03:04.0724 0x33ac  [ AA4B272A4083356918D96679C74701C2, 42A053E5876761E87CDFC504D76749BE6236BAD275F0ECFD8B8BA1C1658CC73F ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
11:03:04.0737 0x33ac  MsRPC - ok
11:03:04.0741 0x33ac  [ 4566CB65F176CE5CD8FCA487D2E3A64B, C058E431ED6D3F83A6C923648A79664A61A25F8797DA83C4AE25B491CC195F30 ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
11:03:04.0749 0x33ac  mssmbios - ok
11:03:04.0751 0x33ac  [ 8A11E03B32840C0B73C14D16794F1A8A, A003C44F5234522454E285D388E506B7880CCE5FCE5622618F97C2DFFC6EA9DB ] MSTEE           C:\WINDOWS\System32\drivers\MSTEE.sys
11:03:04.0761 0x33ac  MSTEE - ok
11:03:04.0763 0x33ac  [ 794285C4F166B8108292E63FEA3C41E3, 69BB7DDB7D6F3D21395432384FB06E114B2C343664CD62A5DE1A95FBC0F5AEDD ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
11:03:04.0771 0x33ac  MTConfig - ok
11:03:04.0776 0x33ac  [ EEB9D3E90B83546864211D63C1A0A74A, E67118F7B91A192B50C9C2DC159B4276BBD8BF9CC935ABADA459E4DF4191066A ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
11:03:04.0785 0x33ac  Mup - ok
11:03:04.0789 0x33ac  [ 69CECA6726FAD321F5643B16A1FF3934, 8F43BEC668DD0A1D65D3B545B78AF4324AE36DCC3524B7CF3385FE2B19CB6B07 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
11:03:04.0796 0x33ac  mvumis - ok
11:03:04.0808 0x33ac  [ B66E5DDF484DE03D61B83118E45D5E11, ECADFC9178CC957498F54F22758F4944C23CE692653DA1862061C9382AE8FD23 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
11:03:04.0829 0x33ac  NativeWifiP - ok
11:03:04.0845 0x33ac  [ B281FAC1C60FE21ED3F635ECF673A981, 6641CCBD38AEF3FA5D9EDD24F01AAB6509AD6D3927371CD7938C04B3BBC92FD1 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
11:03:04.0874 0x33ac  NaturalAuthentication - ok
11:03:04.0881 0x33ac  [ 6FEC83EDC4A3D1E99039CA1D96AD720D, F6DB011FBED10EAF8CCDC9EDDCB47F728B6B17A6A3CA5D6DB5DE50EEFE7DDD4D ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
11:03:04.0899 0x33ac  NcaSvc - ok
11:03:04.0908 0x33ac  [ C3D3E2DFBD52C48EA787604F49060A5C, 0F5E3C9E63F6421398154EF942182FE67CCCCE6DE25B1EE2A30A8E6E3C17145A ] NcbService      C:\WINDOWS\System32\ncbservice.dll
11:03:04.0927 0x33ac  NcbService - ok
11:03:04.0931 0x33ac  [ 9AB04C4C14B32D127DB6E7D3DF79FF26, DAC84CBDF605C43657CDA1B95A86DC0D55E236A75BFDA3041472C5D6222EB025 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
11:03:04.0943 0x33ac  NcdAutoSetup - ok
11:03:04.0948 0x33ac  [ AB9EB3CADF4D415B598487397476A23A, EA48BC5CCD9814F6CA50485818BA150A1066D462306764C197935A926DF0565E ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
11:03:04.0956 0x33ac  ndfltr - ok
11:03:04.0978 0x33ac  [ 5269DDC879DF5FEA2B7DB91AA4726CCA, 14B0A7A03A1A49D7018F8E82A8B95BEDCBF444535B4FF4A38157FC4FD61FA72B ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
11:03:05.0008 0x33ac  NDIS - ok
11:03:05.0012 0x33ac  [ AF73B18F3096B165A6F4417C5ED36B01, B0FA9E52D7208F756103E2E853F1D17F594C9FDD2E76304743C581613E612449 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
11:03:05.0022 0x33ac  NdisCap - ok
11:03:05.0026 0x33ac  [ 1A9B1F5B8B131CE461A01C9424E149D7, 66E3F49308DF111B5D5DBF57F11A05E0B9492530587E37C6729C46AED17647D3 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
11:03:05.0039 0x33ac  NdisImPlatform - ok
11:03:05.0042 0x33ac  [ 4C8BBD7EE829CE9BFB8E21134AC477E0, ED8E0D603AFFA4BD7C7057B7B10FEB811B89CB8C6D66EC8212AC24062D58CEDB ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:03:05.0052 0x33ac  NdisTapi - ok
11:03:05.0055 0x33ac  [ 76DB7B344F90A29A16CB6B7C67B87CF6, 921E6AF5B22CF3A9E153F6A6F5E3FFE64BE49959AD705F865D2734B0F8A07517 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
11:03:05.0068 0x33ac  Ndisuio - ok
11:03:05.0071 0x33ac  [ A76D79B71300EB3FEDD3D12D4C6F1D76, 9B20C3716DDD9EECCDDFA2C4F1A9ACA512B612A8CDFC8C22B2F867280AE51A3B ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
11:03:05.0080 0x33ac  NdisVirtualBus - ok
11:03:05.0086 0x33ac  [ DA9896F6ED9EAFDAC19177ADF99DD932, A89EA83567059A59058C0330951B292C1FD98A829276618703570293C73E2FFE ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
11:03:05.0100 0x33ac  NdisWan - ok
11:03:05.0105 0x33ac  [ DA9896F6ED9EAFDAC19177ADF99DD932, A89EA83567059A59058C0330951B292C1FD98A829276618703570293C73E2FFE ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:03:05.0118 0x33ac  ndiswanlegacy - ok
11:03:05.0121 0x33ac  [ 934E4A5CFD9CB891CD338052FA3467C6, 0D7C1709E6C818E2DA969220C888BF3A28D0952E73322EDDFF66AFEEB03A3103 ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
11:03:05.0132 0x33ac  ndproxy - ok
11:03:05.0136 0x33ac  [ 0E3B0F3645D1BAE79397C66FE8AF6402, 6568FD9646FE7C7D61D280C26097583EFA2FB9F59D43340A7283BEAD3A5CC206 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
11:03:05.0149 0x33ac  Ndu - ok
11:03:05.0155 0x33ac  [ A704515CF3038668E9E2CA66E31A0700, 0F5A75AC5FF8E021D15D89ACE4C4D215825D931097E1BB633F46177E36F40157 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
11:03:05.0170 0x33ac  NetAdapterCx - ok
11:03:05.0174 0x33ac  [ DD09E3115DF2CDB36FED21E67149EB91, F2FAD5091F456E593FB25843026C5F2440D3605E5355F5FEFBFEF5E9E70DDED6 ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
11:03:05.0181 0x33ac  NetBIOS - ok
11:03:05.0191 0x33ac  [ 045A018E0BA5F9B75C5928A31C0E822C, 4285B752D5D1BC601B43537064DCE385F52A46D13E7988088B3BF2E2ADF3E2F2 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
11:03:05.0206 0x33ac  NetBT - ok
11:03:05.0211 0x33ac  [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] Netlogon        C:\WINDOWS\system32\lsass.exe
11:03:05.0218 0x33ac  Netlogon - ok
11:03:05.0225 0x33ac  [ C3D07481FDD607F9B66B2CF1D8E26EF0, 5B20EAE39884B103F83A36E9AA55BA8932432344C7BADB11D8B827C07C7999E4 ] Netman          C:\WINDOWS\System32\netman.dll
11:03:05.0241 0x33ac  Netman - ok
11:03:05.0252 0x33ac  [ E9931F57F05696CBF53A086449D97BF6, 986C99033AA10A258F0CC42727B14C5812BC76AB535CDF54FCA1B038C4BF9546 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
11:03:05.0273 0x33ac  netprofm - ok
11:03:05.0282 0x33ac  [ C8B1AF912319FEF251288BDD27E9576D, 0A8C2CDE353C23F076F6ED8609F3074116179B3C8BF7700324250689FDB2331C ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
11:03:05.0301 0x33ac  NetSetupSvc - ok
11:03:05.0309 0x33ac  [ 7EC8B56348F9298BCCA7A745C7F70E2C, F677CBD94ABE25AECF08ECFBBDA063A9C032C678327A0D105CB6B3E587C44C19 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:03:05.0320 0x33ac  NetTcpPortSharing - ok
11:03:05.0326 0x33ac  [ DA8548D75434CE421BF921BAAC0916D9, 3A7E1D5EC02D6D4FD3321A1B8ADB20E99DD556E2D5FE1C98633F06EE6A023A23 ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
11:03:05.0343 0x33ac  netvsc - ok
11:03:05.0355 0x33ac  [ 162A571ABAF9546339EE0BB482FF6AE7, E6E590B628AA65D161D7A87C9CF360D905FCC858E73EE1C4723FE217E8A91EA2 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
11:03:05.0380 0x33ac  NgcCtnrSvc - ok
11:03:05.0395 0x33ac  [ DB3589FF79F06EC1967EBA56C7249E3C, C3F1B4687F2AAE869C8566B38DCFE507F8E7201A2241BD5342AAC22A2370D5E4 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
11:03:05.0424 0x33ac  NgcSvc - ok
11:03:05.0434 0x33ac  [ BF69FF80C3975B1D1E9428A689A16CB1, 670016D59D2169B44E2EF4CBDE281A34C4E868D2465362B09FA2DBFA393A2804 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
11:03:05.0452 0x33ac  NlaSvc - ok
11:03:05.0456 0x33ac  [ 7190932DB00BE83B57C01B5EAC4D746B, A3C7C87874620E042EFCDF64332450ACEDD4FAB7F6C1B2DE97A1C6EDA2DA3055 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
11:03:05.0466 0x33ac  Npfs - ok
11:03:05.0469 0x33ac  [ 218DB396170D77BB94F69B526CC51B8F, 6AACC3C38E22061A210918771D3B087903CB7024AFBD013827864C02CD75A3F9 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
11:03:05.0480 0x33ac  npsvctrig - ok
11:03:05.0483 0x33ac  [ 457DAC0D0978F5391E0742ADCB4C2E28, AD53F2FC597E90AFF0795655A36192BA803AD1E737C86FD216CD39E2EC4F9C36 ] nsi             C:\WINDOWS\system32\nsisvc.dll
11:03:05.0498 0x33ac  nsi - ok
11:03:05.0501 0x33ac  [ A4952889D7C5804F17ABB9F454A371C2, 0FCE2AD4F705805D95993337915607F74CE2AA9EC92919DDE3D2569D6B9B5C13 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
11:03:05.0510 0x33ac  nsiproxy - ok
11:03:05.0549 0x33ac  [ 2B98586D5D7D536E8BDD33E276A1EE16, 915323F7F06C5B0A076BE840CAC9385FE1288C3DE1BE0A600F31DA72EB144CCE ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
11:03:05.0598 0x33ac  Ntfs - ok
11:03:05.0603 0x33ac  [ C029E5408EEE26C3B4E5BA5D29738DB8, 8463A19A690304DC757E7698FCB59902B6305A0E9C48BF2FB2DF24C1EFA4A6EC ] Null            C:\WINDOWS\system32\drivers\Null.sys
11:03:05.0615 0x33ac  Null - ok
11:03:05.0619 0x33ac  [ 189E5FCB96ABFEA84239A16062256EE4, F3233B1B14363CD4CD032F43368FD10A42C0BE665F4B13A7E253C327C2B832DB ] nvdimm          C:\WINDOWS\System32\drivers\nvdimm.sys
11:03:05.0630 0x33ac  nvdimm - ok
11:03:05.0635 0x33ac  [ 1F50ED95984009BF3634D6BD1A16FA5B, 650A25B2419331D95B1E4C26DE253AC3500374EDEFC5DB55CD5D5884A26783F0 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
11:03:05.0644 0x33ac  nvraid - ok
11:03:05.0649 0x33ac  [ D6C14906B78F235461EEF96A886830D4, 5D0EDE46EB9965C494B994F7071696C91C0C01352D1B000501E7B55F54F11952 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
11:03:05.0658 0x33ac  nvstor - ok
11:03:05.0666 0x33ac  [ 9DBC464AB85AA48C9760C6C2E591E2D3, C9D718F8BE838E13F7488F1E8DAA79809340235A5BA5BF206C1C3DBF0A5DDB48 ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
11:03:05.0686 0x33ac  OneSyncSvc - ok
11:03:05.0694 0x33ac  [ B65D999FE008AB8F234944B2BDEF301A, 23DB9A2E32D0479C937A7B607CE34C050CD332C6D211084E70D3D16CBFDD3C87 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:03:05.0703 0x33ac  ose - ok
11:03:05.0712 0x33ac  [ CD5ECD6470B6B235B73569A091150299, FAAE20B0F2F15ADA5B3F5F2BBBFEA000A95EC8A64B37C9364145CE04EE204352 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
11:03:05.0733 0x33ac  p2pimsvc - ok
11:03:05.0742 0x33ac  [ CCD10679BA0D9EF549F80C458C2AD1C4, 7B433FEE4BEA69C28A98F4BFBE5FA603DB2CE1DFCF229EBB4D9B7A0FD159FF04 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
11:03:05.0760 0x33ac  p2psvc - ok
11:03:05.0764 0x33ac  [ 13B175715A4391E4E5D2AB2EBC8CDBB5, 12BA91A586C5A31FBECEB2D4842E52F79EDD3E2AD4DB169C902B9A120AEC0201 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
11:03:05.0775 0x33ac  Parport - ok
11:03:05.0780 0x33ac  [ 428B9FAFB0EE6EF66EAAB7B49A96487A, 90892AC924B529B86B42D011B2B2F0556E204650C890FDACABD8051AD6EDB631 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
11:03:05.0790 0x33ac  partmgr - ok
11:03:05.0801 0x33ac  [ 0CF87FC2DA60940031D553F8FDF5066B, 95F8A15210D6F431B84C6E18643F93C9D16F53D3FF4873F9A327A77924B4B9F8 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
11:03:05.0818 0x33ac  PcaSvc - ok
11:03:05.0827 0x33ac  [ 7B6C0AFE5029A791F23B03EB13194797, E175EF1248ABD178A3C54D2CA910D2F3B7B1AB07A79CB88A383307EC1876C7A0 ] pci             C:\WINDOWS\system32\drivers\pci.sys
11:03:05.0840 0x33ac  pci - ok
11:03:05.0843 0x33ac  [ C447CDA030A3415711E4E940D2E9B399, 292888AE9D44013D8B12BB1D8803988EFF64957DE682B64FDC82E100646390DA ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
11:03:05.0849 0x33ac  pciide - ok
11:03:05.0854 0x33ac  [ 753174DF234EA8BBF732986D5F78FCE7, 6BE93B24DA2161DAE5ECBE393729BD4661F04CD0CDEBEBF6D92E9E212FA89D71 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
11:03:05.0862 0x33ac  pcmcia - ok
11:03:05.0865 0x33ac  [ 1D05B6DE437515281CD91A16C16529E6, 0FC581E40AF55D916CF428ECF4387C1E909C3361426F1D9F723F9497C9B025D8 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
11:03:05.0873 0x33ac  pcw - ok
11:03:05.0878 0x33ac  [ F5F1A092463D6E46E71CC709A65403D1, 9EEB499D54842667B4ECF1036E28926C8AD20515333373D2965C57BC2C7EAD4C ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
11:03:05.0887 0x33ac  pdc - ok

Alt 28.05.2018, 10:06   #8
Stage2009
 
Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung) - Standard

Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung)


musste es leider splitten:

Code:
ATTFilter
11:03:05.0901 0x33ac  [ 42B12A76D3C98AE69C97727E3BEC7D8A, C878A05A9817F62514432685FAA795737F628EF7258EC5C7846045E1CAB2DF6E ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
11:03:05.0926 0x33ac  PEAUTH - ok
11:03:05.0931 0x33ac  [ CD9BA1C279BE0E92E971C2B45A7F3D9B, EC6546868718771EE45D07E9E856E5F33DD4339C1115E4479D7DEF4394D141D0 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
11:03:05.0938 0x33ac  percsas2i - ok
11:03:05.0941 0x33ac  [ 6D5EA79E82A48B181E18C2C39416E8C8, 4F5EF24FFFABB82B1E9D98DE3275508D458589F729C4976FDB3C2EC51549D414 ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
11:03:05.0952 0x33ac  percsas3i - ok
11:03:05.0964 0x33ac  [ 185100798FBD23C849DC1C00ED43D99D, 10895ADE339744BBABDFB50BE6025217C02C76B1911C2C8740A57912385B38DE ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
11:03:05.0990 0x33ac  PerfHost - ok
11:03:06.0008 0x33ac  [ 630C3D645133B759CFC0E354E2A55D11, 094465C2DB324A784EA505C9C2CF06A12326F105EF767126BBDFBFE3D081E6E0 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
11:03:06.0037 0x33ac  PhoneSvc - ok
11:03:06.0043 0x33ac  [ 807ED476A62E79935315342BD3FAA046, FF56FC79C6B6043A10C123CF85A8DDA0B8564E03D49AD5811DDCBB99823C4836 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
11:03:06.0058 0x33ac  PimIndexMaintenanceSvc - ok
11:03:06.0083 0x33ac  [ 4E614DBE28B5857F70DEBCC804629E67, B93C42FB96BBA0577CB892274905352AE4A6DE257F676D6A23CE0297F945D7E7 ] pla             C:\WINDOWS\system32\pla.dll
11:03:06.0129 0x33ac  pla - ok
11:03:06.0134 0x33ac  [ DBD6E8A5C358AAA3B4900EFD5CF94CC8, C8261CBE358562B3F31ADA0567723E0118A8687DFC8939FABC65E61C38BFE20B ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
11:03:06.0146 0x33ac  PlugPlay - ok
11:03:06.0149 0x33ac  [ E8BE4041A69023B6A4D1096EE8436347, 133BAA21852D077EA600F0A09C112F6511ACB792757472891E71185E94135D5B ] pmem            C:\WINDOWS\System32\drivers\pmem.sys
11:03:06.0159 0x33ac  pmem - ok
11:03:06.0162 0x33ac  [ 99ECEDA6B2E1FDB6892FBD5AED1E5D99, C970DDDBDB4AF8C6A1AA92D780B82920B4922304649509075CF14A2AB86C3CCF ] PNPMEM          C:\WINDOWS\System32\drivers\pnpmem.sys
11:03:06.0170 0x33ac  PNPMEM - ok
11:03:06.0173 0x33ac  [ 75690F495CEDBEF3D5989828AEEAE832, 3257E7261DF8F39CA4988BBED3060B9E8A5988978F66A4B1409E08F65B262FED ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
11:03:06.0183 0x33ac  PNRPAutoReg - ok
11:03:06.0191 0x33ac  [ CD5ECD6470B6B235B73569A091150299, FAAE20B0F2F15ADA5B3F5F2BBBFEA000A95EC8A64B37C9364145CE04EE204352 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
11:03:06.0206 0x33ac  PNRPsvc - ok
11:03:06.0216 0x33ac  [ 9744ADAF8DD679D64A33D828FABA39E1, AE820E529697A2F308E6A24127B3D4A7F02C406DA46A6CB65243EC3F6B400950 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
11:03:06.0237 0x33ac  PolicyAgent - ok
11:03:06.0243 0x33ac  [ F39D3876C731BB01BFE8F574188837C8, 51CB5E89397D6A150A05BDD53CC9B90B419A040BE1828C2E7BBD6684FE371588 ] Power           C:\WINDOWS\system32\umpo.dll
11:03:06.0257 0x33ac  Power - ok
11:03:06.0261 0x33ac  [ 1FB09FD846D5030B82EB345E9970A105, 871D38DD966EDD919B2E0C51125E1834A15A0222E2452605988BFD7E7B37C5C1 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
11:03:06.0273 0x33ac  PptpMiniport - ok
11:03:06.0326 0x33ac  [ AD62FCEC1CB8ECD7C0E3DFD2FA79FDE4, 6372FC5E78A2DDB8AE6EB73BEB5C0D4056FB6BE9F231A36BAC37AE970F5EB247 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
11:03:06.0449 0x33ac  PrintNotify - ok
11:03:06.0458 0x33ac  [ A60202AE474E2173ED91118DD73ADAAD, 6AE315E1DD9E3B03E48B8848FCB0CDD506080F0012DE478BA99D102F91E968E6 ] PrintWorkflowUserSvc C:\WINDOWS\System32\PrintWorkflowService.dll
11:03:06.0472 0x33ac  PrintWorkflowUserSvc - ok
11:03:06.0479 0x33ac  [ E0E55CDA29C80A9520FCFC78D7F8A73D, 9DE15A73643D71183E568F8F4DD8776D935786BE46F15BFE2DFD607378FC9E58 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
11:03:06.0490 0x33ac  Processor - ok
11:03:06.0501 0x33ac  [ C974AC54A9D34AF4899E98ECC1784E03, C71B76743AAF1E8490204F7B8204C4B98BD2BFDEE159EEA42A28A23300D3B87C ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
11:03:06.0521 0x33ac  ProfSvc - ok
11:03:06.0527 0x33ac  [ E4BF8BE7B3711BCBBC95EE983C0236F4, A71C09D83034C96F7ED4DB58F7388F8A13C7FD1A3F41FE8EEC553C42B65DFFC6 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
11:03:06.0536 0x33ac  Psched - ok
11:03:06.0542 0x33ac  [ 29F12CD3F77B65C7E37F8517395B13D2, 690517756A21B3DE4CF4A027AA712FC62DB6F5F2E89B4D2DE220A29C4A36878B ] PushToInstall   C:\WINDOWS\system32\PushToInstall.dll
11:03:06.0558 0x33ac  PushToInstall - ok
11:03:06.0565 0x33ac  [ 8AB5F41584C98047ABEF490FC1E31F7E, F8480F9D9C1A60901975C529CC0911ED592834AB1068FADD88B15E6497A59221 ] QWAVE           C:\WINDOWS\system32\qwave.dll
11:03:06.0581 0x33ac  QWAVE - ok
11:03:06.0585 0x33ac  [ 00F72861538B6C4E925A21BAE397A49D, 6847E2332CC8573850428CC7E3A73B2DA0274977F53BDDF7DBA68D223A501CC4 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
11:03:06.0596 0x33ac  QWAVEdrv - ok
11:03:06.0599 0x33ac  [ 0FFABEB2D06CD74DDE0BCA510EEAEEBC, 8598F39D312754C92A3776104D596F0C0312712D934B9994B2711F95FA6FE0AE ] Ramdisk         C:\WINDOWS\system32\DRIVERS\ramdisk.sys
11:03:06.0608 0x33ac  Ramdisk - ok
11:03:06.0614 0x33ac  [ B834761352403111D0113284D8736025, 444D05D5F4CED956AFE48CA29CD59420BDB2B14336D19BE2A28612A851EACF4E ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:03:06.0625 0x33ac  RasAcd - ok
11:03:06.0630 0x33ac  [ FA99CE309B66586A0AA6EF9CFF7BC467, 4684EB05828C2153FE94468E7A9A75D8C81F90E700B437C5990BC9451AD39AC7 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
11:03:06.0643 0x33ac  RasAgileVpn - ok
11:03:06.0648 0x33ac  [ C7CCE345D0010B3B9AC5067578436BFE, 4473E7D0492B7F0214576861A6AD90363D7F826B5E0DE15A56E93DA94BBF19E7 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
11:03:06.0660 0x33ac  RasAuto - ok
11:03:06.0664 0x33ac  [ 775ED7E51B58CF9EB415A1DBA540DACF, A3035A8A299D35B7A24A347FB8A2DB6B5892FD2A181D90F64CCD4806EA154395 ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
11:03:06.0677 0x33ac  Rasl2tp - ok
11:03:06.0694 0x33ac  [ 5AD6D0A830EAE44DB17E612824ACDF3D, 2094737D7D6CB8246F12D2020710BA94C1544835FE354524159CF7D4BD7B68CB ] RasMan          C:\WINDOWS\System32\rasmans.dll
11:03:06.0725 0x33ac  RasMan - ok
11:03:06.0730 0x33ac  [ E2433A620ABF4083157944E4692C500D, 126CA9F9D38FB4FA312A82FEA24C13D0693407384B1BCD55A0CBEFA8E52E1D8A ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:03:06.0741 0x33ac  RasPppoe - ok
11:03:06.0745 0x33ac  [ EE5D1D51FA74ECCE57CF2DB8F6A417D8, CC295366C60CAECA7CC32903E3A983635B55A5F5FD6E6BC4FEFE997B8154345C ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
11:03:06.0756 0x33ac  RasSstp - ok
11:03:06.0766 0x33ac  [ FFE99C3066FCBC23AA957BD23EC39839, 7FE3F8A0EC0C3C0AB85143C1D325978B99533A2535965DFB989C0A41E6DC2677 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:03:06.0780 0x33ac  rdbss - ok
11:03:06.0784 0x33ac  [ 206AB796793FDBD518B82E2F308A7176, ED0DBDE7106970F217F4FB1FB184B6795A16356C879C17E0910840F64F292809 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
11:03:06.0797 0x33ac  rdpbus - ok
11:03:06.0803 0x33ac  [ 52A6CC99F5934CFAE88353C47B6193E7, 37F6991FA526036866E8CFC938A16750644AD764FA52BB102B11B5D594DB7E96 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
11:03:06.0815 0x33ac  RDPDR - ok
11:03:06.0820 0x33ac  [ 0600DF60EF88FD10663EC84709E5E245, 48572DC0C644E13BD1713E29E522763EB4E00337ACA64D1392960D17EAF8923A ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
11:03:06.0827 0x33ac  RdpVideoMiniport - ok
11:03:06.0834 0x33ac  [ 65652EFAAF4A8A59E60A2D7BE15317E8, 83A9A8506EF4769625EF0EF43B93906A6FBD9133E52C12B17A68B89DAC68D026 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
11:03:06.0846 0x33ac  rdyboost - ok
11:03:06.0875 0x33ac  [ 03C37A5A2FA13F3B669BC56358FC96CE, E38FE4AC6DDC431DA37FEB667A5C224A1BBE2D9F69949859DCB2628150B8C095 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
11:03:06.0915 0x33ac  ReFS - ok
11:03:06.0934 0x33ac  [ 51E5E37F672641BDE9CF004A61529F4D, AE5F7C3706ABE89C99485605C3FD03FD016A0A462A733BBD58A85BDC584615AA ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
11:03:06.0957 0x33ac  ReFSv1 - ok
11:03:06.0969 0x33ac  [ 980F60634FAF9C58FC468AF9AA609D68, 7BA03FE851F78D5DC9062ACEADF194ACB4F8F56C9D496B17D846CE1E4373B404 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
11:03:06.0990 0x33ac  RemoteAccess - ok
11:03:06.0996 0x33ac  [ 106E630F1B2A8BF2BBD4508D9B166406, FAFBE21EC61B97B4B825285EBA0F661382A95119E1740EE4FB9A1F6FB3C0F5F7 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
11:03:07.0009 0x33ac  RemoteRegistry - ok
11:03:07.0023 0x33ac  [ 53BE6D9C36A9CB95A1568C24D44A8A34, DD8245F87B9D4203F56595D6ABF9F1E74EA071D4B7BB0469A293CA9E20BDA246 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
11:03:07.0049 0x33ac  RetailDemo - ok
11:03:07.0056 0x33ac  [ 59F600BDA5B6EE591802945F1D8388D5, A30593A0EC696DE21264969664261E7ADA12C9E1161445BD41E71B7E3232604F ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
11:03:07.0069 0x33ac  RFCOMM - ok
11:03:07.0074 0x33ac  [ 3D4F4CCE0364CD3F1B539D2630686F24, 620EFC53D6F5279AEF4748FAE22F7239E7855D1F5C79B85F6CB54EF51C516408 ] rhproxy         C:\WINDOWS\System32\drivers\rhproxy.sys
11:03:07.0084 0x33ac  rhproxy - ok
11:03:07.0090 0x33ac  [ ADA13EBD9C23C51876A5B2EADF7F2E29, D08E6A907DE5DC6F51CA71CBF7886FE7D8C6FB09154B633D86CDBE9C311361A0 ] RmSvc           C:\WINDOWS\System32\RMapi.dll
11:03:07.0102 0x33ac  RmSvc - ok
11:03:07.0106 0x33ac  [ 3CD63AE6A9A1DE4CD5831AE15221C861, CB8B5FDA48D9D4E5A9F26F67859105E2769AF82B2CA1B0B35D9BFBA611445CC0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
11:03:07.0121 0x33ac  RpcEptMapper - ok
11:03:07.0124 0x33ac  [ 19EC4D05E01FE350B3494CEA122D64EB, 09FF60A8F22D66796257E33F4CFD6059D4A11A3173A7691718E9FE841E15ABA2 ] RpcLocator      C:\WINDOWS\system32\locator.exe
11:03:07.0134 0x33ac  RpcLocator - ok
11:03:07.0154 0x33ac  [ 8CE6D7338F84B228450C8240BB77DB16, 3580ACCD3D1D31E2BA90A1A0FE7CE1FFBD12CF00931098664AAD2EA42F075FEF ] RpcSs           C:\WINDOWS\system32\rpcss.dll
11:03:07.0187 0x33ac  RpcSs - ok
11:03:07.0192 0x33ac  [ FFFB16EF6E0B8B5F7F19B425923E7D12, 27C2882AC7B27BAC5A4051C2C9326A6D289F297158DE7A3A93E8B09378DC91AA ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
11:03:07.0204 0x33ac  rspndr - ok
11:03:07.0218 0x33ac  [ CBF9E49EAA55C4E5C5CA1BE7A90D3389, BD0BA3FD86BC9C822B0B8E9683CBF8758E7390262D5446D7C72D2B9AFED3260B ] RtkBtFilter     C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys
11:03:07.0236 0x33ac  RtkBtFilter - ok
11:03:07.0243 0x33ac  [ FDA82B0465252A84CDCB27F7E22DAF03, 9296FB17851C64933E3C9C63ACB48F9A52FD6E74C635ECA019ADB459FFC925C6 ] RtkBtManServ    C:\WINDOWS\RtkBtManServ.exe
11:03:07.0252 0x33ac  RtkBtManServ - ok
11:03:07.0364 0x33ac  [ A04D9405BCA9F13360234B4EAF1AB1B9, 977629AD825EAE7F14BC20AC6BD85A5A68056B8587EB94D44796259762F417ED ] RTWlanE         C:\WINDOWS\System32\drivers\rtwlane.sys
11:03:07.0493 0x33ac  RTWlanE - ok
11:03:07.0502 0x33ac  [ A2939E69027B97105014434BFBFF7195, 9DC09BE94415564D0E80431223BDA1C59E3555AB5267DD3F64E71D4A18C8553A ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
11:03:07.0511 0x33ac  s3cap - ok
11:03:07.0514 0x33ac  [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] SamSs           C:\WINDOWS\system32\lsass.exe
11:03:07.0522 0x33ac  SamSs - ok
11:03:07.0526 0x33ac  [ 04C51BBD8C9F54E5F2C5D831B03B11E3, 15AD9F224CBBCAFB117574F03C6F1C02639928A95BC4533453EBAFB20F7AE671 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
11:03:07.0534 0x33ac  sbp2port - ok
11:03:07.0541 0x33ac  [ D48F36EA4B4E8237B24E33B18D76EB2A, 128E754F15FDB00D218FB23431BF0FBDC65D64EEF294D72535B0C07EB5472136 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
11:03:07.0559 0x33ac  SCardSvr - ok
11:03:07.0565 0x33ac  [ 1B1FB3D8403E621F2B9201EF414E21D9, 5EFBEA5DC09CD5F151EF224BE2FF2C985D19301B17E5C16F5D00CB2852DAF8BF ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
11:03:07.0581 0x33ac  ScDeviceEnum - ok
11:03:07.0584 0x33ac  [ 0070C2DC6563C48EDA63A282748F3FCD, 12C8505DDD05994641B2B19666D7A54E12A21F6894913342A9BA5D148F193BE0 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
11:03:07.0597 0x33ac  scfilter - ok
11:03:07.0613 0x33ac  [ 9D13410D7B4D76AA2EA73EC8CA0E0190, 7C46D202683F34F1C07D9D297E9A239376800DC8C84FE1585FE7FC723B6EBBA0 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
11:03:07.0645 0x33ac  Schedule - ok
11:03:07.0650 0x33ac  [ 6538E939E55B589AA4F5BC22D35A6B36, 262BB2C6499B1B033E07CD0B8CB9C41122EE9DE52B34F664999B667E1C7CDB0D ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
11:03:07.0659 0x33ac  scmbus - ok
11:03:07.0665 0x33ac  [ 620E4F2FDD04FFB70702676423F1C2AC, 25A19FFA966605C229F5BFBCBBBEE36695FC673C7814CF13E79EE4A9B3D8CBE2 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
11:03:07.0679 0x33ac  SCPolicySvc - ok
11:03:07.0687 0x33ac  [ 495273177E87B0C34D7E431E9254FA23, 61116DA77622F5A0E931F5033C1B870A22AD3438C056FD1F320F857908E4124B ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
11:03:07.0699 0x33ac  sdbus - ok
11:03:07.0702 0x33ac  [ 9EF09DE84CE20B787C02395394AC2A7E, 17019B74506D26707EBC342365008A9BB5AACA381FB60ABA85F34D153FB0682C ] SDFRd           C:\WINDOWS\System32\drivers\SDFRd.sys
11:03:07.0709 0x33ac  SDFRd - ok
11:03:07.0714 0x33ac  [ 01607A2FAB0068450A06C90AF755D57E, 9615261063475045CBC99F17BD3A4919198D0F77CA9E4EC7B13826E514BC8543 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
11:03:07.0730 0x33ac  SDRSVC - ok
11:03:07.0734 0x33ac  [ F80D6C03FEA2F7DEE14023B7229DA8C2, B62AFCFCDE9C1BA0A5D80BAAC3D3D95546DB2E532C04C765FF85B27D1CBD5B8D ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
11:03:07.0743 0x33ac  sdstor - ok
11:03:07.0746 0x33ac  [ 44B1F4F200B4D3AE8B53290101148AFC, 34F18FEDE525BB398371329CA9F93BD3D88C30E23FCA576978D94EC67513228C ] seclogon        C:\WINDOWS\system32\seclogon.dll
11:03:07.0756 0x33ac  seclogon - ok
11:03:07.0770 0x33ac  [ 1E8CC4964FEECEE44D720A5130075F79, 75656541633FE90045183C68F4A81F1AA305E4A03CFBF7C50F226F18000924D5 ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
11:03:07.0792 0x33ac  SecurityHealthService - ok
11:03:07.0813 0x33ac  [ 7D7ED932B6417D8687D1D972989B310B, A5DF3B6CEE97DD110FD1BC542CC5A5313B2F447E5FCC40DF6EFB9D7D49CD792C ] SEMgrSvc        C:\WINDOWS\system32\SEMgrSvc.dll
11:03:07.0851 0x33ac  SEMgrSvc - ok
11:03:07.0856 0x33ac  [ CA614C9FBC8307AB1DC937F3393899E2, 4833CC631FA30E4D4B45BBC2CE41DE72B332B6A1FFD23B7DBFD6EDD6BC1A2ED8 ] SENS            C:\WINDOWS\System32\sens.dll
11:03:07.0867 0x33ac  SENS - ok
11:03:07.0888 0x33ac  [ 46AEFFC68BEAF89805B95CC6F9529C2E, 7A6A38A329E82F684191561479604142BBB35121822A5CDD828819C606F2A60A ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
11:03:07.0927 0x33ac  SensorDataService - ok
11:03:07.0942 0x33ac  [ 2B81117E9C3E20BBAA2CB5467D000F77, AC0DF8E635908026EE43EE0444DEF61481E211737A85A473D64EC8BB214D1135 ] SensorService   C:\WINDOWS\system32\SensorService.dll
11:03:07.0971 0x33ac  SensorService - ok
11:03:07.0977 0x33ac  [ DF94FAAEC4CDAA3886A0169E660C984B, 54BB09459D59B5DDA24D72821840FA7A71A194EA464E09DFDE021B24CB27FCAD ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
11:03:07.0994 0x33ac  SensrSvc - ok
11:03:07.0998 0x33ac  [ C5CF2941AA9E417B3A224601255C002E, 31E2988E13D9BB3630980E8B71AE5FB244EFB15970623C1FE76B7ACA25A4A2F2 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
11:03:08.0006 0x33ac  SerCx - ok
11:03:08.0011 0x33ac  [ B9C113BD9FCA4F3E23F03708A7DA07CC, 0A070BDDA956B1869D58A173B56ABA011E1F7A3C5D258343D0AEDC1EC87F4B53 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
11:03:08.0020 0x33ac  SerCx2 - ok
11:03:08.0023 0x33ac  [ 1845736FA47A1DFBBB642FE21095B4E0, 057E8750E8695F6B72A33BBF1C5CFCCD6BFC992E6B99A487A07F5A4921004791 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
11:03:08.0031 0x33ac  Serenum - ok
11:03:08.0037 0x33ac  [ F1BABF50469041797ED9928C31318832, 1A8C75F4696D4D2AA47EA33BC96069A394466953EBC3CFB2B3D6B961B8B5875A ] Serial          C:\WINDOWS\System32\drivers\serial.sys
11:03:08.0046 0x33ac  Serial - ok
11:03:08.0049 0x33ac  [ 340116988930B07629A2D0C2B380A365, EBAAC3DF2E8DABFB477340E79FC8E3A8B74340C389D73E51D64A97A332664113 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
11:03:08.0059 0x33ac  sermouse - ok
11:03:08.0068 0x33ac  [ 87340BC77470B34F11A9E558B591DB08, FD91561FE5951B4F59FEE23707E1ACE31293E508EF734A5CDB0F34D332EFDDF7 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
11:03:08.0087 0x33ac  SessionEnv - ok
11:03:08.0090 0x33ac  [ 77FF0A5BA023D8E8C82EACCD54EA5C78, A4A88A550419C347E369DDD29D4EB5C1BC4D980FBA9C655DF787A166FCA2497D ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
11:03:08.0098 0x33ac  sfloppy - ok
11:03:08.0102 0x33ac  [ 1941F5CA54C469E16957587FD56ED842, D356547A9702A50AEB5F7765AC44668EEA913563A422ABBD0427EC22833A5B78 ] SgrmAgent       C:\WINDOWS\system32\drivers\SgrmAgent.sys
11:03:08.0110 0x33ac  SgrmAgent - ok
11:03:08.0115 0x33ac  [ D3170A3F3A9626597EEE1888686E3EA6, 9321991C441B095DF15D24C8AE58F87EE5A3242532E8C023D0F78B2F96FEE6B7 ] SgrmBroker      C:\WINDOWS\system32\SgrmBroker.exe
11:03:08.0125 0x33ac  SgrmBroker - ok
11:03:08.0137 0x33ac  [ AC1D97F89F2EC7E334A406603A686973, D230059C1CB400CCA62438603356F058B40E17DE4C7BD4DADDBB981E4F5E4C9C ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
11:03:08.0162 0x33ac  SharedAccess - ok
11:03:08.0177 0x33ac  [ 0BE15FDA358837ABD88DC72AA75C75CD, 3990FA051E7C280B446C8A749FCEE04E384230CC5E286B4E7080B1737E5730DD ] SharedRealitySvc C:\WINDOWS\System32\SharedRealitySvc.dll
11:03:08.0203 0x33ac  SharedRealitySvc - ok
11:03:08.0215 0x33ac  [ 63B104867F70F0D81125C37989146960, 468431098DD9B91F1C58551CEB4DBE6E1C456FFE845E302571B970EF05AE03A8 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:03:08.0242 0x33ac  ShellHWDetection - ok
11:03:08.0248 0x33ac  [ F6D90D09D2BCFA2B5E492BFECA40EDE4, 7B427335943C1EFDE482D59F3A23149FCD45BB014643BEF620A708720383C4A8 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
11:03:08.0263 0x33ac  shpamsvc - ok
11:03:08.0266 0x33ac  [ 1443CF919C2A3207CE7724E0A31686A2, 3F0ECC565F67638A57A23BF69C399AD638DA9F81F1660CF3E027DC057E990EA4 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
11:03:08.0273 0x33ac  SiSRaid2 - ok
11:03:08.0277 0x33ac  [ C0B1EAD6CC127CAE4E84EBF54105B3B8, 86F5C937D9DC61F262FF00B45249162F4087B6A1CA0FC24EF7950E4E77FEF26B ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
11:03:08.0284 0x33ac  SiSRaid4 - ok
11:03:08.0293 0x33ac  [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:03:08.0304 0x33ac  SkypeUpdate - ok
11:03:08.0308 0x33ac  [ B7C6144293CFAD2DEDCD022C44735DC2, 75F26A8F43EED45764D50B2CCE44C453BFBBD0FA56B6AF1F2B4B8B3665C3961E ] smphost         C:\WINDOWS\System32\smphost.dll
11:03:08.0319 0x33ac  smphost - ok
11:03:08.0331 0x33ac  [ A3BEF2736E902B9DCA68554F4E10E08C, 5C7590D8F2D637B6D4A5F68945D8350B1C3D48EBE1B2C36658361900C9425611 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
11:03:08.0354 0x33ac  SmsRouter - ok
11:03:08.0359 0x33ac  [ 577EC13EB5215325E9B9FC51FB56A974, 1D7A0245A3C474BCD4EC69704040FB50C0E086DB1711C5B7FC4D9C4A7909DAB9 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
11:03:08.0371 0x33ac  SNMPTRAP - ok
11:03:08.0384 0x33ac  [ 3F11BAB1C9963BFD648A80C0BE71AAAC, C39CA1CE9C16C119C7C8AC677E1608B013146039FBC9E34F88406444B7C2B5BE ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
11:03:08.0401 0x33ac  spaceport - ok
11:03:08.0406 0x33ac  [ FE1776E587227120DC04EAEC45473245, 9DEBD997D275065481EEEDD2310479F2021D53B64AA6D5CEEA70E9BB8C9856C7 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
11:03:08.0413 0x33ac  SpatialGraphFilter - ok
11:03:08.0417 0x33ac  [ D05EB2BB52EC6B665D1631EC33241B80, 29598FC180020515254A9FAE7BE8077549C656EDB425059691007EEC0F9346F9 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
11:03:08.0425 0x33ac  SpbCx - ok
11:03:08.0442 0x33ac  [ 14C99B814E284592548C4D63AE5BE954, B47FEAAAC512D07F1F9489FC1F51F0D3965F762AA02662E24F7272A208D96E6F ] spectrum        C:\WINDOWS\system32\spectrum.exe
11:03:08.0477 0x33ac  spectrum - ok
11:03:08.0494 0x33ac  [ C05A19A38D7D203B738771FD1854656F, 3A832F3CBA33682EAA18ABB721BF2D5A6FE9AC853038C684C264700DEB52AA65 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
11:03:08.0522 0x33ac  Spooler - ok
11:03:08.0586 0x33ac  [ FEEC8055C5986182C717DD888000AEF6, E09B7B1DE43A226842A4B8C591D712E51585BC7E8A39CFB8852CBF16D234C3A6 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
11:03:08.0674 0x33ac  sppsvc - ok
11:03:08.0692 0x33ac  [ 3EB4023AC700182D84CB6761D3727394, 6993C127F4AD8B899E6A285EDB849807F522D9B0A0018E5436114F527EC8B1F1 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
11:03:08.0718 0x33ac  srv2 - ok
11:03:08.0726 0x33ac  [ 63ADE24D0B3F655ED3F5B6E7F09B2312, 2387FB2FAB3F8A15CBDC069AC140F01B9012B5EF8A0E7434B78571B24F4ADB1E ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
11:03:08.0742 0x33ac  srvnet - ok
11:03:08.0749 0x33ac  [ 1AEA66706573E8CCD6038369FE37F237, A62CAFE205D5B4C9F8528EDDA4E20BA4E2D1E231F2B183FE70EFE6458B2D5460 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
11:03:08.0764 0x33ac  SSDPSRV - ok
11:03:08.0775 0x33ac  [ 5EE518DFADC18573E681BB78833E93FA, E98CCD3E2ADA265D6E3CF48CDBFE5C3067E0546F179F23B77C267F65CEB978EE ] ssh-agent       C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
11:03:08.0798 0x33ac  ssh-agent - ok
11:03:08.0805 0x33ac  [ C7DF51E24DD853E7E2D3C0BCDCE57D6C, D1BFDC89F00C5B8388EB233290B6D540C246D0267B1C192C51645004A8CD8C62 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
11:03:08.0821 0x33ac  SstpSvc - ok
11:03:08.0826 0x33ac  [ F0B59ADCD06BCEB9D47311B7041CA2C9, 6299AB514CBE153C875F083ED789F6205C1781C0178759521F5A6D8007F5257C ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
11:03:08.0834 0x33ac  ssudmdm - ok
11:03:08.0904 0x33ac  [ BDFDF0A5B3622E4320C72D5B9619C9B2, EC0B8A80302B118D6148B9B4488D3E0D220B23FFC9F28F9956F3D46265CBEF14 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
11:03:09.0000 0x33ac  StateRepository - ok
11:03:09.0008 0x33ac  [ DA82903F26AE12034CC5229F61098948, E7B5CA27C864BE95EC109D0692F44BE9F5F56AB6173AB1811F4E83A3EB5F26CA ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
11:03:09.0015 0x33ac  stexstor - ok
11:03:09.0027 0x33ac  [ EB2C25A3700309F3F67D9334CF33A36C, 9262778566EEEA810AD32CD660DEA841797BD9F874252CC5445D917FF159280B ] stisvc          C:\WINDOWS\System32\wiaservc.dll
11:03:09.0052 0x33ac  stisvc - ok
11:03:09.0057 0x33ac  [ F2D1983C7BEF5E3AB8978A7796C59A75, 39B2005F7CCEC95D2F67AE5F69C3768FEFA04AABC0723BAD8A986A036AF0629B ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
11:03:09.0066 0x33ac  storahci - ok
11:03:09.0069 0x33ac  [ 76C9E2AA3400C22FC7091AD2F2999F95, 0015CF42CBA603448DFD85909D5047D5F9BE9153972C3832B1CF4B92A6BF0D01 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
11:03:09.0076 0x33ac  storflt - ok
11:03:09.0080 0x33ac  [ FF70FB4B82C27B87CBDE2B7F8F1BB96F, B7985CD42962943D09E7B692421D162F0F0FC1C3A7ED0C78FB10652E62591645 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
11:03:09.0088 0x33ac  stornvme - ok
11:03:09.0092 0x33ac  [ 47CE4211A40C2C023A8138E18757F3D2, D684D2A7DECC23418A685358EA9B4F6EB3A68C690D5ED8E82F4B4639DF022775 ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
11:03:09.0106 0x33ac  storqosflt - ok
11:03:09.0123 0x33ac  [ 3B4F0D616CC972A286003134809D26F5, 5711025BD7D1EEBB6A9A35E47DF297522BD082EA9C34E09F055A183E00453DF4 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
11:03:09.0157 0x33ac  StorSvc - ok
11:03:09.0161 0x33ac  [ 99DE14B208B6F3EE07E8B7FB16940D50, 313B8BDBB050D4A2E4B901FA0F84D4E4D8BADC161762D559D6A7F85CC096B3E0 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
11:03:09.0169 0x33ac  storufs - ok
11:03:09.0172 0x33ac  [ 1FC7B7BE58A29DF27F5E6F6C2F061FA3, D8CD6D1BD0ACA4B851DBC85F898CB5DA8715C5AB3D62D7B0D6BBFEADC0382A8E ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
11:03:09.0179 0x33ac  storvsc - ok
11:03:09.0182 0x33ac  [ 0B154B033AD7F9215DED11E0CFC80A25, 383D7BF361D75A3B78E4C8E3F616E487FA6172F860AE364B1AC73F75BE38944F ] svsvc           C:\WINDOWS\system32\svsvc.dll
11:03:09.0201 0x33ac  svsvc - ok
11:03:09.0210 0x33ac  [ 54255DF324C621A97220EBFA832237D2, 27BAB2018BE66C67D6C2BBAA8E849E89B4150B8C81E7350DB0A1D14BEEB965D9 ] swenum          C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys
11:03:09.0216 0x33ac  swenum - ok
11:03:09.0227 0x33ac  [ B3C113C9B784A4D296C7A7BA515F74BF, 0D20281B8AA9ED6C89E10122F3A153C2E21464686E5A3D2F907224584E6B5BCF ] swprv           C:\WINDOWS\System32\swprv.dll
11:03:09.0248 0x33ac  swprv - ok
11:03:09.0252 0x33ac  [ A2A42A570524C975259E3B81C4D80DCA, 4B2A6295E46DD2042B3C741D9519A0376687B30711F2DA8B9B81A039E46229F9 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
11:03:09.0265 0x33ac  Synth3dVsc - ok
11:03:09.0283 0x33ac  [ 62492FAAC26223E8A21E79A2331A3F10, 164C2650EAD344B6DFF95B8275436231E7994B7F06ACB3DA19054849BED61FD2 ] SysMain         C:\WINDOWS\system32\sysmain.dll
11:03:09.0314 0x33ac  SysMain - ok
11:03:09.0322 0x33ac  [ 607143646829B70F7C60F4CF499AD41D, 00746AA3D0ECE27BC04FCAB4955A199C5E040F850D0129865EC8F03DD202EF7A ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
11:03:09.0339 0x33ac  SystemEventsBroker - ok
11:03:09.0346 0x33ac  [ CE9975A9E0DFBEFECECE218D2674C1CD, 20ABA9B78FF40C89A757ED2B4AE2F8BE5F4C6C257AA00A324849D68ACA59A264 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
11:03:09.0363 0x33ac  TabletInputService - ok
11:03:09.0370 0x33ac  [ E38C7C4D57B1438F70A1B913870E8665, EEBE640E31F3D9126FD2F58EB93051FE4EEA591223DFAB9E918DEBE879718B95 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
11:03:09.0389 0x33ac  TapiSrv - ok
11:03:09.0429 0x33ac  [ BFCBA5F57D278720718B8CB39C50A8EC, CC09339FC116299D14C66EB83D4A78108A411ED42376AC8112A9AD0FB2513D0A ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
11:03:09.0483 0x33ac  Tcpip - ok
11:03:09.0524 0x33ac  [ BFCBA5F57D278720718B8CB39C50A8EC, CC09339FC116299D14C66EB83D4A78108A411ED42376AC8112A9AD0FB2513D0A ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
11:03:09.0573 0x33ac  Tcpip6 - ok
11:03:09.0580 0x33ac  [ 085F8A5F09E64CC27309AF160EF4F9BA, DB3DFD3059836A9FB26FE924E9F2B960E454F4B20D8862266DFDA3168D610FD8 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
11:03:09.0589 0x33ac  tcpipreg - ok
11:03:09.0595 0x33ac  [ 16071C42E21CE3378FA449322FB9AB1D, 44CA7FD91275546492EEF0A59261E2B1C924613515D45EFD2EF0442023B2CBE5 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
11:03:09.0604 0x33ac  tdx - ok
11:03:09.0607 0x33ac  [ B2C4D7CB291293CAC636748E695D111E, 5E0AA8147EFDA5D21CEE8AE254F74A974B0ADAF298F569CAA73AC4E3B758438A ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
11:03:09.0614 0x33ac  terminpt - ok
11:03:09.0632 0x33ac  [ 10ADC3589E50B1ED8452C86E0CBE8248, BE82341A12EA83D9EFADC9AC35CF16D327F8499C99107DCDE88DD0F5DF84523C ] TermService     C:\WINDOWS\System32\termsrv.dll
11:03:09.0664 0x33ac  TermService - ok
11:03:09.0669 0x33ac  [ 1A0A0F6A139148AFDC4622046D4B3CBD, 8FC2FB99B70A3A5B2F1D757A2F0E3085B1D242B792A35070E1DB3871A275329E ] Themes          C:\WINDOWS\system32\themeservice.dll
11:03:09.0682 0x33ac  Themes - ok
11:03:09.0689 0x33ac  [ 811910E891A6DB4A864AE119EB71218C, 2CBB6159E2ACAE4BA73892A4F7F8A3981C159083C29F1A1D548C59FB713B9D74 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
11:03:09.0708 0x33ac  TieringEngineService - ok
11:03:09.0714 0x33ac  [ 8BF5E2FD72E939CF68D617E273034793, EE27D070E1C4EFE902BE173C5561F5601499F835762278CC1E5987886BD8A4D1 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
11:03:09.0728 0x33ac  TimeBrokerSvc - ok
11:03:09.0752 0x33ac  [ 673FB0E68AADCCF840AC7A56A9B38150, A9A1CF08D544A488ECABBFBD994C3A8CEB8CFE86A098DAB8533430BABDEA27EB ] TokenBroker     C:\WINDOWS\System32\TokenBroker.dll
11:03:09.0794 0x33ac  TokenBroker - ok
11:03:09.0803 0x33ac  [ BF705C64C1522646BF00E72393DC5D6F, 9D60CB5DFBD400C59C33C5221040FBBFE1A18870E75E176A6BC7D352783B56A7 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
11:03:09.0814 0x33ac  TPM - ok
11:03:09.0819 0x33ac  [ A5C0F857C38278A90E953A24E1701196, 1A646E47013946CCE41C798A494C6D266AEFC8A8D6EB65CD8848E72106687E38 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
11:03:09.0832 0x33ac  TrkWks - ok
11:03:09.0837 0x33ac  [ 4578046C54A954C917BB393B70BA0AEB, 2DFE9DE656B415CF7D81F583F33A20A74CD54C07DB8C3196AA2102431F42F74F ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
11:03:09.0853 0x33ac  TrustedInstaller - ok
11:03:09.0858 0x33ac  [ 0D721F40C179EC5737C15E551F22C69B, BBA04E11C3D9150C60F74D8B1A3F444BDE0C19857BB7C45D58448F641082DE1A ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
11:03:09.0872 0x33ac  TsUsbFlt - ok
11:03:09.0876 0x33ac  [ DE1296871208D1F13B7AC57C4B1FA46C, D18709F65E372A47AE114ECFD6A45E6736089B4A8E719E2FB5D831D9415E995D ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
11:03:09.0884 0x33ac  TsUsbGD - ok
11:03:09.0889 0x33ac  [ BC938ABBF586272BD4063CA51F09149F, 06EB662948D212ACDF930C3CD01C6381A6FB152AC0F1628C86764F0973ABA1CB ] tunnel          C:\WINDOWS\system32\drivers\tunnel.sys
11:03:09.0902 0x33ac  tunnel - ok
11:03:09.0906 0x33ac  [ E94996BB8F323AF02860196C1400AD30, DE605439FC5B59C1064DF05F63C94D7C275482C1C66BEC74FA4A83F61C2051FC ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
11:03:09.0920 0x33ac  tzautoupdate - ok
11:03:09.0924 0x33ac  [ BDFACE024EFF2398214797143AD76C87, EF9B6CB1F6EAE4786BBDE1E0946BECC5BD2AA493FC32A8F779A757BA57238EC9 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
11:03:09.0932 0x33ac  UASPStor - ok
11:03:09.0937 0x33ac  [ 00C4396DE1CD3502884BB2E2B6D6861C, 39F6BF25096ACE29CAF964DCA15078F47986F645DF49FB502A2CDF2C05C89AAB ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
11:03:09.0950 0x33ac  UcmCx0101 - ok
11:03:09.0955 0x33ac  [ ED9CBD1541C8AFDAA9B8255A384E2B53, D970F5E976CEBE0BCDF07B9E155EDB5B3C225812991779748CD04A9C4852DF3D ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
11:03:09.0968 0x33ac  UcmTcpciCx0101 - ok
11:03:09.0972 0x33ac  [ F58F1BC6A6972437CE18516F8ACCEB9F, 2C619D1E2E80662FA463EE48E3D41C8437A81B0F68EE67A0839A93DEDCD2E0B2 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
11:03:09.0983 0x33ac  UcmUcsi - ok
11:03:09.0990 0x33ac  [ 7CC95F6BDEEEC52D53ADC86E5110EDF6, 9A666D7FDA4BC7246027F4171559BABFD537E1422BC6E57454A40B8FA4C696E2 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
11:03:10.0000 0x33ac  Ucx01000 - ok
11:03:10.0004 0x33ac  [ 12E2B6B642360E66396502B62B048694, C9AC86BF767ED4ACE0F58BA3720369A2758BA154AFFE10CAAD5A2C4C259BA50A ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
11:03:10.0014 0x33ac  UdeCx - ok
11:03:10.0022 0x33ac  [ 6A442723D4D05D9F15D24C9942CDA00D, 4A60D6CF7214A3891877AC6E5A49AE49D056567162D6355C0D893510F0241DA7 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
11:03:10.0038 0x33ac  udfs - ok
11:03:10.0042 0x33ac  [ 93F73F95EC7218971928B25F9728C5B4, 1EE71BB16009B57B192148FF5D8BB51191097686518C0179B7019099D6A01888 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
11:03:10.0049 0x33ac  UEFI - ok
11:03:10.0055 0x33ac  [ 588B9212DEE84F5192C09A147AA5C316, 80C70FD489D72015FCF8AFBE649F6C77F40B613882A1F031A2DAE088B9B4F67B ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
11:03:10.0067 0x33ac  Ufx01000 - ok
11:03:10.0071 0x33ac  [ 78B5C069C9AA1463ACC833FD7E2A3BD5, A44BAB6AB5E071537BD37A26DAF6D0D69BBFFFF686C183BFAAB04286DD3B81BB ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
11:03:10.0080 0x33ac  UfxChipidea - ok
11:03:10.0084 0x33ac  [ 533BF4F456A1C6E7581E8C0A4EC59300, E5AE7EB4A8E6CE410F465C48F102797806172B5881C2CF570A9851CCDFE656FD ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
11:03:10.0093 0x33ac  ufxsynopsys - ok
11:03:10.0099 0x33ac  [ 360FEE6F687D98EFFE46A5433FE6182E, 1A35569DC29F45F78D705BCEDE850CAF86FD27D6253977497EB3B000CAAE0B27 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
11:03:10.0108 0x33ac  umbus - ok
11:03:10.0113 0x33ac  [ F6F1A9D91F684AA02951B96EE8127DAE, 351139331041BC123C9FEE3A5CE4965AFC4CDCA488080338D98C5EB85D5843D4 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
11:03:10.0122 0x33ac  UmPass - ok
11:03:10.0131 0x33ac  [ 0D806415E1F86E7C1C192261C247EF0D, 640CB73D9ACC3B6E0F2A2A5A4587375F05A7519081BEC510B926A8A4A496C3B9 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
11:03:10.0148 0x33ac  UmRdpService - ok
11:03:10.0169 0x33ac  [ EAEC69961D9D8B39FEA44D56F7FB259D, 43FEB15A32B353B6F3C8E5F1072FF9507F2FA7799A414F30FEA0B8C47999D969 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
11:03:10.0207 0x33ac  UnistoreSvc - ok
11:03:10.0219 0x33ac  [ 2362D5C18120FAB9CE5BD1F73EE33758, D9AB5D5BEAF95F62A204CE8A3B8B3B6C9C1E85FB5425CA2AADCBB4770EDCDF30 ] upnphost        C:\WINDOWS\System32\upnphost.dll
11:03:10.0240 0x33ac  upnphost - ok
11:03:10.0244 0x33ac  [ 49A5E1B43C59DC0E363AD9C2D7D10BE4, B903C1C24DAF316AF9D8C1770687DE0A24ACDA4EFE47845E13BE99985609B7CE ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
11:03:10.0251 0x33ac  UrsChipidea - ok
11:03:10.0255 0x33ac  [ 53F1DA2D92D1D8CE4BB9D33E58D7DF01, CD3F4B92EDA042FE696C59D67BEB711C7AF0EB5979AD5F4110297C47454EBBFA ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
11:03:10.0262 0x33ac  UrsCx01000 - ok
11:03:10.0265 0x33ac  [ 09518A324B95BBC0B472BD5A472CB916, B3C6BF8C84268C02CC43E5C6B37648F9691B6038D275F4BEBA7B5E9ECA046181 ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
11:03:10.0272 0x33ac  UrsSynopsys - ok
11:03:10.0278 0x33ac  [ B7211393225AB05324C52BA47B31FEB4, 3FFB7F1C1CA5001B95026D30ECD1991747DDAFFBE3B4929CAEDFA90E169A28AE ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
11:03:10.0287 0x33ac  usbccgp - ok
11:03:10.0291 0x33ac  [ 250D21958EE5F45CD13FE6BE3788EE70, C0EF097EE2ED91950BD3A6881AB08698E85C4ABABC4F7520F7E92E70CA454D4E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
11:03:10.0302 0x33ac  usbcir - ok
11:03:10.0307 0x33ac  [ 4269DE1EB8029D55B3BB3A8A330FCF90, 5D9081A07F91AF704D27EEE60516D6E1E0A106D1656CEF0C5C50E51C23E17F61 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
11:03:10.0315 0x33ac  usbehci - ok
11:03:10.0326 0x33ac  [ D67AABAE0C9EBAC9BBA2E20E0AF52EF1, FE51895BB81E5320F66C433378469092D39F325D310543AFE28A5603FA9B4F08 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
11:03:10.0341 0x33ac  usbhub - ok
11:03:10.0353 0x33ac  [ C662CE4F762275109B70B7376067C142, 74A31FF4A84D040523A44D2CAB14BBC13DC09D6902C42200EE7261783C953432 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
11:03:10.0370 0x33ac  USBHUB3 - ok
11:03:10.0373 0x33ac  [ A547E7B1B3FB2228259AA85AC7E82698, AB18BBE30A2D149A0E10621DC8497A72DFB841B09F4E4B47FED21843C0F88D92 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
11:03:10.0383 0x33ac  usbohci - ok
11:03:10.0386 0x33ac  [ 692C0BA4109C8F78392A299369F51129, A675E11CD4794693D0B65A06E85F264199506A4C6EDBB68503163EED389B8D1F ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
11:03:10.0395 0x33ac  usbprint - ok
11:03:10.0400 0x33ac  [ 45A9E57185B79420EFEA5A4AED655809, 91D4BDBBAF1D06C404AC926357C3F20D780CF5C858B223930D69CFB17D81F3D3 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
11:03:10.0409 0x33ac  usbser - ok
11:03:10.0414 0x33ac  [ CEF7527514EC49EBE0C760D784643EF0, 2A4E49C5C906339C31F0A646E53773297F4B4CEAFD94CE653C37556AE243E104 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
11:03:10.0422 0x33ac  USBSTOR - ok
11:03:10.0425 0x33ac  [ A4124036C4FD2B94C6157C4588EEB4E3, 595C8BFB5E63AEA2F7DF2745F7C7CE45938B091470C921E3064E766A0E12851F ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
11:03:10.0436 0x33ac  usbuhci - ok
11:03:10.0445 0x33ac  [ 9F4CCFCD4B4C6008C940510E43D54AEC, CD6082E95EBA618490A2A97E258875440B3440E721B21E81608804B90DEF0D20 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
11:03:10.0459 0x33ac  USBXHCI - ok
11:03:10.0483 0x33ac  [ CE0E3BA8FC974BEE5BE20E4F43A1C583, E19DE81559FD92D1F7B0ADB4297926E6971F7FCB642E11758D361FC2A22C33BB ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
11:03:10.0527 0x33ac  UserDataSvc - ok
11:03:10.0548 0x33ac  [ B8D1D74FEF1F190BA4DA7E7A72D5D9CE, F467F39EE09DDC7750BF42C3FF317E0DC324897589268B4C7B63F8E176445820 ] UserManager     C:\WINDOWS\System32\usermgr.dll
11:03:10.0583 0x33ac  UserManager - ok
11:03:10.0606 0x33ac  [ 6103984EBC387D6D27BA003EED63217D, 7F9BD12F75F98E593C753A3397EE8F9E59D944BC4EFBC52279A14BA93A7FA9AE ] UsoSvc          C:\WINDOWS\system32\usocore.dll
11:03:10.0647 0x33ac  UsoSvc - ok
11:03:10.0657 0x33ac  [ 3E283D06357616CD4117CC15BDB7C4C3, ACE50702EE61C9F93855720037898F19E509D45982F9173643EDA455F54FB9E7 ] VacSvc          C:\WINDOWS\System32\vac.dll
11:03:10.0672 0x33ac  VacSvc - ok
11:03:10.0675 0x33ac  [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
11:03:10.0683 0x33ac  VaultSvc - ok
11:03:10.0686 0x33ac  [ 8DCB7E5A9497C030484E5AD9E541B85C, 1170E5C190E2B6F2966076EFF11B8476CC03D924F43144C2936E11314A89ACA6 ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
11:03:10.0694 0x33ac  vdrvroot - ok
11:03:10.0707 0x33ac  [ 4940B49502323905B66039D0D1AB4613, 963BFD563B5A79F0AE81EB9708E85901A545545D4F25FCF37A17295EE9EDA514 ] vds             C:\WINDOWS\System32\vds.exe
11:03:10.0732 0x33ac  vds - ok
11:03:10.0739 0x33ac  [ 5C25C1A89650C95D15F7988D71487B08, EC42E586309B46CF51EC5DC00362ABA82A503545292CACE7B3D23BB0F5E687B9 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
11:03:10.0749 0x33ac  VerifierExt - ok
11:03:10.0763 0x33ac  [ C1050DFCEFB6C76D554B45CF4CF51372, 52EDEFB26359A6C610F9DB02B7D3CFEFCAB72B62AB3A6B4BD26374E9A645E9BE ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
11:03:10.0782 0x33ac  vhdmp - ok
11:03:10.0786 0x33ac  [ 209A34F4BE17B0A56328C86F8CCC5577, 58F8A57233FC7DD220A6EF64FD48C2A5756B21AB30644FF6919847D13FF44F16 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
11:03:10.0795 0x33ac  vhf - ok
11:03:10.0799 0x33ac  [ 44F4ED5D8FC0CFA7C3755D44C575D994, CB52418888916D185C74992BDD7A26E13A1C60F83E5FF664A3DE00424C1C4BC6 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
11:03:10.0808 0x33ac  vmbus - ok
11:03:10.0811 0x33ac  [ E2D57FB1A62F0BB7F70570806A09CE2B, DCF1699488D913C9E94E2C74CD8606BDAFF69B995B2E3B7DE7F2E9C4D2E6ECF2 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
11:03:10.0819 0x33ac  VMBusHID - ok
11:03:10.0822 0x33ac  [ C9F69EBA06A703CE726CC6FC0AEFB5E9, 53E441D9D6017CC4BB75F41C6CB9DA79DE500CACBDDE58104D1857A2B749C373 ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
11:03:10.0834 0x33ac  vmgid - ok
11:03:10.0842 0x33ac  [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
11:03:10.0860 0x33ac  vmicguestinterface - ok
11:03:10.0867 0x33ac  [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
11:03:10.0880 0x33ac  vmicheartbeat - ok
11:03:10.0887 0x33ac  [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
11:03:10.0900 0x33ac  vmickvpexchange - ok
11:03:10.0908 0x33ac  [ DB7FB1DA7E1564EACBADD436191309C5, B567DFB5828D64A2A199C16538F3557696C3381B858420F23EABC757FDC341C2 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
11:03:10.0928 0x33ac  vmicrdv - ok
11:03:10.0936 0x33ac  [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
11:03:10.0949 0x33ac  vmicshutdown - ok
11:03:10.0956 0x33ac  [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
11:03:10.0970 0x33ac  vmictimesync - ok
11:03:10.0976 0x33ac  [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
11:03:10.0989 0x33ac  vmicvmsession - ok
11:03:10.0997 0x33ac  [ DB7FB1DA7E1564EACBADD436191309C5, B567DFB5828D64A2A199C16538F3557696C3381B858420F23EABC757FDC341C2 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
11:03:11.0011 0x33ac  vmicvss - ok
11:03:11.0016 0x33ac  [ 229CD4485458C9D11E35E1F00F21857D, C939BD79471A1D6EC617BAD840ED678D1EE508AFC19187BC7CD0FB4223EF7A91 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
11:03:11.0024 0x33ac  volmgr - ok
11:03:11.0033 0x33ac  [ 1514506CA7462A64DC38C48108DDBB45, DEE5D7B79962D9EB6D92FCF870CA1B06FE68CE6AE25F82A5B449445C99E76D2A ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
11:03:11.0045 0x33ac  volmgrx - ok
11:03:11.0055 0x33ac  [ F0EE4E6028CCA58BEA9A04E7BEAB7DB4, 628D0E3D60256B914E46C26BCE8F512DFE0409C34EA603EB0A20C80EB469A4D2 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
11:03:11.0068 0x33ac  volsnap - ok
11:03:11.0072 0x33ac  [ 77FD1607F2C371ABD241EC7699C58884, A6FE00D76C615DC641A667EB9B6824C992ED752A31A89AE3FE43BAE5462F3EB7 ] volume          C:\WINDOWS\system32\drivers\volume.sys
11:03:11.0079 0x33ac  volume - ok
11:03:11.0083 0x33ac  [ CB90DACF9194DD9D60A2C1DBFBC1E0D1, BE454495C79857FD8DF4ABAF5BDB7D076467BBC27B31E87FA9D920F2001B670D ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
11:03:11.0090 0x33ac  vpci - ok
11:03:11.0096 0x33ac  [ ED0B3436E1DE601C6C8EB86789AC8BAB, 0CD186B09903A1D3748A3258D8B84557F3674DA04FEB8EFA24AE81FFE376265C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
11:03:11.0105 0x33ac  vsmraid - ok
11:03:11.0129 0x33ac  [ C7053D974A35EAB81F153FF33C883613, 9D89DC644971F93931D0E59D42ADE0A4AB49A5490709B46FCBBC309041C5432D ] VSS             C:\WINDOWS\system32\vssvc.exe
11:03:11.0174 0x33ac  VSS - ok
11:03:11.0183 0x33ac  [ 3D706FBED35DF3B17809C6714F31F9B0, BBC337479DEB628721E651FC165EA01D986E31950189F1A81534922667101487 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
11:03:11.0195 0x33ac  VSTXRAID - ok
11:03:11.0199 0x33ac  [ 0B11DBB8173AD374D67893D54EBEE9F3, AB8B6FC81244729157E59D062FCC234FD7E818804D94AA6B7BF81E01B7922395 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
11:03:11.0208 0x33ac  vwifibus - ok
11:03:11.0212 0x33ac  [ 95540F74893235C189409C98643D7A77, 4F041301C95F55C8448C3CC5825ED9E631E770BA35BEC8498A0ABB3563584AAE ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
11:03:11.0223 0x33ac  vwififlt - ok
11:03:11.0226 0x33ac  [ 60A14582772A4DF0D0BE27B3F873BE6B, 93DB43D2F4B985A3FF1A152ADEDBB52567CCC29B899F96F8BA0FA9558EF2DF6D ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
11:03:11.0236 0x33ac  vwifimp - ok
11:03:11.0249 0x33ac  [ 4F904ADE8BECDFB48CBA3F44FC0676A1, 2C3D619E9AD0D0DAEC0D170795FD6E5B7FE3FC667C947660320A9BC671B55736 ] W32Time         C:\WINDOWS\system32\w32time.dll
11:03:11.0272 0x33ac  W32Time - ok
11:03:11.0282 0x33ac  [ 1C8447EFBC2B36B1CFE889E519F46A6E, 2601185B01909682FB921400C26BE6391AC93F72E84E70E2F49B4059987E191E ] WaaSMedicSvc    C:\WINDOWS\System32\WaaSMedicSvc.dll
11:03:11.0302 0x33ac  WaaSMedicSvc - ok
11:03:11.0305 0x33ac  [ 87A01F65BD16C9FCCDD1B65F56CB93B0, E84B46DB67F2FCB22DB7130570FE7211FC96A806AC9D1D69D187899C93785CB2 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
11:03:11.0314 0x33ac  WacomPen - ok
11:03:11.0325 0x33ac  [ 25FAB8A2CFFA21FDB472AB3AE6C17A57, C97E651111643F32FD5B94BEDA31D62E6FF83CA0644FFE8BA98463EC9EA6EF9B ] WalletService   C:\WINDOWS\system32\WalletService.dll
11:03:11.0345 0x33ac  WalletService - ok
11:03:11.0350 0x33ac  [ 85E187443F68F285DB78BD2279AE3701, FAC03A162CF07FCC6BDB4E45F5EDF16D48BE10D95F73A74E9BADA62EC7F24B53 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:03:11.0362 0x33ac  wanarp - ok
11:03:11.0366 0x33ac  [ 85E187443F68F285DB78BD2279AE3701, FAC03A162CF07FCC6BDB4E45F5EDF16D48BE10D95F73A74E9BADA62EC7F24B53 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:03:11.0375 0x33ac  wanarpv6 - ok
11:03:11.0379 0x33ac  [ 395447583F42FD840520EE87AE439D74, 984AE1EE8BA3B8926C6FC94BC22DE9061C90C15135EA56D0F16C1D3C4EF8DAF8 ] WarpJITSvc      C:\WINDOWS\System32\Windows.WARP.JITService.dll
11:03:11.0391 0x33ac  WarpJITSvc - ok
11:03:11.0416 0x33ac  [ 6E235F75DF84C387388D23D697D6540B, 7113DD02243E9368EF3265CF5A7F991F9B4D69CAB70B1A446062F8DD714AFC8E ] wbengine        C:\WINDOWS\system32\wbengine.exe
11:03:11.0464 0x33ac  wbengine - ok
11:03:11.0482 0x33ac  [ A7C39DF528040967C2C281AB5A9DB5D0, B300F663DD45393BB86A1BFBE2EF47CD2315552B2410E3AE3F60E8294DC3E4A9 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
11:03:11.0514 0x33ac  WbioSrvc - ok
11:03:11.0520 0x33ac  [ 8A304D6CDC067922448CBA1EBB9FFCA8, DE40DD3A32DFF22C477F38B5E2224D55B8CCF2499EFFE0A8E9923728295BAEC1 ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
11:03:11.0529 0x33ac  wcifs - ok
11:03:11.0546 0x33ac  [ 2BCA9BABB5CEC329E604AE9C1DBA9D5B, 315C72B80A5E6278A725E7BD2DE0C8A2751C2A3F9B4D82F7A034B1ADDE687507 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
11:03:11.0577 0x33ac  Wcmsvc - ok
11:03:11.0588 0x33ac  [ B797B163EDCA46B5244F4E083BE7A7E7, 18D977A8015380A87EC9962273B90806145186A69F3455B3445A0FE1FE431219 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
11:03:11.0612 0x33ac  wcncsvc - ok
11:03:11.0617 0x33ac  [ FCA1B5465213EF4DE373A1F7E76D260E, 2548A9D11027871AD0290FDADF1E42E828E6120ECE925B12BAB3F09E25172489 ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
11:03:11.0631 0x33ac  wcnfs - ok
11:03:11.0635 0x33ac  [ 45545A0E3ECDC23C4E2C104674885F51, DC6042F4A10AA564461623440A6F5A63931D28643131047CF23E4CE1A9461893 ] WdBoot          C:\WINDOWS\system32\drivers\wd\WdBoot.sys
11:03:11.0652 0x33ac  WdBoot - ok
11:03:11.0670 0x33ac  [ 152926023B401D1F5F8852929572F5C3, 61D0FDB0E3A4D16FFA6852174B3824F6294502E331BB0831BCF99F049B09C328 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
11:03:11.0691 0x33ac  Wdf01000 - ok
11:03:11.0701 0x33ac  [ 9A3299DA5B85B13C38C3DAB8F80B608D, E39361AEB53A5E6C5C21A3E708088870B7080EA0CC822E8518DCB579A729FDAA ] WdFilter        C:\WINDOWS\system32\drivers\wd\WdFilter.sys
11:03:11.0712 0x33ac  WdFilter - ok
11:03:11.0717 0x33ac  [ 067D1A81B4708CA97523709FDF57B728, CA331223250B37E7D2D8B04640EDF279F7FD7336017181ECF2D3E4F82E370F97 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
11:03:11.0731 0x33ac  WdiServiceHost - ok
11:03:11.0734 0x33ac  [ 067D1A81B4708CA97523709FDF57B728, CA331223250B37E7D2D8B04640EDF279F7FD7336017181ECF2D3E4F82E370F97 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
11:03:11.0747 0x33ac  WdiSystemHost - ok
11:03:11.0762 0x33ac  [ EC1414291F8488B983005AC4B9C112C9, 6FB9B33A520808AB53F2C15EFF3ED48EFAF24A7E8F9F38C4AD48A98E24B83654 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
11:03:11.0790 0x33ac  wdiwifi - ok
11:03:11.0794 0x33ac  [ EAF4FB729E94561EE31BDE5BEF869C65, 73290250B565E0A3F453BC45E69FF16A1D964E372A15401A2D3E2CDEB4670B38 ] WdmCompanionFilter C:\WINDOWS\system32\drivers\WdmCompanionFilter.sys
11:03:11.0800 0x33ac  WdmCompanionFilter - ok
11:03:11.0804 0x33ac  [ BB1DD5254A7BBFE88F85B7EDCA3BE92A, 7B5721AAF9B8D96A2E73C50F873ACD95C0ED8F6915A16D258BDE199CC6FC9851 ] WdNisDrv        C:\WINDOWS\system32\drivers\wd\WdNisDrv.sys
11:03:11.0812 0x33ac  WdNisDrv - ok
11:03:11.0880 0x33ac  [ 3769FB7454F9BFD2860D6E1CA0D3DD24, 2E0E9650F1BE1F20D106EC38ACA36B35658F161E1901E412E5AE535F72F5B5DB ] WdNisSvc        C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\NisSrv.exe
11:03:11.0959 0x33ac  WdNisSvc - ok
11:03:11.0970 0x33ac  [ BDCC510E85F7AF152E2DFF030A526EA2, 67830B42DE20EBB30DD33093F30FBA166B27D3C1F25B52DABE1BC436671A1882 ] WebClient       C:\WINDOWS\System32\webclnt.dll
11:03:11.0984 0x33ac  WebClient - ok
11:03:11.0990 0x33ac  [ 506F0A1CCABF4428733CF854BCBB6832, 859A7E21ABB93A0AD538AAF93D32E31B961EA6012C24567B4C76A9ED8FD4AD46 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
11:03:12.0004 0x33ac  Wecsvc - ok
11:03:12.0008 0x33ac  [ D8D727E8311C86B2A993A9006A453BAC, AD6C93F5ED51C621841DF68A25D5932578FADB83689FB668D056F316A8AA749D ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
11:03:12.0019 0x33ac  WEPHOSTSVC - ok
11:03:12.0023 0x33ac  [ 30B4568D058E17500E7BF88AECEDF3F1, 612597DFAF63E55ACB80789483CBCF0E5AC5FF7607C478C61E5A86D77B169E9E ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
11:03:12.0037 0x33ac  wercplsupport - ok
11:03:12.0043 0x33ac  [ 5DDB06B07A60E7AEA69837931373C159, 4E0A3260058B19F414B5053701C4723C27735818212AB3D297F896BF4C39E536 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
11:03:12.0060 0x33ac  WerSvc - ok
11:03:12.0073 0x33ac  [ 0427A785512BB39BEA530DC5367A9A03, 8ED29AE0FDB65D4E1D8CD3FA1783D74EF7B01AB30DD1090C917A74AC88FD4C3E ] WFDSConMgrSvc   C:\WINDOWS\System32\wfdsconmgrsvc.dll
11:03:12.0097 0x33ac  WFDSConMgrSvc - ok
11:03:12.0104 0x33ac  [ C16F011763DF92A6B62705DE8FEAB5B9, EAB25EBC9910F5A6C9F082B11D68F9A616B7349590BDB8F1C1040802E4ADF97C ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
11:03:12.0114 0x33ac  WFPLWFS - ok
11:03:12.0118 0x33ac  [ 752F5931696914DF2EC0B27275C38458, 83415E7BE50D9548785FBF6550FA679E425B5990F303E2D74513275A5E1DC828 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
11:03:12.0131 0x33ac  WiaRpc - ok
11:03:12.0135 0x33ac  [ 3AE28A996C9EB8A6F2AC12BC55035126, E54227B97F42800D445241EA638EFE86A7FEC664E96A0FA38BC48DDF7DA182AD ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
11:03:12.0142 0x33ac  WIMMount - ok
11:03:12.0146 0x33ac  [ B9AD53D60DA72C194F0AA2C89136FA35, DE0DC4F2E623A2F3AB5F57010765954A77E52D995AF74F6D8A52841C941C041B ] WinDefend       C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MsMpEng.exe
11:03:12.0154 0x33ac  WinDefend - ok
11:03:12.0160 0x33ac  [ EC7C1A7397988EFAF37BF685CA25525D, 50DA7D63CDE618D6426649AED250CEBE229CBBAC718C4E3CD882D816839B4CE9 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
11:03:12.0168 0x33ac  WindowsTrustedRT - ok
11:03:12.0171 0x33ac  [ 5F0EDDA201630E132C2251BC9DA85023, 842B5CBA8C33616345EDC2F91B560416AAEAAB15A8CE1F36978B251CE4CBDA16 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
11:03:12.0178 0x33ac  WindowsTrustedRTProxy - ok
11:03:12.0194 0x33ac  [ A35C57466BF5E869B5C04BEA55B966D4, 10A04A99106E3C3AB6193874A62D6D950693EBD190C344436D62703F7202DFE3 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
11:03:12.0218 0x33ac  WinHttpAutoProxySvc - ok
11:03:12.0222 0x33ac  [ 762D8D839C44C5A0BE0449AA84034522, E6602D0FDB501081DF165CE904DA0FEC75F3FE29C3B07B44DED6268612742F9C ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
11:03:12.0229 0x33ac  WinMad - ok
11:03:12.0239 0x33ac  [ 72D83880FEF0C788C5F305F330744208, 3126C2907170BBA47421D61CD6ED04DA3A3FCC66B4DBFCB4E3B56001B3BF6045 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
11:03:12.0254 0x33ac  Winmgmt - ok
11:03:12.0261 0x33ac  [ 48194110C410B335AC985D9194275A1C, 1CE64B9DD2DB4CCB3916AA4F4C5F8C71C647ABF7845D284019725761138B8A8B ] WinNat          C:\WINDOWS\system32\drivers\winnat.sys
11:03:12.0278 0x33ac  WinNat - ok
11:03:12.0318 0x33ac  [ C57185CC62AA13E4F5A989D904CC9A16, 993F27F710148335C4244AB74D4B1D232DEDB0E3D82E39093A1E422C72283D31 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
11:03:12.0390 0x33ac  WinRM - ok
11:03:12.0399 0x33ac  [ 6FA3D810FE082001B16ADE19829F1E8E, 64B420FC14AB3194D4D2907EA5BE741456928E7E3CB9CBA50FEB8677A43B1971 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
11:03:12.0410 0x33ac  WINUSB - ok
11:03:12.0414 0x33ac  [ D2D6DB37E06608A5AF5B68D8E677B219, C7AAFEE7AAF76A4DCFF4FD2EE7232501832A57E3EE92CE20FA4A5D22F03FBE45 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
11:03:12.0421 0x33ac  WinVerbs - ok
11:03:12.0437 0x33ac  [ 99C6BC8CA38A4F3F59EE239850ED22E8, F4D50D4268CAFE75314010AE53313E3EA3CA064CB55E9515508D4144903F4B4E ] wisvc           C:\WINDOWS\system32\flightsettings.dll
11:03:12.0466 0x33ac  wisvc - ok
11:03:12.0504 0x33ac  [ 4058FD1372AF428F4A0C6F9DA90375DB, 0D2F55E87EADE0E49EF5A1337147863707F57E2A7265780C9AE7F2DA82E38739 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
11:03:12.0572 0x33ac  WlanSvc - ok
11:03:12.0609 0x33ac  [ DB98D3F6AA7655AC8AE76745E553BD46, F5DA82BC6DFC3ADCAEB6634A976C15451382B5535F78EE267B5F8E37A9135FDC ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
11:03:12.0672 0x33ac  wlidsvc - ok
11:03:12.0697 0x33ac  [ 59F6A50CD336D0ADD22E3F1FC0D73957, A62469B30325965735FE76AE7D83E5D829AE09D7F0996CC0B42604E68426B088 ] wlpasvc         C:\WINDOWS\System32\lpasvc.dll
11:03:12.0737 0x33ac  wlpasvc - ok
11:03:12.0741 0x33ac  [ EAEF2A087812BB7110C744446AB731D5, F5571D3C47564DFB6182DC43CC28124892323B60C3F389599DFEC94D227B4A86 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
11:03:12.0749 0x33ac  WmiAcpi - ok
11:03:12.0757 0x33ac  [ ABAC310F5E01CBA9B33AE694F99D0977, 700CDC85479CDBF765FB1A6A389DC991FC4D2A77851A81FF80BEED921250DBF6 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
11:03:12.0771 0x33ac  wmiApSrv - ok
11:03:12.0774 0x33ac  WMPNetworkSvc - ok
11:03:12.0781 0x33ac  [ E122AD60BF4D7E4B28CCBABF33B28C1F, 1ABABE62FCC1B1A837540EE66F3EB0CE062962F05247002D61CFDE6ABB8E7E87 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
11:03:12.0791 0x33ac  Wof - ok
11:03:12.0826 0x33ac  [ 0D3303BDBC591ECF113601D7853A1AA7, 437CF89541696E0B1A8056F4A5189642FC76D762113ED4F71458AF4D72FC3E9A ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
11:03:12.0873 0x33ac  workfolderssvc - ok
11:03:12.0899 0x33ac  [ 7328299647F28A62D39F9B546BD10C02, 0BD08E05D7FF1D4BF122FF4043B4AFC019183A22FF1E6F0C973DC87471D2EB7E ] WpcMonSvc       C:\WINDOWS\System32\WpcDesktopMonSvc.dll
11:03:12.0942 0x33ac  WpcMonSvc - ok
11:03:12.0947 0x33ac  [ 25180559693250D7B7FF16A6BE7AC9BE, 1872BC298C3ED6A204B3BA2AB13D08EB9DAE5B30B7F83CA7A67BFDECA8D043AD ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
11:03:12.0963 0x33ac  WPDBusEnum - ok
11:03:12.0967 0x33ac  [ 15C1131EA0216F799C86B03EDAE0BE45, 39F50C084407BC3B498714B74DDA5D63E0539681F324A18ABBED3CD0DE5D52AA ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
11:03:12.0973 0x33ac  WpdUpFltr - ok
11:03:12.0981 0x33ac  [ 096969606BB5C4822AB020081EA07FC5, 522F372834B0497215F45ACBC417DA10DCE45C6D3C7099E47BBA18700C294B22 ] WpnService      C:\WINDOWS\system32\WpnService.dll
11:03:12.0998 0x33ac  WpnService - ok
11:03:13.0003 0x33ac  [ 8B694BC50D2D2B98311283CFE5B40EE6, 734F8985CAD99E8635ACF09309D958D2B7FB05C6FF54DBE3623DC071BECE3413 ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
11:03:13.0016 0x33ac  WpnUserService - ok
11:03:13.0021 0x33ac  [ C1C2E769FCD3B00A59FF876FB2AD4336, B4D9065268A8B3C509E9160E6F30C20F80D14876C9F6C1057245F09CEB6B0F36 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
11:03:13.0032 0x33ac  ws2ifsl - ok
11:03:13.0040 0x33ac  [ DCB549367EB94CD8AFAA28E3F77F6493, 9FD2C6E03F398E76403502CFC94EB8EBD2F90ED5E95ABA5E86C1B7F63601C43C ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
11:03:13.0056 0x33ac  wscsvc - ok
11:03:13.0059 0x33ac  [ A3317B8C6765C18F3BD9FE9DD352B05D, 8312D05F32909933FA692B893D5F6E1DC2E5908C8E590D4B6A51EA724DF4744C ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
11:03:13.0067 0x33ac  WSDPrintDevice - ok
11:03:13.0071 0x33ac  [ 3C15A5AC47B1CA4D9A9F8680E224996F, F95EC4E4E5FDFF1D68179205430AAD01A0124DBD682FAFF6270B99B4AACC793F ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
11:03:13.0083 0x33ac  WSDScan - ok
11:03:13.0085 0x33ac  WSearch - ok
11:03:13.0129 0x33ac  [ 89313A07E7FEC8E2E4352D2059939306, 68D95248CF460D673775C572BB0C929BE56A87CFCE2E4E672EA93D2A5E0A8DE1 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
11:03:13.0206 0x33ac  wuauserv - ok
11:03:13.0214 0x33ac  [ 813DC18CC654CFB1875074139B0FEFD3, 87901841AFD9224BFEC06A712BE3C2371E16D3571210D4792F91034A2B926A06 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
11:03:13.0225 0x33ac  WudfPf - ok
11:03:13.0232 0x33ac  [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
11:03:13.0247 0x33ac  WUDFRd - ok
11:03:13.0254 0x33ac  [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
11:03:13.0268 0x33ac  WUDFWpdFs - ok
11:03:13.0273 0x33ac  [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
11:03:13.0287 0x33ac  WUDFWpdMtp - ok
11:03:13.0313 0x33ac  [ FAFE3B08208AA28C82BC42731B4EEBE8, 333D9CBE6B3492BC30A7B64C1F83494B38AD2CE7C832C1D68FEBD2EB8029230D ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
11:03:13.0361 0x33ac  WwanSvc - ok
11:03:13.0366 0x33ac  [ 51D3A1E2285E2E931A553281BBA10E81, 8B371AF5E7717C53780A5C2F68400412C4DB0F01AC6551476FF062B83A7D0AC8 ] xbgm            C:\WINDOWS\system32\xbgmsvc.exe
11:03:13.0375 0x33ac  xbgm - ok
11:03:13.0394 0x33ac  [ DB952AD196A9548CF5235A71E5197F3F, 6C51EB14B2808665FCB999F376A97018F6B0A91EE6E63A25C044EA59A5713EE1 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
11:03:13.0431 0x33ac  XblAuthManager - ok
11:03:13.0454 0x33ac  [ 8C0DD7BFFF5A81AEC26AD720057F5451, 4503D4DD540DB9977BBFF3BF7E92BE9778578B769972CF8A54AF0F1FF5C79BF5 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
11:03:13.0493 0x33ac  XblGameSave - ok
11:03:13.0502 0x33ac  [ 0AA38B54EB292CB3EB13FFF948473DBA, C5256ABC0A4A2117EC6F1C88B5BFDBECAE673AD47639A274BFFF92A46452E9B0 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
11:03:13.0518 0x33ac  xboxgip - ok
11:03:13.0522 0x33ac  [ C7FEC5C0377E5598BA919B29731CA45F, C153C62742B6F981905AEF7C464761E5894260F26EE164968B21D93979376378 ] XboxGipSvc      C:\WINDOWS\System32\XboxGipSvc.dll
11:03:13.0534 0x33ac  XboxGipSvc - ok
11:03:13.0554 0x33ac  [ 3A94BD93CD2D9C34725D924230B502A5, 87AF2061D348FFFA190D0E50E6860903BED46968CF64B7765D8D80127C702E6A ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
11:03:13.0592 0x33ac  XboxNetApiSvc - ok
11:03:13.0596 0x33ac  [ CE1F78B5C1F14F74242008B2B3153FA2, 682D1F32DD1BBEB031D5129CE40D9C77D3C6CF4FB5979F1918B2482AF617B5BE ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
11:03:13.0606 0x33ac  xinputhid - ok
11:03:13.0608 0x33ac  ================ Scan global ===============================
11:03:13.0612 0x33ac  [ 44D259E3B8F950D123CBE21893CEF1AB, 94FEA350B54D1581FF07D078D25A27FE3C9F815E24D299A0504FB1153E68A903 ] C:\WINDOWS\system32\basesrv.dll
11:03:13.0616 0x33ac  [ 1C346B5D7E5336246604A9FCFCB092BC, BD0C56C943A8F23CA9CD1CE1FE4F9D2183F752B469A72D14B713301A867AE776 ] C:\WINDOWS\system32\winsrv.dll
11:03:13.0621 0x33ac  [ FE8D1AB6D6711BE791A01C17EDEBD0D6, EECE3A16DFA0BE1BB1E7B882D33FB926C90A1DCA89805DD3514FABF7C9F05253 ] C:\WINDOWS\system32\sxssrv.dll
11:03:13.0634 0x33ac  [ E2F4C75AFA20E742DE1B70372F15DCD7, 6AF120D627E26274D001A01E5CB9B165318B14B9FA8F1C8C59BF069DA1114618 ] C:\WINDOWS\system32\services.exe
11:03:13.0644 0x33ac  [ Global ] - ok
11:03:13.0644 0x33ac  ================ Scan MBR ==================================
11:03:13.0646 0x33ac  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:03:13.0692 0x33ac  \Device\Harddisk0\DR0 - ok
11:03:13.0693 0x33ac  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
11:03:13.0740 0x33ac  \Device\Harddisk1\DR1 - ok
11:03:13.0741 0x33ac  ================ Scan VBR ==================================
11:03:13.0742 0x33ac  [ 6BDAFF64B9109E32EE98849218331D25 ] \Device\Harddisk0\DR0\Partition1
11:03:13.0743 0x33ac  \Device\Harddisk0\DR0\Partition1 - ok
11:03:13.0745 0x33ac  [ 138AB482466209A7CBBE952DB0749CC1 ] \Device\Harddisk0\DR0\Partition2
11:03:13.0746 0x33ac  \Device\Harddisk0\DR0\Partition2 - ok
11:03:13.0747 0x33ac  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
11:03:13.0747 0x33ac  \Device\Harddisk1\DR1\Partition1 - ok
11:03:13.0749 0x33ac  [ C70A940300B28AC4F33372C3F8EBDFC1 ] \Device\Harddisk1\DR1\Partition2
11:03:13.0750 0x33ac  \Device\Harddisk1\DR1\Partition2 - ok
11:03:13.0750 0x33ac  ================ Scan generic autorun ======================
11:03:13.0751 0x33ac  SecurityHealth - ok
11:03:13.0874 0x33ac  [ 4D62F6CF3EE29F70FD4788447FFC0565, 3717CA7EA3CD80D63970DF5357EAA1B49A061384A2DA42F0290168308FB4D3AF ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
11:03:14.0010 0x33ac  RTHDVCPL - ok
11:03:14.0039 0x33ac  [ 4CA76F482B73FB396C8E7145C83BFEBC, 77D11B9029B611C826A1C3F27B0130134C45C6C076CA373E6FB3AF4C46FFA6F1 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
11:03:14.0066 0x33ac  RtHDVBg - ok
11:03:14.0074 0x33ac  [ B3E7F1FBF29EF94A797238B9ACB8D993, AB639B4D972E4FB1A4030C9269078138EABC82A517F39AFDFB77CC70FA5D247A ] C:\Program Files\iTunes\iTunesHelper.exe
11:03:14.0084 0x33ac  iTunesHelper - ok
11:03:14.0105 0x33ac  [ 0BA2D83CC927053D6EBE5EB78E87E809, 86585BFC7B2C3E1D4A725B93C7CE105DDEC585725602814E8A586444B564927F ] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
11:03:14.0130 0x33ac  CanonQuickMenu - ok
11:03:14.0140 0x33ac  [ B793DDE01D181ED91F333BF10FE2FC50, F9BA0FD8EC0C0E9D7E5969BC9ED0D0322EDFC8E65B11F642A7118B41F5BF197F ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
11:03:14.0151 0x33ac  IJNetworkScannerSelectorEX - ok
11:03:14.0159 0x33ac  [ 7EE1757A50F7C13C0A1BFE58763A2AD3, 322091A9F2287A6782143D2D5D962E7A7C08467D749F0811DBE8F14856B5B817 ] C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe
11:03:14.0166 0x33ac  LexwareInfoService - ok
11:03:14.0177 0x33ac  [ 2C8D607BF6C02FA761EEF97D5F321D70, F1834FB3302A495991E1BF17C055145FA755B5916850910A635E13E8BA85EFE6 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
11:03:14.0191 0x33ac  SunJavaUpdateSched - ok
11:03:14.0468 0x33ac  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
11:03:14.0790 0x33ac  OneDriveSetup - ok
11:03:14.0815 0x33ac  [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
11:03:14.0843 0x33ac  WAB Migrate - ok
11:03:15.0112 0x33ac  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
11:03:15.0392 0x33ac  OneDriveSetup - ok
11:03:15.0417 0x33ac  [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
11:03:15.0435 0x33ac  WAB Migrate - ok
11:03:15.0462 0x33ac  [ A9620DF3B8AE68B0DD2881BF1805B86B, 1895C0A5B049CC2C9C9AC92AF103E1703379AD84766352E83F98A088B5A6612E ] C:\Users\Menden\AppData\Local\Microsoft\OneDrive\OneDrive.exe
11:03:15.0492 0x33ac  OneDrive - ok
11:03:15.0496 0x33ac  Skype - ok
11:03:15.0500 0x33ac  [ CC436BB2A26391F3DEBE316F6FB0474F, 2DA63827AD1449CA5F2888ADFA9645F1EAF8B39D26EC214441EE80F3A56E6E72 ] C:\Users\Menden\AppData\Local\Microsoft\BingSvc\BingSvc.exe
11:03:15.0509 0x33ac  BingSvc - ok
11:03:15.0512 0x33ac  Spotify - ok
11:03:15.0526 0x33ac  [ 74C0393FE87102512E37D2451CF41488, FB794823ACAD9437D5BF38A76D6B482A0FC4CA5AAF19B975305F85888859377B ] C:\Users\Menden\AppData\Roaming\Spotify\SpotifyWebHelper.exe
11:03:15.0544 0x33ac  Spotify Web Helper - ok
11:03:15.0571 0x33ac  [ A9620DF3B8AE68B0DD2881BF1805B86B, 1895C0A5B049CC2C9C9AC92AF103E1703379AD84766352E83F98A088B5A6612E ] C:\Users\Vivien\AppData\Local\Microsoft\OneDrive\OneDrive.exe
11:03:15.0601 0x33ac  OneDrive - ok
11:03:15.0603 0x33ac  Waiting for KSN requests completion. In queue: 264
11:03:16.0629 0x33ac  AV detected via SS2: Windows Defender, windowsdefender:// (  ), 0x61100 ( enabled : updated )
11:03:16.0639 0x33ac  Win FW state via NFP2: enabled ( trusted )
11:03:16.0778 0x33ac  ============================================================
11:03:16.0778 0x33ac  Scan finished
11:03:16.0778 0x33ac  ============================================================
11:03:16.0784 0x3354  Detected object count: 0
11:03:16.0784 0x3354  Actual detected object count: 0

Alt 28.05.2018, 12:07   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung) - Standard

Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung)


Keine Schädlinge! Ich wette, du hast kein Schädlingsproblem sondern ein zerschossenes Windows oder defekte Hardware.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 28.05.2018, 13:19   #10
Stage2009
 
Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung) - Standard

Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung) [gelöst]


ok, dass ist ja schon mal ne Aussage. Also wären wir dann hier durch?

LG

Alt 28.05.2018, 13:46   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung) - Standard

Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung) [gelöst]


Ich verschiebe jetzt nach Windows...
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung)
administrator, adobe, bonjour, canon, defender, explorer, festgestellt, home, homepage, hängen, ics, keine rückmeldung, langsam, microsoft, mozilla, prozesse, realtek, registry, scan, schutz, security, software, system, system32, treiber, windows


« Deinstallation fehlerhafter Updates schlägt fehl | Windows 10 pro, DELL inspiron 17-7779 sporadisch sehr langsam »


Ähnliche Themen: Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung)


  1. WIN7 wlan verbindung dauert 2 min, nicht angezeigter Hintergrundprozess bei shut down, IE sehr oft keine Rückmeldung
    Alles rund um Windows - 02.01.2018 (5)
  2. Windows 7 - Oft "Keine Rückmeldung", I-net Seitenaufbau sehr lange, Videos streamen schlecht.
    Plagegeister aller Art und deren Bekämpfung - 05.05.2017 (20)
  3. Notebook sehr langsam / Keine Rückmeldung
    Log-Analyse und Auswertung - 31.10.2015 (7)
  4. Windows 7:GVU Trojaner mit Sperrschirm frst datei erstellt und wie geht es weiter
    Log-Analyse und Auswertung - 07.03.2015 (14)
  5. Pc sehr langsam,hängt und immer keine rückmeldung
    Log-Analyse und Auswertung - 14.11.2014 (5)
  6. Pc wird immer langsamer, Programme zeigen "keine Rückmeldung"
    Log-Analyse und Auswertung - 13.06.2014 (9)
  7. Windows 8 - Firefox - KEINE RÜCKMELDUNG
    Alles rund um Windows - 15.12.2013 (1)
  8. Windows Vista: PC immer langsamer & Programme melden gehäuft "keine Rückmeldung"
    Log-Analyse und Auswertung - 09.09.2013 (15)
  9. Keine Rückmeldung bei Windows 7
    Alles rund um Windows - 21.01.2013 (14)
  10. Langsamer PC, oft Keine Rückmeldung
    Plagegeister aller Art und deren Bekämpfung - 08.10.2012 (31)
  11. Windows 7 HP 64 Bit SP1 (keine Rückmeldung)
    Log-Analyse und Auswertung - 02.10.2012 (19)
  12. PC wird langsamer, Programme hängen sich öfters auf (=keine Rückmeldung)etc.
    Log-Analyse und Auswertung - 05.10.2011 (7)
  13. svchost.exe - (keine Rückmeldung) Windows 7 Home Premium 64 Bit
    Plagegeister aller Art und deren Bekämpfung - 27.02.2011 (1)
  14. Firefox plötzlich sehr langsam! (Keine Rückmeldung)
    Log-Analyse und Auswertung - 25.01.2011 (9)
  15. Windows 7 Problem (Keine Rückmeldung)
    Log-Analyse und Auswertung - 16.02.2010 (4)
  16. Laptop seit einiger Zeit sehr langsam! - Keine Rückmeldung
    Log-Analyse und Auswertung - 20.11.2009 (0)
  17. Sehr langsamer PC - keine Lösung gefunden!
    Log-Analyse und Auswertung - 28.05.2008 (0)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung) - Hallo zusammen, ich hoffe jemand kann mir helfen. Meine Lebensgefährtin und ich nutzen gemeinsam den PC (unterschiedliche ACC). Hauptsächlich nutze ich mein Dienstlaptop und habe nun mit erschrecken festgestellt, dass - Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung)...
Archiv
Du betrachtest: Windows 10 Home: Sehr langsamer Boot und FRST erstellt keine Additional Datei (keine Rückmeldung) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131