| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PUP.Optional bleibt hartnäckigWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
27.07.2018, 15:38
| #1 |
 |  PUP.Optional bleibt hartnäckig Vor ein paar Tagen ging bei mir während einem Besuch auf Google News-Seiten plötzlich ein neues Browserfenster auf und ich sollte ein Sicherheits-Update machen. Das kam mir verdächtig vor und und ich versuchte eine Desinfektion mit AdwCleaner, Hitman, Spybot S&D und ESET, die zunächst PUP.Optional... fanden. Nach Entfernen samt Reboot schien der Rechner wieder sauber zu sein. Dummerweise wähnte ich mich danach sicher und habe die Installationen sowie Log-Dateien gelöscht. Es war auch Ruhe, aber heute wurde ich während des Besuchs einer Google News Seite (Die Zeit) plötzlich weitergeleitet. Jetzt will ich es besser machen und bitte um fachkundige Anleitung. Danke, Gruß Claus |
|
31.07.2018, 11:06
| #2 |
| | PUP.Optional bleibt hartnäckig Sorry, die FRST Auswertungen sollten wohl mit dem ersten Beitrag eingestellt werden.
__________________Wegen der Beschränkung auf 120k Zeichen teile ich in zwei Beiträge auf. FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21.07.2018
durchgeführt von CP-MSI (Administrator) auf CP-MSI (30-07-2018 19:03:57)
Gestartet von C:\Users\CP-MSI\Desktop
Geladene Profile: CP-MSI (Verfügbare Profile: CP-MSI & Administrator)
Platform: Windows 10 Home Version 1803 17134.167 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2e329e8610bbb375\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\Everything\Everything.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(© pdfforge GmbH.) C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Portrait Displays, Inc.) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe
(Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\NisSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2e329e8610bbb375\igfxEM.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
() C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe
() C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\Everything\Everything.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9240512 2017-12-21] (Realtek Semiconductor)
HKLM\...\Run: [MsiTrueColor] => C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe [4811048 2016-09-10] (Portrait Displays, Inc.)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [301848 2016-06-16] (MSI)
HKLM\...\Run: [Nahimic2UILauncher] => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [693432 2016-12-07] ()
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-07-06] (Apple Inc.)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2199656 2018-02-09] ()
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [432776 2018-02-27] (Geek Software GmbH)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-06-26] (Apple Inc.)
HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-06-26] (Apple Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-07-16]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2017-08-24]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0bed8956-0d49-4cdf-8b0c-8665a9bad82d}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{a3ca15f9-fa8e-488c-a5ce-7309e4c5a908}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{ab800688-53bb-4caf-940d-4a481eb3c672}: [DhcpNameServer] 172.26.103.1
Tcpip\..\Interfaces\{eaf6c53f-2a0e-4bab-b265-9585337b11c5}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-2039413497-2618475307-42166365-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://oem15.msn.com/?pc=NMTE
HKU\S-1-5-21-2039413497-2618475307-42166365-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem15.msn.com/?pc=NMTE
SearchScopes: HKU\S-1-5-21-2039413497-2618475307-42166365-1001 -> DefaultScope {FD9C9E1C-CADD-4E1D-8E18-431477DE020A} URL =
SearchScopes: HKU\S-1-5-21-2039413497-2618475307-42166365-1001 -> {FD9C9E1C-CADD-4E1D-8E18-431477DE020A} URL =
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
FireFox:
========
FF DefaultProfile: v1iivgyt.default-1503386800692
FF ProfilePath: C:\Users\CP-MSI\AppData\Roaming\Mozilla\Firefox\Profiles\v1iivgyt.default-1503386800692 [2018-07-30]
FF Homepage: Mozilla\Firefox\Profiles\v1iivgyt.default-1503386800692 -> hxxps://google.de/
FF Extension: (WebCompat Reporter) - C:\Program Files\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi [2018-07-06] [Legacy] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-11] ()
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-25] (Intel Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-07-05] (Apple Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 Everything; C:\Program Files\Everything\Everything.exe [2199656 2018-02-09] ()
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [541896 2018-04-19] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [976848 2016-01-14] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-02-05] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-02-05] (Intel Corporation) [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-02-12] (Intel Corporation)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2327488 2018-03-06] (Rivet Networks)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [454872 2016-02-13] (Rivet Networks)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2016-06-16] (Micro-Star International Co., Ltd.) [Datei ist nicht signiert]
R2 MSITrueColorService; C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe [180520 2016-09-10] (Portrait Displays, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265864 2018-03-19] ()
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2017-04-13] (Electronic Arts)
R2 PDF Architect 5 Manager; C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (© pdfforge GmbH.)
S2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [432776 2018-02-27] (Geek Software GmbH)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SynTPEnhService; C:\WINDOWS\System32\SynTPEnhService.exe [360456 2018-05-16] (Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\NisSrv.exe [3925648 2018-06-26] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MsMpEng.exe [100080 2018-06-26] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848328 2018-03-19] (Intel® Corporation)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [144456 2016-02-12] (Rivet Networks, LLC.)
S3 CBUSB; C:\WINDOWS\System32\drivers\CBUSB_64.sys [76648 2018-03-05] (MARX CryptoTech LP)
R3 e2xw10x64; C:\WINDOWS\System32\drivers\e2xw10x64.sys [165608 2017-10-25] (Qualcomm Atheros, Inc.)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2017-10-28] (REALiX(tm))
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136216 2018-04-19] (Intel Corporation)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8623128 2018-04-04] (Intel Corporation)
R3 NIWinCDEmu; C:\WINDOWS\System32\drivers\NIWinCDEmu.sys [112408 2016-09-07] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmi.inf_amd64_c0371d6f71af28d4\nvlddmkm.sys [16936528 2018-01-02] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-08-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-08-18] (NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 RfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\RfeCo10X64.sys [141480 2018-03-06] (Rivet Networks, LLC.)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [416472 2016-07-12] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [56840 2018-05-16] (Synaptics Incorporated)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46896 2018-04-16] ()
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [47944 2018-01-10] (SteelSeries ApS)
R3 ssps2; C:\WINDOWS\System32\drivers\ssps2.sys [38688 2017-06-02] (SteelSeries ApS)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46592 2018-06-26] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-06-26] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59944 2018-06-26] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-07-30 19:03 - 2018-07-30 19:04 - 000020045 _____ C:\Users\CP-MSI\Desktop\FRST.txt
2018-07-30 19:03 - 2018-07-30 19:03 - 002412544 _____ (Farbar) C:\Users\CP-MSI\Desktop\FRST64.exe
2018-07-27 21:32 - 2018-07-27 21:32 - 000016741 _____ C:\Users\CP-MSI\AppData\Local\recently-used.xbel
2018-07-27 19:58 - 2018-07-27 19:58 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-07-27 19:58 - 2018-07-27 19:58 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-07-27 15:45 - 2018-07-27 15:45 - 000000085 _____ C:\WINDOWS\wininit.ini
2018-07-25 22:40 - 2018-07-25 22:47 - 000000000 ____D C:\ProgramData\HitmanPro
2018-07-25 22:31 - 2018-07-30 19:03 - 000000000 ____D C:\FRST
2018-07-25 22:15 - 2018-07-25 22:18 - 000000000 ____D C:\AdwCleaner
2018-07-23 23:31 - 2015-10-30 09:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20180723-233127.backup
2018-07-23 22:53 - 2018-07-27 15:45 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-07-23 22:53 - 2018-07-27 15:45 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-07-23 22:53 - 2018-07-23 22:53 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2018-07-18 16:28 - 2018-07-13 22:29 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-07-18 16:28 - 2018-07-13 22:29 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-07-18 16:28 - 2018-07-13 19:41 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-07-18 16:28 - 2018-07-13 13:05 - 005779456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-07-18 16:28 - 2018-07-13 12:58 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-07-18 16:28 - 2018-07-13 06:39 - 001040328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-07-18 16:28 - 2018-07-13 06:38 - 001174456 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-07-18 16:28 - 2018-07-13 06:37 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-07-18 16:28 - 2018-07-13 06:37 - 000269216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-07-18 16:28 - 2018-07-13 06:36 - 000134560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-07-18 16:28 - 2018-07-13 06:34 - 000709816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-07-18 16:28 - 2018-07-13 06:33 - 001063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-07-18 16:28 - 2018-07-13 06:33 - 001012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-07-18 16:28 - 2018-07-13 06:33 - 000567176 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-07-18 16:28 - 2018-07-13 06:32 - 000170904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-07-18 16:28 - 2018-07-13 06:31 - 009147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-07-18 16:28 - 2018-07-13 06:31 - 000713368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-07-18 16:28 - 2018-07-13 06:30 - 002718624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-07-18 16:28 - 2018-07-13 06:30 - 001097672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-07-18 16:28 - 2018-07-13 06:03 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-07-18 16:28 - 2018-07-13 06:03 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-07-18 16:28 - 2018-07-13 06:02 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-07-18 16:28 - 2018-07-13 06:01 - 007579648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-07-18 16:28 - 2018-07-13 06:00 - 002172416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-07-18 16:28 - 2018-07-13 06:00 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-07-18 16:28 - 2018-07-13 05:59 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-07-18 16:28 - 2018-07-13 05:59 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-07-18 16:28 - 2018-07-13 05:20 - 001129640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-07-18 16:28 - 2018-07-13 05:17 - 000581696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-07-18 16:28 - 2018-07-13 05:06 - 001295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-07-18 16:28 - 2018-07-13 04:44 - 000001308 _____ C:\WINDOWS\system32\tcbres.wim
2018-07-18 16:28 - 2018-07-11 12:23 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-07-18 16:28 - 2018-07-11 11:24 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-07-13 16:58 - 2018-07-29 12:46 - 000001110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2018-07-13 11:19 - 2018-07-30 17:05 - 000000000 ____D C:\Users\CP-MSI\AppData\Roaming\Everything
2018-07-13 11:19 - 2018-07-30 17:05 - 000000000 ____D C:\Users\CP-MSI\AppData\Local\Everything
2018-07-13 11:19 - 2018-07-13 11:19 - 000000000 ____D C:\Users\CP-MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2018-07-13 11:19 - 2018-07-13 11:19 - 000000000 ____D C:\Program Files\Everything
2018-07-11 23:15 - 2018-07-06 16:20 - 002868640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-07-11 23:15 - 2018-07-06 16:20 - 001610648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-07-11 23:15 - 2018-07-06 16:20 - 000792472 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-07-11 23:15 - 2018-07-06 16:20 - 000689560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-07-11 23:15 - 2018-07-06 16:20 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-07-11 23:15 - 2018-07-06 16:20 - 000451992 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-07-11 23:15 - 2018-07-06 16:17 - 003932672 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-07-11 23:15 - 2018-07-06 15:56 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-07-11 23:15 - 2018-07-06 15:52 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-07-11 23:15 - 2018-07-06 15:51 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-07-11 23:15 - 2018-07-06 15:51 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-07-11 23:15 - 2018-07-06 14:06 - 003611368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-07-11 23:15 - 2018-07-06 13:26 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-07-11 23:15 - 2018-07-06 13:25 - 023863296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-07-11 23:15 - 2018-07-06 09:31 - 000462752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-07-11 23:15 - 2018-07-06 09:25 - 002753040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-07-11 23:15 - 2018-07-06 09:25 - 002571728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-07-11 23:15 - 2018-07-06 09:25 - 002420632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-07-11 23:15 - 2018-07-06 09:25 - 001018616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-07-11 23:15 - 2018-07-06 09:24 - 000380824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-07-11 23:15 - 2018-07-06 09:14 - 002242208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-07-11 23:15 - 2018-07-06 09:14 - 001981896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-07-11 23:15 - 2018-07-06 09:14 - 001175568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-07-11 23:15 - 2018-07-06 09:13 - 001620872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-07-11 23:15 - 2018-07-06 09:10 - 025845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-07-11 23:15 - 2018-07-06 09:07 - 022006272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-07-11 23:15 - 2018-07-06 09:04 - 022713856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-07-11 23:15 - 2018-07-06 09:03 - 004371456 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-07-11 23:15 - 2018-07-06 09:02 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-07-11 23:15 - 2018-07-06 09:01 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-07-11 23:15 - 2018-07-06 09:01 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-07-11 23:15 - 2018-07-06 09:00 - 019403264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-07-11 23:15 - 2018-07-06 08:59 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-07-11 23:15 - 2018-07-06 08:58 - 004867584 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-07-11 23:15 - 2018-07-06 08:58 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-07-11 23:15 - 2018-07-06 08:57 - 003712512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-07-11 23:15 - 2018-07-06 08:56 - 001817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-07-11 23:15 - 2018-07-06 08:55 - 003440128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-07-11 23:15 - 2018-07-06 08:55 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-07-11 23:15 - 2018-07-06 08:55 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-07-11 23:15 - 2018-07-06 08:55 - 001395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-07-11 23:15 - 2018-07-06 08:54 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-07-11 23:15 - 2018-07-06 08:54 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-07-11 23:15 - 2018-07-06 08:54 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-07-11 23:15 - 2018-06-15 19:50 - 001376576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-07-11 23:15 - 2018-06-15 19:49 - 021388856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-07-11 23:15 - 2018-06-15 19:48 - 002395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-07-11 23:15 - 2018-06-15 19:34 - 008623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-07-11 23:15 - 2018-06-15 19:33 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-07-11 23:15 - 2018-06-15 19:30 - 001308672 _____ C:\WINDOWS\system32\FaceProcessor.dll
2018-07-11 23:15 - 2018-06-15 19:30 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-07-11 23:15 - 2018-06-15 19:30 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-07-11 23:15 - 2018-06-15 17:25 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-07-11 23:15 - 2018-06-15 17:07 - 011901952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-07-11 23:15 - 2018-06-15 17:02 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-07-11 23:15 - 2018-06-15 07:21 - 001213368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-07-11 23:15 - 2018-06-15 07:15 - 002563960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-07-11 23:15 - 2018-06-15 07:12 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-07-11 23:15 - 2018-06-15 07:11 - 006817872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-07-11 23:15 - 2018-06-15 07:09 - 007436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-07-11 23:15 - 2018-06-15 07:09 - 002830240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-07-11 23:15 - 2018-06-15 07:09 - 002546592 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-07-11 23:15 - 2018-06-15 07:09 - 001798552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-07-11 23:15 - 2018-06-15 07:09 - 001659296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-07-11 23:15 - 2018-06-15 07:09 - 001209800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-07-11 23:15 - 2018-06-15 07:08 - 004403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-07-11 23:15 - 2018-06-15 07:08 - 002371392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-07-11 23:15 - 2018-06-15 07:08 - 001946752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-07-11 23:15 - 2018-06-15 07:08 - 001784584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-07-11 23:15 - 2018-06-15 07:08 - 001288840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-07-11 23:15 - 2018-06-15 07:07 - 001611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2018-07-11 23:15 - 2018-06-15 07:07 - 001145696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-07-11 23:15 - 2018-06-15 07:04 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-07-11 23:15 - 2018-06-15 07:04 - 001462824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-07-11 23:15 - 2018-06-15 07:03 - 006572000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-07-11 23:15 - 2018-06-15 07:03 - 006528600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-07-11 23:15 - 2018-06-15 07:03 - 006043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-07-11 23:15 - 2018-06-15 07:03 - 004788504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-07-11 23:15 - 2018-06-15 07:03 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-07-11 23:15 - 2018-06-15 07:03 - 001710240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2018-07-11 23:15 - 2018-06-15 07:03 - 001380192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-07-11 23:15 - 2018-06-15 07:03 - 001144120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-07-11 23:15 - 2018-06-15 07:03 - 001020160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-07-11 23:15 - 2018-06-15 06:49 - 002962944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-07-11 23:15 - 2018-06-15 06:48 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-07-11 23:15 - 2018-06-15 06:46 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-07-11 23:15 - 2018-06-15 06:46 - 004333568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-07-11 23:15 - 2018-06-15 06:45 - 002548736 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2018-07-11 23:15 - 2018-06-15 06:44 - 001632256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-07-11 23:15 - 2018-06-15 06:42 - 002367488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-07-11 23:15 - 2018-06-15 06:41 - 004561920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-07-11 23:15 - 2018-06-15 06:41 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-07-11 23:15 - 2018-06-15 06:41 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-07-11 23:15 - 2018-06-15 06:40 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-07-11 23:15 - 2018-06-15 06:39 - 002903040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-07-11 23:15 - 2018-06-15 06:38 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-07-11 23:15 - 2018-06-15 06:38 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-07-11 23:15 - 2018-06-15 06:37 - 001374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-07-11 23:14 - 2018-07-06 16:20 - 000309664 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-07-11 23:14 - 2018-07-06 16:20 - 000144792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-07-11 23:14 - 2018-07-06 16:20 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-07-11 23:14 - 2018-07-06 16:14 - 000541592 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-07-11 23:14 - 2018-07-06 15:53 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-07-11 23:14 - 2018-07-06 15:53 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-07-11 23:14 - 2018-07-06 15:53 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-07-11 23:14 - 2018-07-06 15:52 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-07-11 23:14 - 2018-07-06 15:51 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-07-11 23:14 - 2018-07-06 15:50 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-07-11 23:14 - 2018-07-06 15:49 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-07-11 23:14 - 2018-07-06 13:54 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-07-11 23:14 - 2018-07-06 13:53 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-07-11 23:14 - 2018-07-06 13:53 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-07-11 23:14 - 2018-07-06 13:52 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-07-11 23:14 - 2018-07-06 13:52 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-07-11 23:14 - 2018-07-06 13:52 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-07-11 23:14 - 2018-07-06 13:51 - 002401280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-07-11 23:14 - 2018-07-06 13:51 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-07-11 23:14 - 2018-07-06 09:32 - 000480672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-07-11 23:14 - 2018-07-06 09:31 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-07-11 23:14 - 2018-07-06 09:27 - 000057440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.ShellCommon.Broker.dll
2018-07-11 23:14 - 2018-07-06 09:26 - 001148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-07-11 23:14 - 2018-07-06 09:26 - 000930720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-07-11 23:14 - 2018-07-06 09:26 - 000766608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-07-11 23:14 - 2018-07-06 09:25 - 001945784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-07-11 23:14 - 2018-07-06 09:25 - 001026464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-07-11 23:14 - 2018-07-06 09:25 - 000885856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-07-11 23:14 - 2018-07-06 09:25 - 000483048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-07-11 23:14 - 2018-07-06 09:25 - 000335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-07-11 23:14 - 2018-07-06 09:25 - 000267680 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-07-11 23:14 - 2018-07-06 09:25 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-07-11 23:14 - 2018-07-06 09:16 - 000567144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-07-11 23:14 - 2018-07-06 09:14 - 000988640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-07-11 23:14 - 2018-07-06 09:14 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-07-11 23:14 - 2018-07-06 09:14 - 000573904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-07-11 23:14 - 2018-07-06 09:01 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2018-07-11 23:14 - 2018-07-06 09:01 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2018-07-11 23:14 - 2018-07-06 09:00 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2018-07-11 23:14 - 2018-07-06 09:00 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2018-07-11 23:14 - 2018-07-06 09:00 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2018-07-11 23:14 - 2018-07-06 09:00 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2018-07-11 23:14 - 2018-07-06 09:00 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsTelemetry.dll
2018-07-11 23:14 - 2018-07-06 09:00 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2018-07-11 23:14 - 2018-07-06 08:59 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-07-11 23:14 - 2018-07-06 08:59 - 001153536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2018-07-11 23:14 - 2018-07-06 08:59 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2018-07-11 23:14 - 2018-07-06 08:59 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2018-07-11 23:14 - 2018-07-06 08:59 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Geolocation.dll
2018-07-11 23:14 - 2018-07-06 08:59 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2018-07-11 23:14 - 2018-07-06 08:59 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2018-07-11 23:14 - 2018-07-06 08:59 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2018-07-11 23:14 - 2018-07-06 08:58 - 001931776 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeangle.dll
2018-07-11 23:14 - 2018-07-06 08:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-07-11 23:14 - 2018-07-06 08:58 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-07-11 23:14 - 2018-07-06 08:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-07-11 23:14 - 2018-07-06 08:58 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2018-07-11 23:14 - 2018-07-06 08:58 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
2018-07-11 23:14 - 2018-07-06 08:58 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-07-11 23:14 - 2018-07-06 08:58 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2018-07-11 23:14 - 2018-07-06 08:58 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-07-11 23:14 - 2018-07-06 08:58 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2018-07-11 23:14 - 2018-07-06 08:57 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2018-07-11 23:14 - 2018-07-06 08:57 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-07-11 23:14 - 2018-07-06 08:57 - 000676864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Devices.dll
2018-07-11 23:14 - 2018-07-06 08:57 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-07-11 23:14 - 2018-07-06 08:57 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-07-11 23:14 - 2018-07-06 08:57 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-07-11 23:14 - 2018-07-06 08:57 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2018-07-11 23:14 - 2018-07-06 08:56 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-07-11 23:14 - 2018-07-06 08:56 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-07-11 23:14 - 2018-07-06 08:56 - 001567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2018-07-11 23:14 - 2018-07-06 08:56 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-07-11 23:14 - 2018-07-06 08:56 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-07-11 23:14 - 2018-07-06 08:56 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-07-11 23:14 - 2018-07-06 08:56 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-07-11 23:14 - 2018-07-06 08:56 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2018-07-11 23:14 - 2018-07-06 08:56 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2018-07-11 23:14 - 2018-07-06 08:56 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-07-11 23:14 - 2018-07-06 08:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-07-11 23:14 - 2018-07-06 08:56 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2018-07-11 23:14 - 2018-07-06 08:56 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2018-07-11 23:14 - 2018-07-06 08:56 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2018-07-11 23:14 - 2018-07-06 08:56 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-07-11 23:14 - 2018-07-06 08:55 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-07-11 23:14 - 2018-07-06 08:55 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-07-11 23:14 - 2018-07-06 08:55 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-07-11 23:14 - 2018-07-06 08:55 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-07-11 23:14 - 2018-07-06 08:54 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-07-11 23:14 - 2018-07-06 08:54 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-07-11 23:14 - 2018-07-06 08:54 - 000999936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-07-11 23:14 - 2018-07-06 08:54 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-07-11 23:14 - 2018-07-06 08:54 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-07-11 23:14 - 2018-07-06 08:54 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-07-11 23:14 - 2018-07-06 08:54 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-07-11 23:14 - 2018-07-06 08:54 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-07-11 23:14 - 2018-07-06 08:54 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-07-11 23:14 - 2018-07-06 08:54 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2018-07-11 23:14 - 2018-07-06 08:54 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2018-07-11 23:14 - 2018-07-06 08:53 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-07-11 23:14 - 2018-07-06 08:53 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-07-11 23:14 - 2018-07-06 08:53 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-07-11 23:14 - 2018-07-06 08:53 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-07-11 23:14 - 2018-07-06 08:52 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-07-11 23:14 - 2018-06-15 19:55 - 000542888 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2018-07-11 23:14 - 2018-06-15 19:53 - 000348256 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-07-11 23:14 - 2018-06-15 19:53 - 000094104 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-07-11 23:14 - 2018-06-15 19:48 - 000338352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2018-07-11 23:14 - 2018-06-15 19:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-07-11 23:14 - 2018-06-15 19:34 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\DsmUserTask.exe
2018-07-11 23:14 - 2018-06-15 19:34 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2018-07-11 23:14 - 2018-06-15 19:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2018-07-11 23:14 - 2018-06-15 19:33 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManagerAPI.dll
2018-07-11 23:14 - 2018-06-15 19:33 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2018-07-11 23:14 - 2018-06-15 19:32 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2018-07-11 23:14 - 2018-06-15 19:32 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2018-07-11 23:14 - 2018-06-15 19:31 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-07-11 23:14 - 2018-06-15 19:31 - 000907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2018-07-11 23:14 - 2018-06-15 19:31 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-07-11 23:14 - 2018-06-15 19:30 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-07-11 23:14 - 2018-06-15 19:29 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-07-11 23:14 - 2018-06-15 19:29 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2018-07-11 23:14 - 2018-06-15 19:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-07-11 23:14 - 2018-06-15 19:29 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-07-11 23:14 - 2018-06-15 19:29 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2018-07-11 23:14 - 2018-06-15 19:29 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2018-07-11 23:14 - 2018-06-15 19:28 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2018-07-11 23:14 - 2018-06-15 19:28 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2018-07-11 23:14 - 2018-06-15 17:22 - 001026896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-07-11 23:14 - 2018-06-15 17:16 - 002206528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2018-07-11 23:14 - 2018-06-15 17:06 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-07-11 23:14 - 2018-06-15 17:06 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2018-07-11 23:14 - 2018-06-15 17:04 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2018-07-11 23:14 - 2018-06-15 17:04 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2018-07-11 23:14 - 2018-06-15 17:03 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2018-07-11 23:14 - 2018-06-15 17:03 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-07-11 23:14 - 2018-06-15 17:01 - 002015744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-07-11 23:14 - 2018-06-15 17:01 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2018-07-11 23:14 - 2018-06-15 15:23 - 000788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-07-11 23:14 - 2018-06-15 09:11 - 000611232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-07-11 23:14 - 2018-06-15 09:10 - 000048544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-07-11 23:14 - 2018-06-15 09:03 - 000083360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-07-11 23:14 - 2018-06-15 07:21 - 000761440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-07-11 23:14 - 2018-06-15 07:19 - 000116632 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2018-07-11 23:14 - 2018-06-15 07:19 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-07-11 23:14 - 2018-06-15 07:18 - 000228768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-07-11 23:14 - 2018-06-15 07:16 - 000562080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-07-11 23:14 - 2018-06-15 07:16 - 000433560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-07-11 23:14 - 2018-06-15 07:15 - 000753152 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-07-11 23:14 - 2018-06-15 07:13 - 000510904 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-07-11 23:14 - 2018-06-15 07:13 - 000324000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-07-11 23:14 - 2018-06-15 07:12 - 000661152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-07-11 23:14 - 2018-06-15 07:12 - 000491304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-07-11 23:14 - 2018-06-15 07:12 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-07-11 23:14 - 2018-06-15 07:12 - 000118872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2018-07-11 23:14 - 2018-06-15 07:10 - 001934400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-07-11 23:14 - 2018-06-15 07:10 - 000717208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-07-11 23:14 - 2018-06-15 07:10 - 000326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2018-07-11 23:14 - 2018-06-15 07:09 - 001742272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-07-11 23:14 - 2018-06-15 07:09 - 001112600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2018-07-11 23:14 - 2018-06-15 07:09 - 000594128 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-07-11 23:14 - 2018-06-15 07:09 - 000247984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2018-07-11 23:14 - 2018-06-15 07:08 - 002062488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-07-11 23:14 - 2018-06-15 07:08 - 001921944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-07-11 23:14 - 2018-06-15 07:08 - 001457128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-07-11 23:14 - 2018-06-15 07:08 - 001258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-07-11 23:14 - 2018-06-15 07:08 - 001150408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-07-11 23:14 - 2018-06-15 07:08 - 001140568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-07-11 23:14 - 2018-06-15 07:08 - 000983008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-07-11 23:14 - 2018-06-15 07:08 - 000945568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2018-07-11 23:14 - 2018-06-15 07:08 - 000898760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-07-11 23:14 - 2018-06-15 07:08 - 000642088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2018-07-11 23:14 - 2018-06-15 07:08 - 000604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-07-11 23:14 - 2018-06-15 07:08 - 000500552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2018-07-11 23:14 - 2018-06-15 07:08 - 000413816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-07-11 23:14 - 2018-06-15 07:08 - 000072768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2018-07-11 23:14 - 2018-06-15 07:05 - 000550608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-07-11 23:14 - 2018-06-15 07:05 - 000444240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-07-11 23:14 - 2018-06-15 07:04 - 001397192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-07-11 23:14 - 2018-06-15 07:04 - 001251736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-07-11 23:14 - 2018-06-15 07:04 - 000719552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-07-11 23:14 - 2018-06-15 07:04 - 000281080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2018-07-11 23:14 - 2018-06-15 07:04 - 000105376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2018-07-11 23:14 - 2018-06-15 07:03 - 002163184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-07-11 23:14 - 2018-06-15 07:03 - 001805752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-07-11 23:14 - 2018-06-15 07:03 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-07-11 23:14 - 2018-06-15 07:03 - 001011968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-07-11 23:14 - 2018-06-15 07:03 - 000770152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2018-07-11 23:14 - 2018-06-15 07:03 - 000472136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2018-07-11 23:14 - 2018-06-15 07:03 - 000356960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-07-11 23:14 - 2018-06-15 07:03 - 000232488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2018-07-11 23:14 - 2018-06-15 07:03 - 000129192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-07-11 23:14 - 2018-06-15 06:48 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2018-07-11 23:14 - 2018-06-15 06:47 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2018-07-11 23:14 - 2018-06-15 06:47 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2018-07-11 23:14 - 2018-06-15 06:47 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-07-11 23:14 - 2018-06-15 06:46 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2018-07-11 23:14 - 2018-06-15 06:46 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-07-11 23:14 - 2018-06-15 06:46 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2018-07-11 23:14 - 2018-06-15 06:46 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-07-11 23:14 - 2018-06-15 06:46 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-07-11 23:14 - 2018-06-15 06:45 - 000992768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-07-11 23:14 - 2018-06-15 06:45 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2018-07-11 23:14 - 2018-06-15 06:45 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-07-11 23:14 - 2018-06-15 06:45 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-07-11 23:14 - 2018-06-15 06:45 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-07-11 23:14 - 2018-06-15 06:45 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2018-07-11 23:14 - 2018-06-15 06:45 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandlerPS.dll
2018-07-11 23:14 - 2018-06-15 06:44 - 001342976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2018-07-11 23:14 - 2018-06-15 06:44 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-07-11 23:14 - 2018-06-15 06:44 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2018-07-11 23:14 - 2018-06-15 06:44 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-07-11 23:14 - 2018-06-15 06:44 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2018-07-11 23:14 - 2018-06-15 06:44 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-07-11 23:14 - 2018-06-15 06:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-07-11 23:14 - 2018-06-15 06:44 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2018-07-11 23:14 - 2018-06-15 06:43 - 001114112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2018-07-11 23:14 - 2018-06-15 06:43 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-07-11 23:14 - 2018-06-15 06:43 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2018-07-11 23:14 - 2018-06-15 06:43 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-07-11 23:14 - 2018-06-15 06:43 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2018-07-11 23:14 - 2018-06-15 06:43 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2018-07-11 23:14 - 2018-06-15 06:43 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-07-11 23:14 - 2018-06-15 06:43 - 000191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll
2018-07-11 23:14 - 2018-06-15 06:43 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-07-11 23:14 - 2018-06-15 06:43 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2018-07-11 23:14 - 2018-06-15 06:42 - 000978432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-07-11 23:14 - 2018-06-15 06:42 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2018-07-11 23:14 - 2018-06-15 06:42 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-07-11 23:14 - 2018-06-15 06:42 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-07-11 23:14 - 2018-06-15 06:42 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2018-07-11 23:14 - 2018-06-15 06:42 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-07-11 23:14 - 2018-06-15 06:42 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-07-11 23:14 - 2018-06-15 06:42 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-07-11 23:14 - 2018-06-15 06:42 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-07-11 23:14 - 2018-06-15 06:42 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-07-11 23:14 - 2018-06-15 06:42 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-07-11 23:14 - 2018-06-15 06:41 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2018-07-11 23:14 - 2018-06-15 06:41 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2018-07-11 23:14 - 2018-06-15 06:41 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-07-11 23:14 - 2018-06-15 06:41 - 000811520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2018-07-11 23:14 - 2018-06-15 06:41 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-07-11 23:14 - 2018-06-15 06:41 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-07-11 23:14 - 2018-06-15 06:41 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2018-07-11 23:14 - 2018-06-15 06:41 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-07-11 23:14 - 2018-06-15 06:41 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2018-07-11 23:14 - 2018-06-15 06:40 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-07-11 23:14 - 2018-06-15 06:40 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2018-07-11 23:14 - 2018-06-15 06:40 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2018-07-11 23:14 - 2018-06-15 06:39 - 002583552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-07-11 23:14 - 2018-06-15 06:39 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-07-11 23:14 - 2018-06-15 06:39 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-07-11 23:14 - 2018-06-15 06:39 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-07-11 23:14 - 2018-06-15 06:39 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-07-11 23:14 - 2018-06-15 06:38 - 001581568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2018-07-11 23:14 - 2018-06-15 06:38 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2018-07-11 23:14 - 2018-06-15 06:38 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-07-11 23:14 - 2018-06-15 06:38 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-07-11 23:14 - 2018-06-15 06:38 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2018-07-11 23:14 - 2018-06-15 06:38 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-07-11 23:14 - 2018-06-15 06:37 - 001069056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-07-11 23:14 - 2018-06-15 06:37 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-07-11 23:14 - 2018-06-15 06:36 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys
2018-07-11 23:14 - 2018-06-01 07:18 - 000058524 _____ C:\WINDOWS\system32\srms.dat
2018-07-11 23:14 - 2018-05-20 13:53 - 000792984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-07-11 23:14 - 2018-05-20 13:52 - 000413080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-07-10 20:07 - 2018-07-10 20:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-07-30 18:56 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-07-30 17:46 - 2016-12-16 16:16 - 000000000 ____D C:\Users\CP-MSI\AppData\Roaming\vlc
2018-07-30 17:43 - 2018-05-27 19:01 - 000665112 _____ C:\WINDOWS\ntbtlog.txt
2018-07-30 17:31 - 2016-12-16 15:22 - 000000000 ____D C:\Users\CP-MSI\AppData\LocalLow\Mozilla
2018-07-30 17:28 - 2017-08-07 17:53 - 000000000 ____D C:\ProgramData\NVIDIA
2018-07-30 17:28 - 2017-01-25 18:42 - 000000000 ___RD C:\Users\CP-MSI\iCloudDrive
2018-07-30 17:27 - 2016-12-16 15:01 - 000000000 __SHD C:\Users\CP-MSI\IntelGraphicsProfiles
2018-07-30 13:56 - 2016-12-20 11:45 - 000000350 _____ C:\WINDOWS\BRRBCOM.INI
2018-07-30 12:18 - 2018-05-20 00:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-07-30 09:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-07-29 22:46 - 2017-03-31 18:28 - 000000000 ____D C:\Users\CP-MSI\AppData\Local\Google
2018-07-29 22:46 - 2017-01-11 14:20 - 000000000 ____D C:\Program Files (x86)\Google
2018-07-29 19:29 - 2017-08-02 10:55 - 000000000 ____D C:\Users\CP-MSI\Desktop\Tp Routine
2018-07-29 12:46 - 2016-12-17 13:38 - 000000000 ____D C:\Users\CP-MSI\AppData\Roaming\Notepad++
2018-07-29 11:38 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-07-29 11:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-07-29 10:28 - 2016-12-17 16:20 - 000000000 ____D C:\Users\CP-MSI\.gimp-2.8
2018-07-27 21:32 - 2016-12-17 16:23 - 000000000 ____D C:\Users\CP-MSI\AppData\Local\gtk-2.0
2018-07-27 19:58 - 2016-12-17 13:09 - 000000000 ____D C:\Users\CP-MSI\AppData\Local\Adobe
2018-07-27 17:31 - 2016-12-17 13:10 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-07-27 16:41 - 2017-05-24 14:28 - 000000000 ____D C:\Users\CP-MSI\Desktop\Tools
2018-07-27 15:52 - 2018-05-20 00:16 - 001718588 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-07-27 15:52 - 2018-04-12 18:13 - 000743096 _____ C:\WINDOWS\system32\perfh007.dat
2018-07-27 15:52 - 2018-04-12 18:13 - 000149732 _____ C:\WINDOWS\system32\perfc007.dat
2018-07-27 15:52 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-07-27 15:45 - 2018-05-20 00:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-07-27 15:45 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-07-25 22:18 - 2017-02-15 22:16 - 000000000 ____D C:\Users\CP-MSI\AppData\Local\Downloaded Installations
2018-07-22 12:20 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-07-19 16:51 - 2018-06-23 20:59 - 000000000 ____D C:\ProgramData\Packages
2018-07-19 06:24 - 2018-05-20 00:17 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2039413497-2618475307-42166365-1001
2018-07-19 06:24 - 2018-05-20 00:08 - 000002434 _____ C:\Users\CP-MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-07-19 06:24 - 2016-12-16 15:06 - 000000000 ___RD C:\Users\CP-MSI\OneDrive
2018-07-18 17:13 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-07-18 17:13 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-07-18 16:29 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-07-17 19:40 - 2016-12-17 15:01 - 000563832 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-07-16 12:28 - 2018-05-20 00:08 - 000000000 ____D C:\Users\CP-MSI
2018-07-14 17:03 - 2016-12-30 23:08 - 000000000 ____D C:\Users\CP-MSI\AppData\Roaming\FileZilla
2018-07-14 16:04 - 2018-05-26 21:44 - 000001937 _____ C:\Users\CP-MSI\Desktop\FileZilla Client.lnk
2018-07-14 16:04 - 2016-12-30 23:07 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2018-07-14 16:03 - 2016-12-30 23:07 - 000000000 ____D C:\Users\CP-MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2018-07-13 11:20 - 2016-12-21 10:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-07-13 11:20 - 2016-12-16 15:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-07-12 01:08 - 2018-05-20 00:06 - 000634968 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-07-12 01:08 - 2017-11-22 12:21 - 000000000 ___RD C:\Users\CP-MSI\3D Objects
2018-07-12 01:08 - 2016-04-09 15:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-07-12 01:07 - 2018-04-12 18:17 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-07-12 01:07 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-07-12 01:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-07-12 01:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-07-12 01:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-07-11 23:14 - 2016-12-17 17:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-07-11 23:12 - 2016-12-17 17:36 - 134675576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-07-11 10:18 - 2018-05-20 00:17 - 000004626 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-11 10:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-07-11 10:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-07-10 22:45 - 2017-08-11 13:33 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-07-10 20:26 - 2017-01-09 15:56 - 000000000 ____D C:\Users\CP-MSI\AppData\Roaming\Audacity
2018-07-10 20:10 - 2017-11-11 20:09 - 000001826 _____ C:\Users\Public\Desktop\iTunes.lnk
2018-07-10 20:10 - 2017-07-20 12:47 - 000000000 ____D C:\Program Files\iTunes
2018-07-10 20:10 - 2017-07-20 12:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-07-10 20:10 - 2017-07-20 11:37 - 000000000 ____D C:\Program Files\iPod
2018-07-10 13:04 - 2017-04-12 10:21 - 000376832 _____ (MARX CryptoTech LP ) C:\WINDOWS\SysWOW64\MPIWIN32.DLL
2018-07-06 11:54 - 2017-08-11 13:33 - 000001015 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-12-16 15:01 - 2016-12-16 15:01 - 000003332 _____ () C:\Users\CP-MSI\installshield_scm.reg
2016-12-16 15:01 - 2016-12-16 15:01 - 000001860 _____ () C:\Users\CP-MSI\scm.reg
2018-06-13 09:01 - 2018-06-13 09:01 - 033836800 _____ (TrueFire) C:\Users\CP-MSI\AppData\Roaming\TrueFireInstaller.exe
2017-06-01 20:25 - 2018-06-05 17:56 - 000005632 _____ () C:\Users\CP-MSI\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-03-07 00:03 - 2017-03-07 00:03 - 000000001 _____ () C:\Users\CP-MSI\AppData\Local\llftool.4.40.agreement
2018-04-09 12:29 - 2018-04-09 12:29 - 000000600 _____ () C:\Users\CP-MSI\AppData\Local\PUTTY.RND
2018-07-27 21:32 - 2018-07-27 21:32 - 000016741 _____ () C:\Users\CP-MSI\AppData\Local\recently-used.xbel
2017-12-11 14:51 - 2017-12-11 14:51 - 000007643 _____ () C:\Users\CP-MSI\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
2018-07-29 12:46 - 2018-07-29 12:46 - 004264384 _____ (Don HO don.h@free.fr) C:\Users\CP-MSI\AppData\Local\Temp\npp.7.5.8.Installer.exe
2018-07-27 17:36 - 2018-07-27 17:36 - 007197480 _____ (VS Revo Group ) C:\Users\CP-MSI\AppData\Local\Temp\VSUSetup.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2018-05-20 00:06
==================== Ende von FRST.txt ============================
|
|
31.07.2018, 11:07
| #3 |
| | PUP.Optional bleibt hartnäckig ADDITION.txt
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21.07.2018
durchgeführt von CP-MSI (30-07-2018 19:04:34)
Gestartet von C:\Users\CP-MSI\Desktop
Windows 10 Home Version 1803 17134.167 (X64) (2018-05-19 22:18:37)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2039413497-2618475307-42166365-500 - Administrator - Disabled) => C:\Users\Administrator
CP-MSI (S-1-5-21-2039413497-2618475307-42166365-1001 - Administrator - Enabled) => C:\Users\CP-MSI
DefaultAccount (S-1-5-21-2039413497-2618475307-42166365-503 - Limited - Disabled)
Gast (S-1-5-21-2039413497-2618475307-42166365-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2039413497-2618475307-42166365-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 18.011.20055 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden
ApoDispatchConfigurator (HKLM\...\{D6E596F0-D92A-4A7C-8643-0DB4D94A9EB9}) (Version: 2.3.1201 - Nahimic) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{E5347310-C82F-4833-AA36-8D11E5A8A86A}) (Version: 6.6 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D745E014-74DD-43A3-98DF-E7D38164B681}) (Version: 6.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C29B636B-9015-4ED1-A12F-6375A337F23B}) (Version: 11.4.1.46 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.35.1 - Asmedia Technology)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
AudioLaunchpadConfigurator (HKLM\...\{45759ED1-FC6C-4719-B503-7E9345796563}) (Version: 2.3.1201 - Nahimic) Hidden
Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1508.1001 - Micro-Star International Co., Ltd.) Hidden
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1508.1001 - Micro-Star International Co., Ltd.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-9332CDW (HKLM-x32\...\{E98A9C92-E767-475B-8BC6-8780A86DDC72}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
BurnRecovery (HKLM-x32\...\{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1602.101 - Application) Hidden
BurnRecovery (HKLM-x32\...\InstallShield_{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1602.101 - Application)
CheckDevicesConfigurator (HKLM\...\{1E6763AA-A255-4BF9-8698-50E36CF15040}) (Version: 2.3.1201 - Nahimic) Hidden
CoyoteWT 1.1 (HKLM-x32\...\CoyoteWT_is1) (Version: - Coyote Electronics Inc.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5307.55 - CyberLink Corp.)
DirPrintOK (HKLM-x32\...\DirPrintOK) (Version: - )
DVDVob2Mpg 2.0 (HKLM-x32\...\DVDVob2Mpg_is1) (Version: 2.0 - Smart Projects)
EarMaster Pro 6.2 (HKLM-x32\...\EarMaster Pro 6_is1) (Version: 6.2 - EarMaster ApS)
Everything 1.4.1.895 (x64) (HKLM\...\Everything) (Version: 1.4.1.895 - David Carpenter)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FileZilla Client 3.34.0 (HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\FileZilla Client) (Version: 3.34.0 - Tim Kosse)
Finale (HKLM\...\{5B05C9ED-C67B-44AC-A788-35AC3071F883}) (Version: 25.0.0.6858 - MakeMusic)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FormatFactory 4.3.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.3.0.0 - Free Time)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
HandBrake 1.0.3 (HKLM-x32\...\HandBrake) (Version: 1.0.3 - )
Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1707.2501 - Micro-Star International Co., Ltd.) Hidden
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1707.2501 - Micro-Star International Co., Ltd.)
HWiNFO64 Version 5.58 (HKLM\...\HWiNFO64_is1) (Version: 5.58 - Martin Malík - REALiX)
iCloud (HKLM\...\{82FCC407-A0E5-4B80-9241-5ABA78B61090}) (Version: 7.6.0.15 - Apple Inc.)
Inkscape 0.92.1 (HKLM-x32\...\Inkscape) (Version: 0.92.1 - Inkscape Project)
Intel(R) Chipset Device Software (HKLM-x32\...\{619e726e-d2b4-4e28-9568-c964fd81ee6c}) (Version: 10.1.1.14 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.2.1183 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4836 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{5068B0F8-CE24-4B61-9C2F-301B411FFB9C}) (Version: 18.1.1611.3223 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{8c595286-0f9e-42de-a0d4-969aba282637}) (Version: 20.50.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{CCBE9F01-C2C3-469C-A508-2E23A7495E91}) (Version: 1.0.0.609 - Intel Corporation)
IrfanView 4.44 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.44 - Irfan Skiljan)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
iTunes (HKLM\...\{8ABA0CC5-4643-4D1A-922C-55C332B02D71}) (Version: 12.8.0.150 - Apple Inc.)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
KB9X Radio Switch Driver (HKLM\...\EC950B206B0E7722C96A318DF396BABFBB057BC0) (Version: 1.1.2.0 - ENE TECHNOLOGY INC.)
Killer Bandwidth Control Filter Driver (HKLM\...\{77573DC2-C142-420B-BE8B-4FE3CF46EF19}) (Version: 1.1.57.1126 - Rivet Networks) Hidden
Killer E240x Drivers (HKLM\...\{91BE85D2-5846-4160-9A2D-0A7B6284728E}) (Version: 1.1.57.1126 - Rivet Networks) Hidden
Killer Network Manager (HKLM\...\{0093B9DB-35D7-41BA-87A1-8C364D944CB5}) (Version: 1.1.57.1126 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.57.1126 - Rivet Networks)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LauncherSetup (HKLM\...\{7EA1F26C-9A97-4FBF-81CF-51791FAA5175}) (Version: 2.3.1201 - Nahimic) Hidden
LAV Filters 0.69 (HKLM-x32\...\lavfilters_is1) (Version: 0.69 - Hendrik Leppkes)
LibreOffice 5.4.6.2 (HKLM\...\{F662982B-D4F5-4CFA-B2AE-90E16B44FF2F}) (Version: 5.4.6.2 - The Document Foundation)
M3UExportTool (HKLM\...\{4A28B95B-A079-4346-9069-543A8952B0B5}) (Version: 1.0.0 - M3UExportTool)
MAGIX Content and Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Music Maker Silver (HKLM\...\{CD1DE5DB-7AF2-4D01-BBB1-9AD581B34403}) (Version: 21.0.3.44 - MAGIX Software GmbH) Hidden
MAGIX Music Maker Silver (HKLM-x32\...\MX.{CD1DE5DB-7AF2-4D01-BBB1-9AD581B34403}) (Version: 21.0.3.44 - MAGIX Software GmbH)
MAGIX Music Maker Silver Soundpools (HKLM\...\{CC8B6E22-F579-46A1-A9F3-985F114590F0}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Photo Manager 15 (HKLM\...\{10FDDBB2-C9D3-4207-B3A9-4910464BA0B0}) (Version: 11.0.2.36 - MAGIX Software GmbH) Hidden
MAGIX Photo Manager 15 (HKLM-x32\...\MX.{10FDDBB2-C9D3-4207-B3A9-4910464BA0B0}) (Version: 11.0.2.36 - MAGIX Software GmbH)
Manager (HKLM-x32\...\{8DED36D9-54D6-4127-A112-5A1BA1CDD66B}) (Version: 5.0.26.33533 - 2017 pdfforge GmbH. All rights reserved) Hidden
Mass Effect™ (HKLM-x32\...\{44A570EE-FD93-4086-8997-2C38DFDE0019}) (Version: 1.2.20608.0 - Electronic Arts)
Microsoft Access Runtime 2013 (HKLM-x32\...\Office15.AccessRT) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\OneDriveSetup.exe) (Version: 18.111.0603.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{e52a6842-b0ac-476e-b48f-378a97a67346}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{f325f05b-f963-4640-a43b-c8a494cdda0f}) (Version: 14.10.25017.0 - Microsoft Corporation)
MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 61.0.1 (x64 de) (HKLM\...\Mozilla Firefox 61.0.1 (x64 de)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.1 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 de)) (Version: 52.9.1 - Mozilla)
Mp3tag v2.88a (HKLM-x32\...\Mp3tag) (Version: 2.88a - Florian Heidenreich)
MSI True Color (HKLM\...\{B4A2776D-59CD-4193-A19D-DE15CB7FC5AA}) (Version: 1.6.3.005 - Portrait Displays, Inc.)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nahimic 2 (HKLM-x32\...\{8bd1653f-b053-4a68-8753-dd096b92dd0d}) (Version: 2.3.12 - Nahimic)
Nahimic2UISetup (HKLM\...\{49E32C1D-F5D8-4729-BD70-0C8EE30B4976}) (Version: 2.3.1201 - Nahimic) Hidden
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.7.0.32 - Native Instruments)
Native Instruments Kontakt Factory Selection (HKLM-x32\...\Native Instruments Kontakt Factory Selection) (Version: 1.4.0.4 - Native Instruments)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
NVIDIA GeForce Experience 3.9.0.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.61 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 19.0.3 - OBS Project)
Origin (HKLM-x32\...\Origin) (Version: 9.12.0.34172 - Electronic Arts, Inc.)
PDF24 Creator 8.4.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PG Music DirectX Plugins 2.0.0.0 (HKLM-x32\...\PG_DX_Plugins_is1) (Version: - PG Music Inc.)
ProductDaemonSetup (HKLM\...\{E217E1DD-DB05-447D-8ED4-11CE492E1BC0}) (Version: 2.3.1201 - Nahimic) Hidden
ProductNSConfigurator (HKLM\...\{4379DDE4-778B-4908-8ABA-5BA31F625C9B}) (Version: 2.3.1201 - Nahimic) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8328 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version: - )
SCM (HKLM\...\{48B3982B-546D-405D-BDB6-E09D8EBC340E}) (Version: 13.016.06153 - Application)
SeaTools for Windows 1.4.0.2 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.2 - Seagate Technology)
Shotcut (HKLM-x32\...\Shotcut) (Version: - )
Sizing Options (HKLM-x32\...\{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1512.1801 - Application) Hidden
Sizing Options (HKLM-x32\...\InstallShield_{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1512.1801 - Application)
SonicMapperConfigurator (HKLM\...\{2CC9BF06-23A8-4A2A-AAC5-F5790D3DD7E5}) (Version: 2.3.1201 - Nahimic) Hidden
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
SteelSeries Engine 3.11.1 (HKLM\...\SteelSeries Engine 3) (Version: 3.11.1 - SteelSeries ApS)
Subtitle Edit 3.5.3 (HKLM\...\SubtitleEdit_is1) (Version: 3.5.3.0 - Nikse)
Sweet Home 3D version 5.4 (HKLM\...\Sweet Home 3D_is1) (Version: 5.4 - eTeks)
TrueFire 3 3.3.0 (only current user) (HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\92da2d5a-07e3-532d-b019-6e36924dfa06) (Version: 3.3.0 - TrueFire)
UIInstallUpgrade (HKLM\...\{EE4C500B-D09E-442B-9AB8-D2872A9ADE93}) (Version: 2.3.1201 - Nahimic) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.)
WhatsApp (HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\WhatsApp) (Version: 0.2.9737 - WhatsApp)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
XAMPP (HKLM-x32\...\xampp) (Version: 7.1.7-0 - Bitnami)
XSplit Gamecaster (HKLM-x32\...\{9E8A3821-032E-4230-9C12-C14D3FC8685E}) (Version: 2.8.1605.2342 - SplitmediaLabs)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-07-23] ()
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-05-31] (Florian Heidenreich)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-06-26] (Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-05-31] (Florian Heidenreich)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-05-31] (Florian Heidenreich)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2e329e8610bbb375\igfxDTCM.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-30] (NVIDIA Corporation)
ContextMenuHandlers6: [ContMenu] -> {FCF608CF-5716-47C3-A1A8-991D873AF72B} => -> Keine Datei
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1697A33F-446B-4EB8-9536-29EFFEBDB9C8} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [2015-05-11] (CyberLink Corp.)
Task: {2903035C-5D37-4A1B-8094-64A5D5E3CB36} - System32\Tasks\{B9652F30-42F5-4385-9258-32743E1A5998} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\gu.exe" -d "C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition"
Task: {2A7216BB-750C-4388-B046-82B843ED59CC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {2CE6A85E-71D1-4739-84A1-13A76DE7D3B7} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [2016-12-07] ()
Task: {31E07D94-8D14-4A1B-8E59-F23D6B736118} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-08-18] (NVIDIA Corporation)
Task: {443D7369-14A2-45ED-A3EB-2F9CA7CFBA56} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-01-14] (Intel(R) Corporation)
Task: {58589239-F072-4001-ABC6-D520634124FD} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-18] (NVIDIA Corporation)
Task: {5B07A88B-CFEC-499A-95F8-47D5DB8BDAC7} - System32\Tasks\Nahimic2Svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe [2016-12-07] ()
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6C81C3D3-6D0B-4B74-BC5E-6BE8B46FF8C7} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-07-11] (Adobe Systems Incorporated)
Task: {7B1F8865-4D0C-4DBF-A1D7-DA5BC84363AC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [2018-07-11] (Adobe Systems Incorporated)
Task: {8430AE40-7736-4D10-BEEA-A1129982D637} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-08-18] (NVIDIA Corporation)
Task: {8956E499-93FA-41F1-93C9-AA4DD8034066} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
Task: {8B8A1D42-1D7C-4189-A493-F24068555491} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Task: {8DD105CE-34B0-42AB-9490-E28E144CB05C} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe [2017-07-25] (Micro-Star International Co., Ltd.)
Task: {9C8BDB04-27E8-4787-8603-4671B81DEBA6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-08-18] (NVIDIA Corporation)
Task: {9D8BEBB8-88DE-4251-A523-71A1B9F6456F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-08-18] (NVIDIA Corporation)
Task: {A53A083E-9733-4DA7-AF39-33D12E176959} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-18] (NVIDIA Corporation)
Task: {A55E983A-9315-48D4-B872-36F367B5A051} - System32\Tasks\Everything => C:\Program Files\Everything\Everything.exe [2018-02-09] ()
Task: {B94CE06D-4A12-4E64-B3D3-7E3C1D93F16D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-18] (NVIDIA Corporation)
Task: {BF00E9D1-4E05-43BC-B23A-D83CFA5CC5A2} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {C2D6AC16-0E96-4B72-9DEC-7B02863DC145} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
Task: {D0F0479C-AE46-4DA8-AFE8-5180A3168077} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {D1EC0929-F919-4D28-AE60-5034F16939EC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
Task: {D56D24B3-66F2-4518-9959-A36F382219F2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {DF29984A-9720-413F-8627-FDD81B292FE0} - System32\Tasks\Microsoft\Windows\PLA\System\{87E5576A-6957-4486-AB7C-A0F80DC16339}_System Diagnostics => Command(1): C:\WINDOWS\system32\rundll32.exe -> C:\WINDOWS\system32\pla.dll,PlaHost "system\System Diagnostics" "$(Arg0)"
Task: {DF29984A-9720-413F-8627-FDD81B292FE0} - System32\Tasks\Microsoft\Windows\PLA\System\{87E5576A-6957-4486-AB7C-A0F80DC16339}_System Diagnostics => Command(2): C:\WINDOWS\system32\schtasks.exe -> /delete /f /tn "\Microsoft\Windows\PLA\System\{87E5576A-6957-4486-AB7C-A0F80DC16339}_System Diagnostics"
Task: {EB7488BF-BFC6-4FFF-B05F-F009B81EA867} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-18] (NVIDIA Corporation)
Task: {F83A9DEB-D32E-488D-9FD3-6F59FD7C9A18} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-26] (Microsoft Corporation)
Task: {FA798462-3746-438D-A0E1-CB022CC2D8FA} - System32\Tasks\Nahimic2Svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe [2016-12-07] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-12-08 02:48 - 2017-12-08 02:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-06-23 06:56 - 2018-06-23 06:56 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-07-13 11:19 - 2018-02-09 06:11 - 002199656 _____ () C:\Program Files\Everything\Everything.exe
2017-02-21 19:49 - 2017-08-18 06:36 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-20 11:45 - 2005-04-22 06:36 - 000143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2017-08-07 17:53 - 2017-10-30 22:24 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2016-12-07 11:27 - 2016-12-07 11:27 - 000201400 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll
2016-12-07 11:27 - 2016-12-07 11:27 - 000273592 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll
2018-07-23 02:14 - 2018-07-23 02:14 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2018-07-11 23:15 - 2018-07-06 08:55 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-18 12:25 - 2018-07-18 12:29 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-18 12:25 - 2018-07-18 12:29 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-18 12:25 - 2018-07-18 12:29 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-07-18 12:25 - 2018-07-18 12:29 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-07-18 12:25 - 2018-07-18 12:29 - 000653824 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2016-12-07 11:24 - 2016-12-07 11:24 - 000693432 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
2016-12-07 11:25 - 2016-12-07 11:25 - 002036920 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2svc32.exe
2016-12-07 11:28 - 2016-12-07 11:28 - 000495800 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2svc64.exe
2017-12-11 12:05 - 2017-12-11 12:05 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-07-06 02:00 - 2018-07-06 02:00 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-07-26 23:30 - 2018-07-26 23:30 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-07-26 23:30 - 2018-07-26 23:30 - 068154880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-09-30 06:54 - 2017-09-30 06:54 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-07-19 16:50 - 2018-07-19 16:51 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-07-19 16:50 - 2018-07-19 16:51 - 004139008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-04-26 05:19 - 2018-04-26 05:20 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-07-19 16:50 - 2018-07-19 16:51 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-04-04 23:34 - 2018-04-04 23:34 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-07-26 23:30 - 2018-07-26 23:30 - 014919168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-07-19 16:50 - 2018-07-19 16:51 - 003982848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-07-26 23:30 - 2018-07-26 23:30 - 002938880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-05-30 23:56 - 2018-05-30 23:56 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-19 16:50 - 2018-07-19 16:51 - 001396224 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-07-26 23:30 - 2018-07-26 23:30 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-01-02 11:06 - 2009-02-27 17:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-01-02 11:06 - 2018-01-18 15:39 - 000519168 _____ () C:\Program Files (x86)\Browny02\BrMonitor.dll
2017-01-02 11:06 - 2017-12-22 12:53 - 000180224 _____ () C:\Program Files (x86)\Browny02\BroSNMP.dll
2016-02-12 02:47 - 2016-02-12 02:47 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-12-07 11:23 - 2016-12-07 11:23 - 000176312 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2DevProps.dll
2016-12-07 11:21 - 2016-12-07 11:21 - 000250552 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2OSD.dll
2018-06-23 06:56 - 2018-06-23 06:56 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2018-06-23 06:56 - 2018-06-23 06:56 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2017-12-08 02:49 - 2017-12-08 02:49 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-02-21 19:49 - 2017-08-18 06:36 - 069807552 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-02-21 19:49 - 2017-08-18 06:36 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-01-02 11:06 - 2017-11-07 19:55 - 000137728 _____ () C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2018-06-22 11:45 - 2017-11-07 19:55 - 000440832 _____ () C:\Program Files (x86)\ControlCenter4\Track.dll
2017-01-02 11:06 - 2018-01-18 15:39 - 001720832 _____ () C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2017-01-02 11:06 - 2018-01-18 15:39 - 000208896 _____ () C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll
2017-01-02 11:06 - 2017-11-07 20:04 - 000095232 _____ () C:\Program Files (x86)\ControlCenter4\BrCcLGer.dll
2017-01-02 11:06 - 2017-08-18 11:23 - 000087552 _____ () C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2017-01-02 11:06 - 2017-08-18 11:23 - 017974784 _____ () C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7881 mehr Seiten.
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\123simsen.com -> www.123simsen.com
Da befinden sich 7881 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 09:24 - 2018-07-23 23:31 - 000454635 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15605 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2039413497-2618475307-42166365-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img1.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\StartupFolder: => "Killer Network Manager.lnk"
HKLM\...\StartupApproved\StartupFolder: => "SteelSeries Engine 3.lnk"
HKLM\...\StartupApproved\Run: => "MsiTrueColor"
HKLM\...\StartupApproved\Run: => "SCM"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "EaseUS Cleanup"
HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\StartupApproved\Run: => "TVR Remote Control"
HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\StartupApproved\Run: => "SyncManPath"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{3A1751A1-5915-41A1-94B6-869EFF562A4E}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{DBC286EF-DAC7-4115-8ACE-E75D3772968F}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{34F721CA-4FF9-476F-B0BE-D235A22E3C02}C:\users\cp-msi\appdata\local\programs\truefire 3\truefire 3.exe] => (Allow) C:\users\cp-msi\appdata\local\programs\truefire 3\truefire 3.exe
FirewallRules: [TCP Query User{E750CA06-80F5-4B40-98CF-6DA0498EDF70}C:\users\cp-msi\appdata\local\programs\truefire 3\truefire 3.exe] => (Allow) C:\users\cp-msi\appdata\local\programs\truefire 3\truefire 3.exe
FirewallRules: [{7C47B704-9FCF-4B09-9045-F9EE6E745E70}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{A753DC2A-AF2F-491A-97C3-58AAFB4E4C8B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1A335F09-7EE2-41FD-A683-4EA47758F643}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2C462444-E6F6-465F-AC1C-264C3B50E3EB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8B38C0B7-C9FE-4BE6-A18E-63179127F6F2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{33C34F2E-9F77-4966-BD7C-172ED169CE19}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{9D0B9EE9-B69C-4001-AFFC-648445FE173F}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{3412EB3F-17B6-48F4-9DD6-F9874366D30B}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{7BCF7618-23F2-4392-A6D7-C03B95E516D8}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [UDP Query User{F29931C6-3D39-4985-9321-A1E17BF0DBF2}C:\program files (x86)\truefire\truefire.exe] => (Allow) C:\program files (x86)\truefire\truefire.exe
FirewallRules: [TCP Query User{49653871-1C1F-4D68-9AFD-F5E960AB0889}C:\program files (x86)\truefire\truefire.exe] => (Allow) C:\program files (x86)\truefire\truefire.exe
FirewallRules: [{C4951D67-B8BC-4F40-BC5D-96A3E02C1D98}] => (Allow) C:\Users\CP-MSI\AppData\Local\Temp\{044F6B89-6CC3-4E93-AA6A-7CAC4B042344}\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\InstTool.exe
FirewallRules: [{491A12E3-17A1-4AB9-80C6-2835334556EA}] => (Allow) C:\Users\CP-MSI\AppData\Local\Temp\{044F6B89-6CC3-4E93-AA6A-7CAC4B042344}\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}\InstTool.exe
FirewallRules: [{954021FB-36D6-418D-A943-903F20D41686}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\CinergyDvr.exe
FirewallRules: [{4795CBE8-32A4-4849-83EC-96ABDD6DAD2B}] => (Allow) C:\Program Files (x86)\TerraTec\TerraTec Home Cinema\CinergyDvr.exe
FirewallRules: [{DEADF855-AE6F-4F7C-A96F-D2129E5AC687}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3B4886B1-1464-4A93-B76D-4997ED54DC6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D04E030A-95BC-465A-8563-95B3934DB193}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{9FFDDB4E-1ECE-46A3-9B32-9A91F654F5A0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{C7B34309-4E9B-4FBC-B807-D2AB667DEB53}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [UDP Query User{74623C29-B2DD-409C-A01D-151EAC0CCF00}C:\xampp\mysql\bin\mysqld.exe] => (Block) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{AA75F6D7-653E-47DA-9553-1C944C6D2BDB}C:\xampp\mysql\bin\mysqld.exe] => (Block) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{DC44732A-0C8F-4F8E-B7F0-2ED775337703}C:\xampp\apache\bin\httpd.exe] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{240A8332-5BE7-4E93-BB11-BFBD43314DD0}C:\xampp\apache\bin\httpd.exe] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{37195471-F562-4DC5-BD05-0320AC59A706}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{CE683179-387D-4084-9E06-27FFBEF9F276}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{6D6A33E1-B0E8-48E5-9FC2-699B5B4AAC43}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{A4096236-D6B7-4921-9BA8-2BED3F726431}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{5A2B4568-ED4B-45EC-9226-E5D7354F55A6}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{3EA65D9F-6E89-4CC4-8484-81C6EE42D35B}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{6D6BAD03-4D24-48B7-8C63-6A21DF3598EE}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{4D9181B6-FD56-443B-8EDF-102B9A5E55A6}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [UDP Query User{A85DFEA6-D5AF-4095-8EEE-0A27836D1BB6}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{50C9E1E4-FEED-4634-9C8F-B1A36C35F9CF}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{0E3441BE-5C39-4F32-BA80-422C03A29AF2}] => (Allow) LPort=54925
FirewallRules: [UDP Query User{DFDA4CC6-DCB9-4A5C-A5AA-F72EC454527C}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{78C323F7-6CC3-45C2-86DF-2700D917FF6E}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{24517063-9684-4CD5-8F94-3232A79CEC12}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{AD909969-1B69-4BA1-8DAE-468F174EECDB}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{0EC8F59D-ACB0-40A2-95D4-DEC2CEAC3A9A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{B3D8A442-203B-45CB-9DBC-560768A92C1C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{080D2AD3-F1E2-40C3-B927-860BC99AD23D}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe
FirewallRules: [UDP Query User{B2198B81-CE3E-4E43-AA9A-6929C327CF99}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe
FirewallRules: [TCP Query User{7ACE457C-6AF2-4FC0-ADE7-0F69FD4CF981}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe
FirewallRules: [UDP Query User{9091E0D1-9B27-4521-BF88-3E836A0F8BD9}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe
FirewallRules: [{8252A8AB-ABF6-4413-890B-EC5341103BB7}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{D3930025-AD22-4DCF-A84E-EE58B5762B7D}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [TCP Query User{6827789C-22DB-485C-A76B-C75E4F4751CA}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe
FirewallRules: [UDP Query User{5A4E717A-7F24-4744-9D92-881E71B1D865}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe
FirewallRules: [{94EB39FB-9D15-4511-B172-8AAE8A608170}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{57D5FAFC-E73C-4523-A094-DF77A42991BA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{606AB7A5-F610-41E9-8F59-DF5825AF4824}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6F42F84C-BFAB-4323-8D1F-E22A210E49E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{57ABF438-C6F6-4AFA-BA40-44A686BDF2C2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{85D6772E-C816-4207-BE29-70057E7CED15}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{00FD7BA1-8356-4A51-99DB-B8B72506A25A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [TCP Query User{DED7E086-34E1-4C0A-8951-46B1545F1150}C:\program files (x86)\truefire\truefire.exe] => (Allow) C:\program files (x86)\truefire\truefire.exe
FirewallRules: [UDP Query User{242EB5F1-2AB5-48D5-B2BF-F2DF8854226F}C:\program files (x86)\truefire\truefire.exe] => (Allow) C:\program files (x86)\truefire\truefire.exe
FirewallRules: [{E8E2FCD3-4369-42DA-A6BC-189711B06F8F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{86F40C19-9D9F-44A8-B06D-90670A42805D}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{8147C00C-3D46-4D42-9610-FC0E2F00EBCA}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{9039333D-52BA-4873-B777-D266CB9DC957}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{AAC1B8AD-5B3C-4424-851B-2DC2D6B440A7}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [TCP Query User{1AC56BB3-F129-4357-A2B9-1D02EF042BBF}C:\users\cp-msi\appdata\local\programs\truefire 3\truefire 3.exe] => (Allow) C:\users\cp-msi\appdata\local\programs\truefire 3\truefire 3.exe
FirewallRules: [UDP Query User{3FB6CF67-774E-49CF-AFC6-8CDB0CC7C6CE}C:\users\cp-msi\appdata\local\programs\truefire 3\truefire 3.exe] => (Allow) C:\users\cp-msi\appdata\local\programs\truefire 3\truefire 3.exe
FirewallRules: [{CC91EB22-529D-45E6-B667-12DC6132149B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Wiederherstellungspunkte =========================
18-07-2018 16:27:47 Windows Update
25-07-2018 22:47:14 Prüfpunkt von HitmanPro
27-07-2018 17:18:56 Removed Adobe Acrobat Reader DC - Deutsch.
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/30/2018 05:27:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname CP-MSI.local already in use; will try CP-MSI-2.local instead
Error: (07/30/2018 05:27:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 1; will deregister 4 CP-MSI.local. Addr 192.168.178.23
Error: (07/30/2018 05:27:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.23:5353 16 CP-MSI.local. AAAA 2A02:810D:8B40:18E0:5993:2BEB:FE86:330B
Error: (07/30/2018 05:27:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 CP-MSI.local. AAAA FE80:0000:0000:0000:5993:2BEB:FE86:330B
Error: (07/30/2018 05:27:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.23:5353 16 CP-MSI.local. AAAA 2A02:810D:8B40:18E0:5993:2BEB:FE86:330B
Error: (07/30/2018 05:27:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 4 CP-MSI.local. Addr 192.168.178.23
Error: (07/30/2018 05:27:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.23:5353 16 CP-MSI.local. AAAA 2A02:810D:8B40:18E0:5993:2BEB:FE86:330B
Error: (07/30/2018 09:54:00 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 B.0.3.3.6.8.E.F.B.E.B.2.3.9.9.5.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR CP-MSI-2.local.
Systemfehler:
=============
Error: (07/30/2018 05:43:20 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "F:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.
Error: (07/30/2018 05:27:48 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (07/30/2018 03:58:08 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (07/30/2018 10:53:51 AM) (Source: DCOM) (EventID: 10016) (User: CP-MSI)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "CP-MSI\CP-MSI" (SID: S-1-5-21-2039413497-2618475307-42166365-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (07/30/2018 10:53:51 AM) (Source: DCOM) (EventID: 10016) (User: CP-MSI)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "CP-MSI\CP-MSI" (SID: S-1-5-21-2039413497-2618475307-42166365-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (07/30/2018 10:32:29 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (07/30/2018 09:53:58 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (07/30/2018 07:27:54 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Windows Defender:
===================================
Date: 2018-07-18 22:31:21.469
Description:
Die Windows Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {44D8E274-77FA-4306-B235-3D8DF0AB4BAC}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2018-07-18 17:11:08.231
Description:
Die Windows Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {EF3B1341-2DEA-4A4D-B7B8-60751B98039E}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2018-07-18 15:51:30.973
Description:
Die Windows Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {B40685D8-7E5C-4140-89AC-9F04A1A04E1A}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2018-07-18 15:46:58.965
Description:
Die Windows Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {C51ED772-A84A-4F4D-9FB2-F142968BBEB6}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2018-07-17 01:26:00.460
Description:
Die Windows Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {7D297B11-831F-4BD4-B064-38CC5DBFDC56}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2018-07-21 17:03:44.207
Description:
Fehler von Windows Defender Antivirus beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.273.91.0
Updatequelle: Microsoft Update-Server
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.15100.1
Fehlercode: 0x80240022
Fehlerbeschreibung: Die Suche des Programms nach Definitionsaktualisierungen ist nicht möglich.
Date: 2018-07-21 17:03:44.207
Description:
Fehler von Windows Defender Antivirus beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.273.91.0
Updatequelle: Microsoft Update-Server
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.15100.1
Fehlercode: 0x80240022
Fehlerbeschreibung: Die Suche des Programms nach Definitionsaktualisierungen ist nicht möglich.
CodeIntegrity:
===================================
Date: 2018-07-30 10:33:05.120
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.
Date: 2018-07-30 10:33:05.117
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.
Date: 2018-07-30 00:51:34.107
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.
Date: 2018-07-30 00:51:34.104
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.
Date: 2018-07-29 22:46:26.761
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
Prozentuale Nutzung des RAM: 24%
Installierter physikalischer RAM: 16260.12 MB
Verfügbarer physikalischer RAM: 12288.55 MB
Summe virtueller Speicher: 18692.12 MB
Verfügbarer virtueller Speicher: 13879.95 MB
==================== Laufwerke ================================
Drive c: (OS_Install) (Fixed) (Total:237.18 GB) (Free:48.43 GB) NTFS
Drive d: (Data) (Fixed) (Total:914.4 GB) (Free:14.93 GB) NTFS
\\?\Volume{70c8fa8f-1838-4970-a78c-a5d7eb907ba8}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.35 GB) NTFS
\\?\Volume{d94ce0c7-7a91-42fe-ab44-9e6c30665fb6}\ (BIOS_RVY) (Fixed) (Total:17.11 GB) (Free:0.65 GB) NTFS
\\?\Volume{f19c7517-9aef-4bda-af16-3c0bddbb5e3d}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 4402EC77)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 4402ECA9)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
11.08.2018, 12:21
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | PUP.Optional bleibt hartnäckig Hi, zuerst mal bitte altes bzw überflüssiges deinstallieren - gib Bescheid wenn das durch ist. Wenn wir hier komplett fertig sind gibt es Hinweise für Patchmanegment und bessere Alternativen zu Adobe. Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
11.08.2018, 21:10
| #5 |
| | PUP.Optional bleibt hartnäckig Vielen Dank, ich habe nach der Deinstallation der genannten Programme mit dem Revo Uninstaller vom Filepony-Server Programmeintragsreste von Adobe gefunden und nach deiner Anweisung entfernt. Nach dem Herunterfahren des Notebooks und neuem Boot habe ich noch einmal mit Revo Uninstaller nach Adobe und Irfanview durchsucht, aber nichts mehr gefunden. |
|
13.08.2018, 07:28
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PUP.Optional bleibt hartnäckig Schädlinge suchen mit Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ --> PUP.Optional bleibt hartnäckig |
|
13.08.2018, 08:42
| #7 |
| | PUP.Optional bleibt hartnäckig Ich habe den TDSSKiller von Filepony auf den Desktop geladen und in der Konfiguration die Additional Häkchen gesetzt. Der Scan dauerte 31s, 661 Objekte und brachte 0 Funde. Vielleicht auch wichtig: seit meiner (unsystematischen) Selbsthilfe direkt vor meinem ersten Beitrag verhält sich auch mein Firefox-Browser wieder unauffällig. Wegen >150.000 Zeichen in zwei Teilen: Code:
ATTFilter 09:16:08.0665 0x3bd8 TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17
09:16:08.0665 0x3bd8 UEFI system
09:16:14.0824 0x3bd8 ============================================================
09:16:14.0824 0x3bd8 Current date / time: 2018/08/13 09:16:14.0824
09:16:14.0824 0x3bd8 SystemInfo:
09:16:14.0824 0x3bd8
09:16:14.0824 0x3bd8 OS Version: 10.0.17134 ServicePack: 0.0
09:16:14.0824 0x3bd8 Product type: Workstation
09:16:14.0824 0x3bd8 ComputerName: CP-MSI
09:16:14.0824 0x3bd8 UserName: CP-MSI
09:16:14.0824 0x3bd8 Windows directory: C:\WINDOWS
09:16:14.0824 0x3bd8 System windows directory: C:\WINDOWS
09:16:14.0824 0x3bd8 Running under WOW64
09:16:14.0824 0x3bd8 Processor architecture: Intel x64
09:16:14.0824 0x3bd8 Number of processors: 8
09:16:14.0824 0x3bd8 Page size: 0x1000
09:16:14.0824 0x3bd8 Boot type: Normal boot
09:16:14.0824 0x3bd8 CodeIntegrityOptions = 0x00000001
09:16:14.0824 0x3bd8 ============================================================
09:16:14.0871 0x3bd8 KLMD registered as C:\WINDOWS\system32\drivers\84856894.sys
09:16:14.0871 0x3bd8 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 17134.1, osProperties = 0x19
09:16:14.0933 0x3bd8 System UUID: {77A6A561-CB52-77FE-A379-1787455003B9}
09:16:15.0105 0x3bd8 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:16:15.0383 0x3bd8 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:16:15.0398 0x3bd8 ============================================================
09:16:15.0398 0x3bd8 \Device\Harddisk0\DR0:
09:16:15.0398 0x3bd8 GPT partitions:
09:16:15.0398 0x3bd8 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {F19C7517-9AEF-4BDA-AF16-3C0BDDBB5E3D}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x96000
09:16:15.0398 0x3bd8 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {668D0B9A-177B-419E-A346-410484F1A25C}, Name: Microsoft reserved partition, StartLBA 0x96800, BlocksNum 0x40000
09:16:15.0398 0x3bd8 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {974ADEAA-62CF-4E93-A42C-56EEB37487DD}, Name: Basic data partition, StartLBA 0xD6800, BlocksNum 0x1DA5A800
09:16:15.0398 0x3bd8 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {70C8FA8F-1838-4970-A78C-A5D7EB907BA8}, Name: Basic data partition, StartLBA 0x1DB31000, BlocksNum 0x1C2000
09:16:15.0398 0x3bd8 MBR partitions:
09:16:15.0398 0x3bd8 \Device\Harddisk1\DR1:
09:16:15.0398 0x3bd8 GPT partitions:
09:16:15.0398 0x3bd8 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {45A41C57-09F7-48AF-BEBB-1AB6BFB55095}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x724CB800
09:16:15.0398 0x3bd8 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {D94CE0C7-7A91-42FE-AB44-9E6C30665FB6}, Name: Basic data partition, StartLBA 0x724CC000, BlocksNum 0x223A800
09:16:15.0398 0x3bd8 MBR partitions:
09:16:15.0398 0x3bd8 ============================================================
09:16:15.0398 0x3bd8 C: <-> \Device\Harddisk0\DR0\Partition3
09:16:15.0398 0x3bd8 D: <-> \Device\Harddisk1\DR1\Partition1
09:16:15.0398 0x3bd8 ============================================================
09:16:15.0398 0x3bd8 Initialize success
09:16:15.0398 0x3bd8 ============================================================
09:17:12.0414 0x1468 ============================================================
09:17:12.0414 0x1468 Scan started
09:17:12.0414 0x1468 Mode: Manual; SigCheck; TDLFS;
09:17:12.0414 0x1468 ============================================================
09:17:12.0414 0x1468 KSN ping started
09:17:12.0493 0x1468 KSN ping finished: true
09:17:13.0071 0x1468 ================ Scan system memory ========================
09:17:13.0071 0x1468 System memory - ok
09:17:13.0071 0x1468 ================ Scan services =============================
09:17:13.0102 0x1468 [ 4B45A2D37CCE3CC0F161B7C7286081A6, DF4EBAA12E083AE45411AABD3EDE916E2CC6963FBA664861AC9B2351B5E042DC ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
09:17:13.0149 0x1468 1394ohci - ok
09:17:13.0165 0x1468 [ F5E5BA493B7C497F1F769942E2EA4CE2, 4AD54DA24142BCE49FB64CFF2CB28764FAA93827E7DB02925090B68F8C73B1FB ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
09:17:13.0165 0x1468 3ware - ok
09:17:13.0180 0x1468 [ CA51BB1B81F97E896E116C839B92D9D8, 09F73D8FB93EA524D3C9A9C264F62340560DC7042589597A318626A0A198F91F ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
09:17:13.0212 0x1468 ACPI - ok
09:17:13.0212 0x1468 [ 75795E4B19BB3ED8D3C25A17CD15DC30, 22A13064E0B472A0A2258D61A889B73EE3F537DA7796CCE39DF973AFA8FA1567 ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
09:17:13.0227 0x1468 AcpiDev - ok
09:17:13.0243 0x1468 [ DDA0FC1400A24988A7D3E746AEDF2C0F, 3A703A204FDE46C67017C274CA1F50F591D909EE182A82697E89442D4A5569CE ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
09:17:13.0243 0x1468 acpiex - ok
09:17:13.0243 0x1468 [ 1F2EC25DA23D1DF3ADA12FE5A26D321C, B165D72949E43F04312C95BF0FF5C25CFE5CA0CDF43415E01AB2B1550D06C737 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
09:17:13.0259 0x1468 acpipagr - ok
09:17:13.0274 0x1468 [ 6AFFD57803BBB6FBCB483F983900A5C4, A3A87984E70C8B47F919D2633E6378F3AACCBF3E74DB3B35BB2E15D036DB36E2 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
09:17:13.0290 0x1468 AcpiPmi - ok
09:17:13.0290 0x1468 [ 0FC8673FAFC7D78C1CDC000F892CAC64, 33FB109ABD18FBF4DA5047BAA9FAF63E88D5BA1826442DB02F9130DAD11D15F2 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
09:17:13.0290 0x1468 acpitime - ok
09:17:13.0321 0x1468 [ A3D4CF2F3A433BE18CD4AD3E6665DC63, 9D62A7E2DDA15B2E75490CCB9C8E10A41030F496A93631EDED5F1003DF368290 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
09:17:13.0352 0x1468 ADP80XX - ok
09:17:13.0368 0x1468 [ 4DCCC3E02A22ED4A4ADB11386F226071, 40BB183049DE3ADCC7A5B1B269620C8534291BB7A956157434C857DE249559EE ] AFD C:\WINDOWS\system32\drivers\afd.sys
09:17:13.0384 0x1468 AFD - ok
09:17:13.0399 0x1468 [ F267095A11A461BEF39FB180750BE801, CF90798C46892FF5225155D2C7BCC469A4A631E22919CBEDA2F4FEEF4F05E301 ] afunix C:\WINDOWS\system32\drivers\afunix.sys
09:17:13.0415 0x1468 afunix - ok
09:17:13.0430 0x1468 [ 0CD0F0C62414217DE9EA7EC8D425277E, FD211157B85B841D0C94B36776572FADC7425F1B0B49EACC910D3E175208A7EC ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
09:17:13.0446 0x1468 ahcache - ok
09:17:13.0446 0x1468 [ 2BF4DA8EC5F1A0D88D2DDE1E6821076B, B9F4D499DB4CB91576ACE4847B96F2FC770B9BCC223B5E2261B2DEC22D7651E7 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
09:17:13.0477 0x1468 AJRouter - ok
09:17:13.0477 0x1468 [ 9E9D78D1C179EB2E3E2282A1DC409D93, EA7486B4425A87FDDD60542AAF0812A8DB868F569886B894883702B362A05D2C ] ALG C:\WINDOWS\System32\alg.exe
09:17:13.0493 0x1468 ALG - ok
09:17:13.0509 0x1468 [ 6DF48AD26E6285FB137F11328B64A376, 76FF9A753C262065E819E862E7950127472C5E6AB7E97B57977C6DCE6180760A ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
09:17:13.0524 0x1468 AmdK8 - ok
09:17:13.0524 0x1468 [ D8804032BCDE4077A6D8D431D12AC6CC, F017A3FEAB2919A9662A9BFEF31AE7B7EC19F1136C9D0DC6C48A415B540A8062 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
09:17:13.0540 0x1468 AmdPPM - ok
09:17:13.0540 0x1468 [ A88F5E24B65228FB25F2051B3408A0E4, C124B486839EA15D6806EB51E91EBF99401CD7D226541320A7A4934A8477DCEF ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
09:17:13.0555 0x1468 amdsata - ok
09:17:13.0555 0x1468 [ AECD39E51DABC2BF045B2857F02FA2BD, 83E2AC3200B6EA1586E4E0204D81CEAF303D7C9EBE7E5D1273A41A4EC1390E56 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
09:17:13.0571 0x1468 amdsbs - ok
09:17:13.0571 0x1468 [ B4CC9943230CAEB05B46CC30C220E141, 013716E6911136EB0916A1D592198DD7953800549DA0C885093D2BA3CC9BA2A7 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
09:17:13.0587 0x1468 amdxata - ok
09:17:13.0587 0x1468 [ E4A18157BF5D8D714C05169A8A8D604C, 45D8CB25A9967D634F8331070BDFB3DF4ACB6295CF1520F9AAE8753D3BF4018A ] AppID C:\WINDOWS\system32\drivers\appid.sys
09:17:13.0602 0x1468 AppID - ok
09:17:13.0602 0x1468 [ F1A04835C7FA75C8215961C1095D5EBF, 45D153404E601C0CE247058B78F328DD9F7F4F6A9480132F7CE6D9A7092F63CF ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
09:17:13.0618 0x1468 AppIDSvc - ok
09:17:13.0633 0x1468 [ 48EA4B4CCC920D130529A1EF85388B6A, 31F69543682E70DF0A6B2A70FC7553ECEE643C554E7F8FF18A2DD09359360F8E ] Appinfo C:\WINDOWS\System32\appinfo.dll
09:17:13.0649 0x1468 Appinfo - ok
09:17:13.0665 0x1468 [ 77E415BCE54AF249550DF289B03891AB, AE9873C55AD0C461519F673ADF4D9D303F8B9EDE384D47D45369102F69364215 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:17:13.0680 0x1468 Apple Mobile Device Service - ok
09:17:13.0680 0x1468 [ 769316CA5884FBBD02D45C28FE105922, 117168BFB2D8DBF1258EBA53DCE09E74000B35B7B7460251B4C46BDB9CEA709A ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
09:17:13.0696 0x1468 applockerfltr - ok
09:17:13.0712 0x1468 [ 636575088044E7271088BB8CFA382B45, DCD2CAD626E66AF98D31B9339A4A92FD94E99F335B48649529AC327B7AF52B9A ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
09:17:13.0743 0x1468 AppReadiness - ok
09:17:13.0805 0x1468 [ 83A05981B820ED7B40BF9645E6F9DD76, 58502EAF6BFF44C68DA5D91E4F4876D3850D4508F1C389D2B3713239168B3753 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
09:17:13.0915 0x1468 AppXSvc - ok
09:17:13.0915 0x1468 [ 013E057DF3D13A4462AD912D7732E7E0, 7C89AD5799091D17EAED682058559DBAE882D0E18C347B5AECE7BCCFD0E2D21C ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
09:17:13.0931 0x1468 arcsas - ok
09:17:13.0931 0x1468 [ 6ED7669E42249AD8BA6312F07B7CA01C, 6E17E1643EE26BB58BEBA7F07F3740AC06872862F8D2B828B263DF5B97A12842 ] asmthub3 C:\WINDOWS\System32\drivers\asmthub3.sys
09:17:13.0962 0x1468 asmthub3 - ok
09:17:13.0978 0x1468 [ 3D1460D459048E469D4EE506833FF0DE, DAE4597746D9791A61BDAF231FABA7A5097693DD9C43B3B7582AEBBAE2110B50 ] asmtxhci C:\WINDOWS\system32\DRIVERS\asmtxhci.sys
09:17:14.0024 0x1468 asmtxhci - ok
09:17:14.0024 0x1468 [ B25ACCD9BE5F5798E9DD8FFB04D7BE4C, 87577AD2E4A47518B8101C67F1025CB3CD2ABBA678774A5926192FCD56EF1350 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
09:17:14.0040 0x1468 AsyncMac - ok
09:17:14.0056 0x1468 [ 90AB4ED8EBD72A1C096A40CC35404B91, C343466D439552D154BBD1A5F9D391CDD3FA298A712594EA27C3049E3516D1AF ] atapi C:\WINDOWS\system32\drivers\atapi.sys
09:17:14.0056 0x1468 atapi - ok
09:17:14.0071 0x1468 [ 49C40F52EB06F9E9C8A14436F97AAEB8, F98E04CD9674C99BA1D1C63177AA81C628D505AED1DE4110500FC33A5C494864 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
09:17:14.0102 0x1468 AudioEndpointBuilder - ok
09:17:14.0149 0x1468 [ 50DE2E82D65B6006360660D085E80B8B, C279E90A975D71E193048BA324C99685CFF977A0D3B171B6BDFBDEF7FF7A084B ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
09:17:14.0212 0x1468 Audiosrv - ok
09:17:14.0212 0x1468 [ D7BFD86F7A9ABE39351199869D093110, 90BB2C0A8185D3982FEFAC7C1E18783AF949EBECA3B9E44DCF89E2FD5FD6AA0C ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
09:17:14.0227 0x1468 AxInstSV - ok
09:17:14.0243 0x1468 [ F10E4C9444A9FC6DCBAB2C42F6999FA1, 4238B6DD49CBADFE2C737AC1B211AE045F458DDF1693EE54608455C1ECE1BCCA ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
09:17:14.0259 0x1468 b06bdrv - ok
09:17:14.0274 0x1468 [ 982FAA5686F67BFEF3E6094705C2621F, 02456312B0FD0ABE7B7EEC0FB385268AF34DDB5F13AF934F96FCA7C32EA51447 ] bam C:\WINDOWS\system32\drivers\bam.sys
09:17:14.0274 0x1468 bam - ok
09:17:14.0290 0x1468 [ FA4973E379E872C61D0CF4E39F807833, 3320FAB0CF16BB1ABBBA222CC31D20B5AC7A4259DE4323B109A8F2FECC28C8A4 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
09:17:14.0306 0x1468 BasicDisplay - ok
09:17:14.0306 0x1468 [ F024B80EA0076A318598DAB795F9C3D0, 6225A5FCD2B750A0E4FFFCCB1CDF49BAA7809A4B4AD7AB625A585CF4971CDE25 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
09:17:14.0321 0x1468 BasicRender - ok
09:17:14.0352 0x1468 [ E8261FB8A9798A467202D2E1507CF537, A2E202FE03AA96291C82094145BD2B0EF3333BD785FF5A1392727C3D726D3EF5 ] BcastDVRUserService C:\WINDOWS\System32\BcastDVRUserService.dll
09:17:14.0399 0x1468 BcastDVRUserService - ok
09:17:14.0415 0x1468 [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
09:17:14.0431 0x1468 bcmfn2 - ok
09:17:14.0431 0x1468 [ 255D1EA1F4EDA1B7B28A88581F12A1CE, 5B2D7F2EFA7BB539719890CF2E45568C544DD0EECEC44BBA56CCECB792E8BC44 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
09:17:14.0462 0x1468 BDESVC - ok
09:17:14.0462 0x1468 [ 9B068DF7B7B3DDF768D06DFD69B49FD0, DC2CD3A70506AEB1BCEB207A9B06657806E72C5432FA605FF9C6F11516F38132 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:17:14.0493 0x1468 Beep - ok
09:17:14.0509 0x1468 [ 0B9B6D7A2F31FBD63301D19B1B08238E, 7EF63C87FB2B9E0971B633BC86F99B12F8BBE188D53E0B105E44766A0657A67E ] BFE C:\WINDOWS\System32\bfe.dll
09:17:14.0556 0x1468 BFE - ok
09:17:14.0556 0x1468 [ 95AAA4E4D9691A3353E39DC91CF280EF, DCDFE7D1BB38517F04B3244EC282C291DDE633D4C6C5E1B8908F62A0B63DED6C ] BfLwf C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys
09:17:14.0571 0x1468 BfLwf - ok
09:17:14.0571 0x1468 [ BC1E5F20251E0AFDB955E7D91093B619, 5642E6B6CA6DBC8585834790A70CFF54252A631A9EA06D28F28EF7430FA42BE5 ] bindflt C:\WINDOWS\system32\drivers\bindflt.sys
09:17:14.0587 0x1468 bindflt - ok
09:17:14.0602 0x1468 [ 97F4C0B9741E06BAC6AD2D93ABCEAED8, 25FD58F4BA2F8EC99241A580352D1EC49924829C61D89353B30CCEEE2CEBADE7 ] BITS C:\WINDOWS\System32\qmgr.dll
09:17:14.0665 0x1468 BITS - ok
09:17:14.0681 0x1468 [ 30D75769E23CCFBE13DB41FC54243BB1, 4ED018F1DB103D3F354D8EF7DFE797028DBDF22294D355F6D38DF9C6AF61B69E ] BluetoothUserService C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll
09:17:14.0712 0x1468 BluetoothUserService - ok
09:17:14.0712 0x1468 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:17:14.0727 0x1468 Bonjour Service - ok
09:17:14.0743 0x1468 [ 00C33AC3096BB64BACD5554A55025F8F, E13669966AA69A9C18E8932491F722F595666163DA2C6695C8F415AD55836B53 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
09:17:14.0759 0x1468 bowser - ok
09:17:14.0774 0x1468 [ 0E1A0E81EF4B33FFDE8EDA46EE38F0D4, F92E7FC14264F58EF79A10025D8375B7455A339B556AEE72A32FFE29278FAF23 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
09:17:14.0821 0x1468 BrokerInfrastructure - ok
09:17:14.0837 0x1468 [ 5FAE1765FCD6CEE58E2D0F4CDC91A685, 3B536D65CF277C9076C8DC5A38E31242F29C5B4DF22CE7465792330F60D32A12 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
09:17:14.0853 0x1468 BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:17:14.0915 0x1468 Detect skipped due to KSN trusted
09:17:14.0915 0x1468 BrYNSvc - ok
09:17:14.0931 0x1468 [ 85F5808D19879E1803E46405090F29C8, E22E73BCE3B76BFBAC712DF1E5D7D38E189B80D1CE6E9A9AB3C94733CF18F04B ] BTAGService C:\WINDOWS\System32\BTAGService.dll
09:17:14.0962 0x1468 BTAGService - ok
09:17:14.0962 0x1468 [ 2B5EB1BB42AEE7A77B1E9C794DFCEF3D, E94040AAE365CFCAEEC75F38EBDDB2C7F13B41F41D96C33FE3F25078BA21DA13 ] BthA2DP C:\WINDOWS\system32\drivers\BthA2DP.sys
09:17:14.0993 0x1468 BthA2DP - ok
09:17:14.0993 0x1468 [ 063E91CD2CB1C372459FD6FBC02509E7, 29319290F73D8D87323584D938FBC86400AB37455E7E058A543A77F9BBF4579D ] BthAvctpSvc C:\WINDOWS\System32\BthAvctpSvc.dll
09:17:15.0025 0x1468 BthAvctpSvc - ok
09:17:15.0025 0x1468 [ E0121734C2492406034FA23E3D394EBD, E855EB12DD35CC47F68C5C6B1622560599C7074E274E510528196D47BDA56960 ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
09:17:15.0056 0x1468 BthEnum - ok
09:17:15.0056 0x1468 [ F56B351A4E2B384911B2BA2A98261F34, A8140A2ABEC704A11776D29894ADD5D1FA9C125567EB6B270694573DB9B0E30E ] BthHFAud C:\WINDOWS\system32\DRIVERS\BthHfAud.sys
09:17:15.0071 0x1468 BthHFAud - ok
09:17:15.0071 0x1468 [ 02FEC31842DD153D966AC227B6DDF8BB, 90EEEA049212E5FE8EFA2ACED45DFB6ABAFEA6D40FB4E1E2681F65A417237163 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
09:17:15.0087 0x1468 BthHFEnum - ok
09:17:15.0087 0x1468 [ 8EE632BFE4BABD4E7A299AF54476F9A5, 836675F295A033C0239DCF86D90985443A60D5A1F38B668CA82A30BDFD983352 ] BthLEEnum C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
09:17:15.0103 0x1468 BthLEEnum - ok
09:17:15.0103 0x1468 [ A0EC1D5C937995A2C5F1179538A8A6B4, CBFBDF2D8305BD72FFF64AAAB31EB5D5B8ADE537C35AC63DC3F6ADCBF96B3659 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
09:17:15.0118 0x1468 BTHMODEM - ok
09:17:15.0134 0x1468 [ B10E0CC936462BBA7BC659C0927617A0, B4F2A318384D176D0ACF26372756CE097F34EED59FBB023E7DB8F95D8F73F69A ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
09:17:15.0149 0x1468 BthPan - ok
09:17:15.0165 0x1468 [ CEC858AC998DE405F079FEFD55924394, 184820F741853790D31E62FC94EC1E7AE664728E92B9B4287B3EDBA7AE33D8CD ] BTHPORT C:\WINDOWS\System32\drivers\BTHport.sys
09:17:15.0215 0x1468 BTHPORT - ok
09:17:15.0215 0x1468 [ 1EB49C9E2716D4924460B2FAA295E313, B96D39479BFD2ABCD3A3BB8897EAD7C5A03DFFD7266E82A1FBA0E7FEAF73E4B8 ] bthserv C:\WINDOWS\system32\bthserv.dll
09:17:15.0230 0x1468 bthserv - ok
09:17:15.0246 0x1468 [ 0D5ECDF2601312025811F6AC413F851A, B7E99CF02C6B511BD643E7F8BB59E983D8B65073D9B55ED44457EDC2BBBBC419 ] BTHUSB C:\WINDOWS\System32\drivers\BTHUSB.sys
09:17:15.0261 0x1468 BTHUSB - ok
09:17:15.0261 0x1468 [ E3786BEBB7E4003DE324A18069DDA081, 4DDA70CCB011D74811BA51686E6ED9A404EBE549AE6B3CE0DDBCB83D09E8AABA ] bttflt C:\WINDOWS\system32\drivers\bttflt.sys
09:17:15.0277 0x1468 bttflt - ok
09:17:15.0277 0x1468 [ 03C13BB635635B9152DBF49AA07B728C, F6141576EB54EFE5E329762EC548C7D256EFB57C42A46BB3426B779413F0C975 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
09:17:15.0293 0x1468 buttonconverter - ok
09:17:15.0293 0x1468 [ 9983FF8D9834F2E67787F4BDC42A8E36, 85260F4A657D657ACD394339DFDDE814AD6BCA65712EAD943833BE7AB0937C8D ] CAD C:\WINDOWS\System32\drivers\CAD.sys
09:17:15.0308 0x1468 CAD - ok
09:17:15.0308 0x1468 [ B405F59CF690653105600F85C9B576B9, BEB313DF7D343B2A421EF76E908FCDB64C62AB2ABB7A3188F48A6CACA9644D97 ] camsvc C:\WINDOWS\system32\CapabilityAccessManager.dll
09:17:15.0340 0x1468 camsvc - ok
09:17:15.0340 0x1468 [ 407B33DE151A3DFCF564AC4270E44B1D, 8B1419FEDDCEF9F9F239B4C1A629F4F2748FC09CF3E38CA01D8D6D1D32252346 ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
09:17:15.0355 0x1468 CapImg - ok
09:17:15.0355 0x1468 [ B7124C75FB38F25AC1C0D1CDA58DD61F, B6BEDF911865D098D709B00849DAA0034EFE25592B0C7BA69EBFD07C9FABC267 ] CBUSB C:\WINDOWS\System32\drivers\CBUSB_64.sys
09:17:15.0386 0x1468 CBUSB - ok
09:17:15.0386 0x1468 [ D3CBC6DE5955D014407C7BD1FFE80F00, 9D185AED383FCBF16EE63192452DE888D8485D7BD9C0257BF92A68C42120A1B8 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
09:17:15.0418 0x1468 cdfs - ok
09:17:15.0433 0x1468 [ 0942C87ED45B1E227032AD154105F79B, A0A40589B9C399061C1C46247609CA514DCD21DDF1E7FCEE19F0CE75D0FC7996 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
09:17:15.0465 0x1468 CDPSvc - ok
09:17:15.0480 0x1468 [ 9FBF5849A6F51E3B3F8AF2A4171648DA, 7422BC5C87075F5008E6364C8AFAA794AB17CA2DC238DC00F377B942B6FCDC11 ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
09:17:15.0511 0x1468 CDPUserSvc - ok
09:17:15.0527 0x1468 [ 6834DBBA2A1DBA5B9B6360D0B9A3CBB5, 637331058347D94FBDEE0D47E56723C98BDBBE8E044A225CCE7B3592AA562021 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
09:17:15.0558 0x1468 cdrom - ok
09:17:15.0558 0x1468 [ 620E4F2FDD04FFB70702676423F1C2AC, 25A19FFA966605C229F5BFBCBBBEE36695FC673C7814CF13E79EE4A9B3D8CBE2 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
09:17:15.0589 0x1468 CertPropSvc - ok
09:17:15.0605 0x1468 [ 4A08B239F92B319AD31E3916D27AD4B9, 948772689F14090E9E096CF7423CE5D994E3F9964775AD5B2F78C37A987EE980 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys
09:17:15.0621 0x1468 cht4iscsi - ok
09:17:15.0652 0x1468 [ C8EA9376E4D284F9DF24B27AC6E3AB85, DAD3B00A37797E7C80E0C359BA735B65BBBE5DC25480910737D86D2711A6FF8C ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys
09:17:15.0699 0x1468 cht4vbd - ok
09:17:15.0699 0x1468 [ 3AA86DA04A561E8162C2DBBF92D12074, 9CB67299BEC25F2B357DDAA5A36B3464193B8BDAB4DCFAE0CD4315911027E409 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
09:17:15.0714 0x1468 circlass - ok
09:17:15.0730 0x1468 [ 5619FC2A3AE4F43D4B20D95472ED948E, A5D530FB6AC493FC01489A1D32C311F7D28F0D7B49C950E71F4ADF4FBA302689 ] CldFlt C:\WINDOWS\system32\drivers\cldflt.sys
09:17:15.0746 0x1468 CldFlt - ok
09:17:15.0761 0x1468 [ DB26170CF6555B9AFF76CFA067ABCF90, A066E89267783A5E54A36D1CF193916218BE2E1D177F0ACA82E2B86211629806 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
09:17:15.0777 0x1468 CLFS - ok
09:17:15.0793 0x1468 [ 5BD85187D6A6A37D2A4563F33D7A76E4, 6FF434BE93259229E0EA64EC1B6E09B1B814C2A467FC2859B94C79549E2F114C ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
09:17:15.0824 0x1468 ClipSVC - ok
09:17:15.0839 0x1468 [ 66CBF6F8FE6F436B315D7FEAF5D2BB40, 0F6AE6412EF73C74EF0EB1866E8CD85AACE4373D5C24F3D0121F5A7420E5A03B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
09:17:15.0855 0x1468 CmBatt - ok
09:17:15.0871 0x1468 [ 9CACC75FE8AB232A82926651F026760B, 65B91E641C07C183EC9E5E75C52B9BF0C8454EF2A3E1D58C743D7BA68D5CD8DB ] CNG C:\WINDOWS\system32\Drivers\cng.sys
09:17:15.0902 0x1468 CNG - ok
09:17:15.0902 0x1468 [ 037DCC7A71938729CB12E8174E03031C, 1BA2F74F639BF8D5BB38AA658A6D847BAE8D85CF72C4AD5F13BBA1D53145789F ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
09:17:15.0902 0x1468 cnghwassist - ok
09:17:15.0918 0x1468 [ E40C99A3E0FFF49687F2187BF3E3050D, 30723EC5767C3F6FAA3CF299440B71B5973F890FB54B9737B96FA0359E7D90FA ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys
09:17:15.0933 0x1468 CompositeBus - ok
09:17:15.0933 0x1468 COMSysApp - ok
09:17:15.0933 0x1468 [ 3799A9DFB162D9AAD6AC12CB8185FD19, 942F2777049166EC43F93177F0084EA08B06CE9107AF55337124FE25CCB158C4 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
09:17:15.0949 0x1468 condrv - ok
09:17:15.0973 0x1468 [ AC89EC75D4E59CFF2E8BAFD70C6154AF, 56167BA7D5705B2BD60161E4B44B54A052D9B3A5C8756CA4D677A81A42F0282D ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
09:17:15.0999 0x1468 CoreMessagingRegistrar - ok
09:17:16.0016 0x1468 [ 6C06BABD6142EEEF6214966F52F60FF6, B133FCCCD57D14365E1C312831E56D5AF3702137AFB40C2A50CC40C9DF11086E ] cphs C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2e329e8610bbb375\IntelCpHeciSvc.exe
09:17:16.0035 0x1468 cphs - ok
09:17:16.0052 0x1468 [ 1BE51F24AD219EBBDC4060DF35A2CED7, 8F0F808EE96AB5166B5A1CAC0D624280FEE4A3F0BE8061390D8041F4D23C68AE ] cplspcon C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2e329e8610bbb375\IntelCpHDCPSvc.exe
09:17:16.0072 0x1468 cplspcon - ok
09:17:16.0081 0x1468 [ 6C6073B45D65887A6035F1A8D073274A, F002B25E05D0894CD12BA3D046E11D4AD6F0BCE8796618B0EE54851223A65C15 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
09:17:16.0113 0x1468 CryptSvc - ok
09:17:16.0117 0x1468 [ 8711386E9B04357F8F58166760759F3A, 8912CFD220645002C9D3F9E49717D8B0B98704380B45F53D45D5674537B496FF ] dam C:\WINDOWS\system32\drivers\dam.sys
09:17:16.0128 0x1468 dam - ok
09:17:16.0131 0x1468 [ 7AF9DAC504FBD047CBC3E64AE52C92BF, CA8F9564733DED4C3895CF7150BB254995D66889E6BE08D6654E4F897E4FF7A4 ] dc3d C:\WINDOWS\System32\drivers\dc3d.sys
09:17:16.0152 0x1468 dc3d - ok
09:17:16.0179 0x1468 [ 107661923943E9DC06ED2713AC5F7753, 2B311E9BD635F1CEB222EF798C5523447AAF63E2331377804884572D7512F299 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:17:16.0229 0x1468 DcomLaunch - ok
09:17:16.0242 0x1468 [ 7ECF8E55CAF04A8F7F7498C55A6EDAC5, F6E033A10338AD8746E1538B12B1B470E8F97210E4564893568D0C7EB165D794 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
09:17:16.0275 0x1468 defragsvc - ok
09:17:16.0275 0x1468 [ 8DF502E8116C625387DD789936D7A0C2, D42661E068F401199FAEA012C200EEF02C1409A09DACD30E6B08E3FBE4149BFA ] DeviceAssociationService C:\WINDOWS\system32\das.dll
09:17:16.0307 0x1468 DeviceAssociationService - ok
09:17:16.0307 0x1468 [ DBD6E8A5C358AAA3B4900EFD5CF94CC8, C8261CBE358562B3F31ADA0567723E0118A8687DFC8939FABC65E61C38BFE20B ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
09:17:16.0338 0x1468 DeviceInstall - ok
09:17:16.0338 0x1468 [ 38D6ED38A46F815C24C5656E8A5AB083, 730DD6D85771A60E5C089BF5D810E3AEA335BF7DD14FD72924A1A4FCF021A59D ] DevicePickerUserSvc C:\WINDOWS\System32\Windows.Devices.Picker.dll
09:17:16.0369 0x1468 DevicePickerUserSvc - ok
09:17:16.0400 0x1468 [ 372BD821867225F32DE87A6B3FEC8A2E, 20389A1861B5A451EE3383F68FC59B3C9A75D3123B2DF1669CBB5CC37A0128B0 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
09:17:16.0432 0x1468 DevicesFlowUserSvc - ok
09:17:16.0447 0x1468 [ C48C4D6B8D9C53F0399DEDA402A6FAE5, 25FBE2A51DCF7DB95AD2707502F8A9661B94FC61DFC405DA5BF23BED1BA123D2 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
09:17:16.0463 0x1468 DevQueryBroker - ok
09:17:16.0479 0x1468 [ 8A1C10410FDA4287A76EC5A64371E221, 66CE271DDAD9CD82D2DF220247D91CCB906FA4B5508ABE0DC4A56D1C0C008BCA ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
09:17:16.0494 0x1468 Dfsc - ok
09:17:16.0510 0x1468 [ 51D1F76C6EC94B0773D276C91B06A781, DF3E512D1FFA1E7AA75D4CEDD5D5AB8DAA13BE5C8427B6A4F064FDCF455C9589 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
09:17:16.0525 0x1468 Dhcp - ok
09:17:16.0525 0x1468 [ FF05980EEE93D2B4AB1284BF21D7F12B, 026C8489CC9232605B87F02E3276B81DB23A6B64BB66C01F0FD6E7D266ECD17C ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
09:17:16.0541 0x1468 diagnosticshub.standardcollector.service - ok
09:17:16.0557 0x1468 [ 6EC6BB6EF31C85FD72D14BE4A1BD1B03, E027124AD492ED22F0D604030CB0E2C3778331879FC73A614644FA8C8606ADD3 ] diagsvc C:\WINDOWS\system32\DiagSvc.dll
09:17:16.0572 0x1468 diagsvc - ok
09:17:16.0635 0x1468 [ E74FCFD1499A4F816A99D35E297CCE63, 9C6D75200A8D0932CA77F68D78F11B89B0A45441ABB1662BE69567FE13138D19 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
09:17:16.0744 0x1468 DiagTrack - ok
09:17:16.0744 0x1468 [ A79FCB89805FA9EA9F48B671A4591D4E, 13CA8B9CB35DF9F8EFFF8E6ECC0F65E4F179FA9BEF4B68F3382CA4A6BF14FA54 ] Disk C:\WINDOWS\system32\drivers\disk.sys
09:17:16.0760 0x1468 Disk - ok
09:17:16.0775 0x1468 [ EAA267FAABDBE6194985DC6A0AC96664, 604908384B503AD7E14F15776C1B3DC58A278149145C2811B5B5300EA597A50C ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
09:17:16.0807 0x1468 DmEnrollmentSvc - ok
09:17:16.0807 0x1468 [ F69D7A5D7EDEE16B85F08040836FB09C, 944730FA6CA6ED0ECA85848A2F00EE1E647F7DD4CC37E557A812ECE8A92B3999 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
09:17:16.0822 0x1468 dmvsc - ok
09:17:16.0822 0x1468 [ 8B3601E34BD1D693598F968D70361C37, 897C5AEB5ED6AC9DAB2E8E638A42FF588AF3A94EE4C731E97DFAB89BD3B658BC ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
09:17:16.0838 0x1468 dmwappushservice - ok
09:17:16.0853 0x1468 [ E65844BC31FE3687A745C2E48C845CBC, 826845A9FC00E4D68CDE5FA5C293DF6D41DB0E8D15B43647A1335F0A79AFD4D6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:17:16.0869 0x1468 Dnscache - ok
09:17:16.0885 0x1468 [ C79E79CD4DE45EC0EC0ECB5C76D6CB11, C1AFCA79A104EDF5C59C3E6A113467C7F73E84AACEDE97A22BCBA5B25563E163 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
09:17:16.0916 0x1468 dot3svc - ok
09:17:16.0916 0x1468 [ 5B1EF28DE7302A6BD5DF8459E2C598EF, F2292B8ED8FBFFA681942D5566BF1932D1E9B4F44C2D13329B60E5A8B9386CC9 ] DPS C:\WINDOWS\system32\dps.dll
09:17:16.0932 0x1468 DPS - ok
09:17:16.0932 0x1468 [ AD1BEFBF96C0273925EDC9282557D984, E23B1B043E9EE25054DCEFB10C1C69009DCB1E12675DAE60B00A646735B03D99 ] drmkaud C:\WINDOWS\System32\drivers\drmkaud.sys
09:17:16.0947 0x1468 drmkaud - ok
09:17:16.0947 0x1468 [ E7D1636EEA6F9A941573CA426F214054, 7730C82E808C80BAFB59A6AD140B11C2269A62F2396783CB063E58D8EA624BDD ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
09:17:16.0963 0x1468 DsmSvc - ok
09:17:16.0978 0x1468 [ 4323DDFF8CB51FD74B241810CFA6CDBB, D9CDE22055C6D139DC3E21C3D92112704426D60F5EF83E3E338B68D885BD3D30 ] DsSvc C:\WINDOWS\System32\DsSvc.dll
09:17:16.0994 0x1468 DsSvc - ok
09:17:16.0994 0x1468 [ 974BC06C0EC847EA4DC8D9002D394FEB, 4952FEADD7A3EF541FD537EBBCD56ED573D712755798C42428E78267E50BAB34 ] DusmSvc C:\WINDOWS\System32\dusmsvc.dll
09:17:17.0025 0x1468 DusmSvc - ok
09:17:17.0072 0x1468 [ 8FF323926AAF82B04CCE7DD4FAA17990, 2856B00864240408021E930209BEBADF37A71B254449EE2C746449F61B0787E9 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
09:17:17.0135 0x1468 DXGKrnl - ok
09:17:17.0150 0x1468 [ 46F2739380768186581E58A410E66972, AEDED6A5696F6273F79353B5BFCB806271154F92E94B40748605BC4C54A9B22F ] e2xw10x64 C:\WINDOWS\System32\drivers\e2xw10x64.sys
09:17:17.0150 0x1468 e2xw10x64 - ok
09:17:17.0166 0x1468 [ 7E9A1608894297B133AF5EE18E404208, 9E2E4B4F6133375DB8E490337594BEFB86BA964223FB272A23ADD02FA8065253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
09:17:17.0181 0x1468 Eaphost - ok
09:17:17.0244 0x1468 [ 75CA88887850A74DDAAAF92500B6D9B9, 1C413719D0E659E20C66B0762B2FC708E55536961A1D9F21906ADBE9CF431489 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
09:17:17.0338 0x1468 ebdrv - ok
09:17:17.0338 0x1468 [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] EFS C:\WINDOWS\System32\lsass.exe
09:17:17.0353 0x1468 EFS - ok
09:17:17.0353 0x1468 [ 7E838D857FC55535710C316441459C38, C4673014D3ED3E68E02DB5BE6DB53E45B1E4A3CE2B04B15BFD507AF703A60134 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
09:17:17.0369 0x1468 EhStorClass - ok
09:17:17.0369 0x1468 [ 49023DD6F646B8C70AE1C105415F3E2B, 16EC2920A2CB71C17BFA7A0E22EDAE1C0E7004C986BEBCA9435F6FDB5D8E64CF ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
09:17:17.0385 0x1468 EhStorTcgDrv - ok
09:17:17.0385 0x1468 [ 80D5BD4804C587B21A121566549A63FB, 9BDC1DEB8805E06851F2E2A8B8762265FDC6B12B873D391BFCB8300BDF425B36 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
09:17:17.0400 0x1468 embeddedmode - ok
09:17:17.0416 0x1468 [ 8BDB4EB138A93B9C4242D5ADC068899A, 528C0D16CE5D9A69EA75C43DC53D14F7BD2D8BB0B0B0F32BB1F36AC6659C6A27 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
09:17:17.0431 0x1468 EntAppSvc - ok
09:17:17.0431 0x1468 [ 1DF19D7A941CB06F8EADF89FA0BF59AD, 0A8891AD73AF277B764FA5CF163E6BC29DFFA0E35388A941AE27E001289C0A4A ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
09:17:17.0447 0x1468 ErrDev - ok
09:17:17.0463 0x1468 [ 9B538A1E44E1D61FA80E80EA75A085FA, 6431BBC533895BD466879C407B9BE7EB50345D666FEE69CAB0813283F07DBE82 ] EventSystem C:\WINDOWS\system32\es.dll
09:17:17.0494 0x1468 EventSystem - ok
09:17:17.0525 0x1468 [ 0A02476BD4A0E3F367A7922A3D456626, 4E7F84FEF2DCF5CF8EC328653D0FD08C0A59C4C194D2A1AAFA5B613F3B2C0AA5 ] Everything C:\Program Files\Everything\Everything.exe
09:17:17.0572 0x1468 Everything - ok
09:17:17.0603 0x1468 [ 0A1103F87D008DF1C52C6D15341ACA49, 75BE88FB66495DD53ADF3A6DAF08FFBBA461647E5A961C6898410FA45545DC37 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
09:17:17.0635 0x1468 EvtEng - ok
09:17:17.0650 0x1468 [ B2858C386B99A68C3E3F0DFAB935C232, D278EA60AED4C3769B827BF2DEE584135FFDCF9E1380B982A7AEFB531848F4A2 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
09:17:17.0666 0x1468 exfat - ok
09:17:17.0666 0x1468 Fabs - ok
09:17:17.0681 0x1468 [ CE38CED74D85849BB2C9894DCA712615, 087B9EA66C06F8AA185F78E482DCA128B0554B716A1740033FC624414AA1B237 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
09:17:17.0697 0x1468 fastfat - ok
09:17:17.0713 0x1468 [ BBD6407DA3DA4FC718710587E253C7BF, 8C9995A86EF9FC1FB47ADA1367A67A9829E0E3CE191D11E0AFB0F85E325D48DC ] Fax C:\WINDOWS\system32\fxssvc.exe
09:17:17.0744 0x1468 Fax - ok
09:17:17.0759 0x1468 [ 6701B9973DE98578A491721B4BDE0926, 48D07092E6B44CAA529559DF620BDAA4DFCC16430DBA8178B461E556AC526DE1 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
09:17:17.0775 0x1468 fdc - ok
09:17:17.0775 0x1468 [ A2037943CCC079307A383C5543607CEF, 2FAC5F76526A8E4D7D7FAE80F9A0AF31D37DD12FF597769C87912B973C339BF4 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
09:17:17.0791 0x1468 fdPHost - ok
09:17:17.0791 0x1468 [ C11A1A9CF331B7AA2F04974EE262EC07, AA1C79FCCDEC3C7236B7BE73E6888D7DD5642EB16E13B4633C98EE34CB72A644 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
09:17:17.0806 0x1468 FDResPub - ok
09:17:17.0822 0x1468 [ 71CECDA2DCF81E0AD8C30440C77966E2, E26313CD895579A9F3380A648E6FC271EFED0E82C0FCFB287049C5C2D0CC35A9 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
09:17:17.0838 0x1468 fhsvc - ok
09:17:17.0838 0x1468 [ 9BC7FE262AF52B341048234809AA7D91, DF95BBEB59821357C69797AC659380C9F27C11B8A60A599C9A2C5623B7CBB6DB ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
09:17:17.0853 0x1468 FileCrypt - ok
09:17:17.0853 0x1468 [ A0AF205465482EE0FC6261782629566B, E0C0E9EB327F4DEEDF3E32EB5573A74436829078331A8EA1B795438892EE81B8 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
09:17:17.0869 0x1468 FileInfo - ok
09:17:17.0869 0x1468 [ 01D83D284E6B37902DB3C4D4DB0649E0, 4376F872575013DE87CA8173FABAD367FFF907086864C106A4C82933EF9DA308 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
09:17:17.0885 0x1468 Filetrace - ok
09:17:17.0932 0x1468 [ 5BD96D8C5411ACE71A7EAACAF0EF2903, 2AF58E6060C7DEC44B4CA30E14E164473CD4089AE475DAFFC61DFE56990C1147 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
09:17:18.0041 0x1468 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic ( 1 )
09:17:18.0104 0x1468 Detect skipped due to KSN trusted
09:17:18.0104 0x1468 FirebirdServerMAGIXInstance - ok
09:17:18.0119 0x1468 [ CE9CB1DB00B5007ABFFF0717E748E919, 314E1FA6B0CD9416894EED93ADF3DCB273FF37F6E56EF64C9E7B55E174EB3226 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
09:17:18.0119 0x1468 flpydisk - ok
09:17:18.0135 0x1468 [ C5374BA2CAE89DE7269EC61A969EF5D5, 520D7A4C50A9FFF308599C6EADDCADD3D9E398718786D82F02F7EE5C30E7D6A2 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
09:17:18.0150 0x1468 FltMgr - ok
09:17:18.0182 0x1468 [ 8F528FD267C55ABE2A156C5F6EA6B867, 540A852F250783553E042FC31D3F2D695DADA4777FF31F1BA8B60E3407333277 ] FontCache C:\WINDOWS\system32\FntCache.dll
09:17:18.0244 0x1468 FontCache - ok
09:17:18.0244 0x1468 [ CE9456F925ADA70ED5A4158F103F9A26, 89753CCCB2E8B1553F077B8F13C63FBEC2EABE7093A6B847477542483347C827 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:17:18.0260 0x1468 FontCache3.0.0.0 - ok
09:17:18.0275 0x1468 [ B6BC6E6731FB1E02F0B3C73A87E1C35E, D9CA56006C1D995568A557E53DCCD7802D152CADE535BDB5DBBFC66F3F2EE236 ] FrameServer C:\WINDOWS\system32\FrameServer.dll
09:17:18.0307 0x1468 FrameServer - ok
09:17:18.0307 0x1468 [ 835F9C7193B6F9A796DE76897DC56968, 62D6CF40CD6B798E79FF3274DB156DAB17724EDEEC85F6602F3C0EDCDD2DBA11 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
09:17:18.0322 0x1468 FsDepends - ok
09:17:18.0322 0x1468 [ A01BA0506E07F316483E99D7AD9B6E75, B2CFB3AAE0E49C539C743A7F416CFC0DE2E0CFC2D5AE685F8B1BECBDB95C4308 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:17:18.0338 0x1468 Fs_Rec - ok
09:17:18.0353 0x1468 [ F00AA662A862BA1B5B0BB9FBDFAE2DFC, 1DBEA358E58370C1BD8D5797382FD22A19E92BA171AB70868359CF921F324CA7 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
09:17:18.0369 0x1468 fvevol - ok
09:17:18.0369 0x1468 [ 71DBED7FB264DB60341BC796EC2E8135, DBD29794A45AEFB16A5765D03962B311CB061D1EB8A281C5F34DABF39C66A3B2 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
09:17:18.0385 0x1468 gencounter - ok
09:17:18.0385 0x1468 [ EA5EE5EF9765A9157B346DF671952F18, FD0A8DBA6EA3E47D454B877CEC74B7B6BEC8B7A98BE37E9E1110D867009D9EA1 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
09:17:18.0400 0x1468 genericusbfn - ok
09:17:18.0416 0x1468 [ 6BE6550F1A32796A11EBC58BBC72C44D, 99DC4058EC1B3BF316F1470BF1208F0A2FC72A508BCC9E7548D91BB0FF04376A ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
09:17:18.0416 0x1468 GPIOClx0101 - ok
09:17:18.0447 0x1468 [ 3FC2377994D9D63FC128B6C48B22B68F, B47D6BE6FF596A23BBDB7261B1CA9CA67CD138CBF89AEA7A68882E62C0087561 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
09:17:18.0494 0x1468 gpsvc - ok
09:17:18.0510 0x1468 [ 508614CAC7BF8AEE4FB9002A413919B1, F60DE0236B0453FC99473A09A7FAC1140831E581C08F3F5C440F5EFCD30943AB ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
09:17:18.0525 0x1468 GpuEnergyDrv - ok
09:17:18.0525 0x1468 [ 248739BB0F3A1156A2C0AF51F39A9EA2, A94C43658BCCC88C2D229F40F5C03CA5839A2EAFD57CA088E3E85EB9264CCA3E ] GraphicsPerfSvc C:\WINDOWS\System32\GraphicsPerfSvc.dll
09:17:18.0541 0x1468 GraphicsPerfSvc - ok
09:17:18.0541 0x1468 [ DED74127C7A2266715C0B8EA2EE75214, 999507BECB4BAAC61317D98311962D446844CAC6271BFFE181F6CD6DFE221465 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
09:17:18.0557 0x1468 HDAudBus - ok
09:17:18.0557 0x1468 [ 95888B85956AF97320D1F5C354632957, C0218271A17897D4682192AB431658523EC87CB13551B2BDA40576BF766BB26C ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
09:17:18.0572 0x1468 HidBatt - ok
09:17:18.0572 0x1468 [ 33346BD26BB0AE4361DF1ED00D2876CF, 1777169606573646F7E7D54E01E421F62479DF57FAE86005B1EEFDC06F4898B7 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
09:17:18.0588 0x1468 HidBth - ok
09:17:18.0588 0x1468 [ 6D767FEB02DF712F783BEEFF09E06431, AB64C61E5729FB27BF9564CA8308D895CFFB992CE8606FDC31EFF01BB1FF8FFE ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
09:17:18.0603 0x1468 hidi2c - ok
09:17:18.0603 0x1468 [ 542AB7A14235C5227A9307ACF1636F0B, E54C4C4511727F4E70CB1C9259C56D4AC62E70BAB2F42E9AB402C1DF4AF3FA25 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
09:17:18.0619 0x1468 hidinterrupt - ok
09:17:18.0619 0x1468 [ 1553DF41F4EE4F60B4BEEEC62264BE71, 46AE8357E8038D35ADB82A51ED421293D7AB18C926C713F19149B97400D4C65E ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
09:17:18.0635 0x1468 HidIr - ok
09:17:18.0635 0x1468 [ 3030F19C6A73367D6D5EEDD157F5D01A, B1F13C2AE334C8CDF15BD96B70E92A81487308D841196A29AE3D1164CDAF9AA2 ] hidserv C:\WINDOWS\system32\hidserv.dll
09:17:18.0650 0x1468 hidserv - ok
09:17:18.0666 0x1468 [ 6E3FB2047B8AE72E1B5F1C00A5F3E475, A5F791BECA43925D410751C114BCF2FC4A46D7A44BE80B02CD3259C6E271FF31 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
09:17:18.0682 0x1468 HidUsb - ok
09:17:18.0682 0x1468 [ 621B1FFB2E4E4745484EA01B013BF1D2, 6F6761922EF931DB95D6597A5884DEB3CC127FB9D763A5A27369F7881DE64B8D ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
09:17:18.0697 0x1468 HpSAMD - ok
09:17:18.0713 0x1468 [ B96A51E96768A56180EF4934A8613E54, A9F2EA25BF3707A0FD47EA49F9CE6F93DF13EE14F2F20D7BA763A706B0CB6328 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
09:17:18.0744 0x1468 HTTP - ok
09:17:18.0760 0x1468 [ 9E1F3BA540DB9F4942A3F50A92E5754F, 3FF53B60DC52886D6F2EC7F9D8C12009A4BECE5A046D827BC8C941E7401ED000 ] hvcrash C:\WINDOWS\System32\drivers\hvcrash.sys
09:17:18.0760 0x1468 hvcrash - ok
09:17:18.0760 0x1468 [ 64A94654E5703D2E8830AA2500D8F0A4, A1E3C910DFF1485E412F01076A11B9441161224C0F08A9067082A9FD8A5D8E5B ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
09:17:18.0775 0x1468 HvHost - ok
09:17:18.0775 0x1468 [ 621042C19113527CF8FA89F3454576BF, AB072C44B9BA8CD3AFE0DA33E42A69210AE87F4314FA3A0DF984DDF12516F063 ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
09:17:18.0791 0x1468 hvservice - ok
09:17:18.0791 0x1468 [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32 C:\WINDOWS\system32\drivers\HWiNFO64A.SYS
09:17:18.0791 0x1468 HWiNFO32 - ok
09:17:18.0806 0x1468 [ B149905CD7451160B6BFA2191A3F6182, A706E4F12963A20F9767D8730973282B5830D97A087ADA8CA9B7D219513C127F ] HwNClx0101 C:\WINDOWS\system32\Drivers\mshwnclx.sys
09:17:18.0806 0x1468 HwNClx0101 - ok
09:17:18.0822 0x1468 [ FE36689912DEC37D45B7A6C6414046FE, 3AE4E52B4ECD50ABEF67DCD1E30E409908F53624D9854BDD472352E8B280F19D ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
09:17:18.0822 0x1468 hwpolicy - ok
09:17:18.0822 0x1468 [ A1133368F47D514D73DD7FB4C4FD2B75, 6019DABCAB9E2941D76EC62F4352FA76DDCD964671C490730BF725CA2234CA3D ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
09:17:18.0838 0x1468 hyperkbd - ok
09:17:18.0838 0x1468 [ B68252C53556FFB52CCE18FF30FACA99, 0463FB8661A9EF338EFBBE43EE76C63DE170510D0E9B612D62009D7D85669365 ] HyperVideo C:\WINDOWS\System32\drivers\HyperVideo.sys
09:17:18.0853 0x1468 HyperVideo - ok
09:17:18.0853 0x1468 [ DA179667B8CEC22E4ECBBF4210DC0E35, 70CDB592E1775919B9AB1810A7BA18FE4851FBD493E4772741F36FC11A4CA47E ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
09:17:18.0869 0x1468 i8042prt - ok
09:17:18.0885 0x1468 [ B5EC43755E62591197DE5CBBDAA9FEB7, 1B4E0EAB677B09A050925879ECDA311404270DCF020AAD390692427198C73C9F ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys
09:17:18.0901 0x1468 iagpio - ok
09:17:18.0901 0x1468 [ D8CA23F9C5FEF44296FDE1E005C06EC0, 0D7B03EF9E19B9B2A28C3318560488B3F9573CF364A533A9B4A2CD0A7FFA4F84 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
09:17:18.0916 0x1468 iai2c - ok
09:17:18.0932 0x1468 [ 7B769C9D19C013F94874C4B15D59A005, 53A15F0480AEC43B5A01CFB17360188885B6ECBFFF6E566D27E5B6D4C7737243 ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
09:17:18.0947 0x1468 iaLPSS2i_GPIO2 - ok
09:17:18.0947 0x1468 [ E0F1B3A2A70FABE3BE1C9140BB55E607, 34E5B055619F3A26B7BB6054EA49D40B7D6DAFE234F57F358FE7C8EE83E10618 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
09:17:18.0963 0x1468 iaLPSS2i_GPIO2_BXT_P - ok
09:17:18.0963 0x1468 [ 89A869BCC0588A3009ECB875B09ECD39, 5ECC2C6E661B326511682D8EA1C82F942C63835890687285FEF455C5C9DC2476 ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
09:17:18.0979 0x1468 iaLPSS2i_I2C - ok
09:17:18.0979 0x1468 [ 2E693DF3C02A0859DB8DE25772751100, 3EFFDA44B247E04258429ADC85E88E23F926FD487A3A85BF879E6E5802197B3F ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
09:17:18.0994 0x1468 iaLPSS2i_I2C_BXT_P - ok
09:17:19.0010 0x1468 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
09:17:19.0010 0x1468 iaLPSSi_GPIO - ok
09:17:19.0010 0x1468 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
09:17:19.0025 0x1468 iaLPSSi_I2C - ok
09:17:19.0057 0x1468 [ 2AA863DA8EB1C7D4647027A3B145475E, 4555FC994973E3CC73E7EEE52858D1FBD57326956231BB4AEBB167901BAA5AC0 ] iaStorA C:\WINDOWS\System32\drivers\iaStorA.sys
09:17:19.0088 0x1468 iaStorA - ok
09:17:19.0119 0x1468 [ 26405FA714257E449581DE5D6E6200E6, 1C3055AF6BB53308B7E6268A11929881263767619FF524674C51C03B7990C0A8 ] iaStorAVC C:\WINDOWS\system32\drivers\iaStorAVC.sys
09:17:19.0150 0x1468 iaStorAVC - ok
09:17:19.0150 0x1468 [ 11AC0355FE52CC8813EE6864DE7531E4, 4D77C451C230395E03B3DB592B1BDCDB8B2142961906A25F0FD070D3A8B670EB ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
09:17:19.0166 0x1468 iaStorV - ok
09:17:19.0182 0x1468 [ 62CD9FA7394BCDF7784CCEFC9D00C9AA, 2A09A921EBD998EC45470675FC8D803EAE5F9E2E16B9313591987AA574835CFE ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
09:17:19.0197 0x1468 ibbus - ok
09:17:19.0197 0x1468 ibtsiva - ok
09:17:19.0213 0x1468 [ 291B20D6F13B9E7CFD169ECF945C981F, 4D7657B8B364B481522FA44EB0AD8CE90CFE2B361B0F4C1C25EF967DCFAD3D32 ] ibtusb C:\WINDOWS\system32\DRIVERS\ibtusb.sys
09:17:19.0229 0x1468 ibtusb - ok
09:17:19.0244 0x1468 [ F8CFDD8FED56E1261367A81A731BC1C0, 408187B2E7B403B47AF0D4BF089439D9BA3B3090A430983F77A55DEF2AB381DB ] icssvc C:\WINDOWS\System32\tetheringservice.dll
09:17:19.0260 0x1468 icssvc - ok
09:17:20.0420 0x1468 [ 9135F41317E6D7A837276CCB27DDE260, 5188DBE94A5A8E3EF40A6FA24620E3587AE2E36D2C04CF683D9BF231037DA8E1 ] igfx C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2e329e8610bbb375\igdkmd64.sys
09:17:20.0685 0x1468 igfx - ok
09:17:20.0701 0x1468 [ 99CAE39998476E58275ED0F1A8F53C2E, 7CCDA58B60102B5BADB8B4C859F35CF53D8EF2B64037AAFBBB04F873F2737A5F ] igfxCUIService2.0.0.0 C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2e329e8610bbb375\igfxCUIService.exe
09:17:20.0716 0x1468 igfxCUIService2.0.0.0 - ok
09:17:20.0748 0x1468 [ 25793D173BD83ACF8B248C97ABC3B860, 0133EEB7C08E02F3C732FA89381920E5C4BB0CD2190E49C19619FAB43C68708A ] IKEEXT C:\WINDOWS\System32\ikeext.dll
09:17:20.0794 0x1468 IKEEXT - ok
09:17:20.0810 0x1468 [ AA38C19A3D65E8228D822EB18037E19D, 54943929E398C67A5A9C72EA65F0FD7A06BB43F03A2291CAEA29443CD10C5169 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
09:17:20.0810 0x1468 IndirectKmd - ok
09:17:20.0841 0x1468 [ 310C18A371002983E7BF25BEB0333480, 2A251FDD552F2757059B49441BD6AC683FAEB254D828A792EA382B0D4070F1F8 ] InstallService C:\WINDOWS\system32\InstallService.dll
09:17:20.0904 0x1468 InstallService - ok
09:17:21.0016 0x1468 [ 80EB845A2A3A8C0700DDC85F083E1474, F5BFB83858F3EF67AFB2F9BBB6B3AF0EB1F778340FD6ADC4A184F2D8E957C512 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
09:17:21.0139 0x1468 IntcAzAudAddService - ok
09:17:21.0172 0x1468 [ 99E6484C1C98047E41E18C7D32DC9667, ED023FAB8E88BBCCCBE119DA7D5E51687A013B0DA7CE1CE164C21DE484AF73C4 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
09:17:21.0309 0x1468 Intel(R) Capability Licensing Service TCP IP Interface - ok
09:17:21.0309 0x1468 [ AAD556B0E8033F5FBDF1BF396F843EAA, C73A024653E1D223C3A1B27A8FD137577AAF5EF822BFA9F60E3CD3E78FE6B5FC ] Intel(R) Security Assist C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
09:17:21.0340 0x1468 Intel(R) Security Assist - detected UnsignedFile.Multi.Generic ( 1 )
09:17:21.0403 0x1468 Detect skipped due to KSN trusted
09:17:21.0403 0x1468 Intel(R) Security Assist - ok
09:17:21.0403 0x1468 [ F1B552F7ACDF6E3E4DDDB76118CAFDE3, C4047BAAECF6FA3B73EB684F53C7F81A08AA39F42F8DC7C31BF35DFA93B7C647 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
09:17:21.0418 0x1468 intelide - ok
09:17:21.0418 0x1468 [ E6CC7C1E7CEDC81D6B15BF2CF4C99109, 1B181F55CD2E500468FE07C9BA6F20B207FA4B601C4971D1551B80A480D42EBD ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
09:17:21.0434 0x1468 intelpep - ok
09:17:21.0434 0x1468 [ 2CEF9DEB97B2CA327175EE8AD5F195A1, 1D6A3B47A844A235B73F8DC2BF872A943FE980480480843EDD5935307C115B3E ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
09:17:21.0449 0x1468 intelppm - ok
09:17:21.0465 0x1468 [ 917931A6116F03DB3CA56CFCE8634667, 27B661B6143F4AE94BF28DE1133001F95A451C18804F6DFED1D7D1F36B5E5350 ] iorate C:\WINDOWS\system32\drivers\iorate.sys
09:17:21.0465 0x1468 iorate - ok
09:17:21.0481 0x1468 [ FB72A49FAD5C343C8C38948F92D87BBF, 3947D9393D6F4F104D2D07D5FBA61041A8D6006BE2497F2A6337462F8B04A124 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:17:21.0496 0x1468 IpFilterDriver - ok
09:17:21.0512 0x1468 [ 9064A49C03F1CED42EAC2B4636C87192, CF388E05EA782BC0645FD0B42A41C9334C074BE6D7C193FA4F9819905CBCEA9C ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
09:17:21.0543 0x1468 iphlpsvc - ok
09:17:21.0559 0x1468 [ 5C58142E0F1F8AA379748CC123BA7527, 1D6D42F2595DF3C0EE8FEF751F13119951A2D040D2B22A7F0CBD6083B49F8A37 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
09:17:21.0574 0x1468 IPMIDRV - ok
09:17:21.0574 0x1468 [ 7408B83959A4B8271EF67FD06A6B366B, C22DDB76AC3351A50B889AD7D2756EF8612450AC8EE72C88A1044691A0071BE5 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
09:17:21.0590 0x1468 IPNAT - ok
09:17:21.0621 0x1468 [ 59B464FDBCAC809BB5A1131DE5060292, DF5587CFAF86D8BFFBC5AE7D981D18F75876F8908D2FE206999929F9BD47BEB7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:17:21.0637 0x1468 iPod Service - ok
09:17:21.0637 0x1468 [ 7BEA2228C81FB6E1EADDD54D615B4C7E, 8640865C98F951B1B8D99E841D9A3FDC6E0251AFAC6B02F815DC409627A50112 ] IPT C:\WINDOWS\System32\drivers\ipt.sys
09:17:21.0652 0x1468 IPT - ok
09:17:21.0668 0x1468 [ AD0574F12AA812340BD39071FD30AD1E, 765F1EDFEDEA1F2728108D7A1187A468F529A883886006F74DB9EAD0BFE7B1B6 ] IpxlatCfgSvc C:\WINDOWS\System32\IpxlatCfg.dll
09:17:21.0668 0x1468 IpxlatCfgSvc - ok
09:17:21.0684 0x1468 [ 030AE3773151CFA728C67E38416FAD8D, 167E698035F2F07E822B430B31F02FABF3997BAC93039786747053344CE6E6D3 ] irda C:\WINDOWS\system32\drivers\irda.sys
09:17:21.0699 0x1468 irda - ok
09:17:21.0699 0x1468 [ 79D02DC54AB4F85D2C13A728A0E36193, 3B6BA678ED269195D506D29EBD9E070603F02AC0FAA92364E7C553B8856C3EDB ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
09:17:21.0715 0x1468 IRENUM - ok
09:17:21.0715 0x1468 [ 6ADE9DCAF71DCD888320CA47DB8B05EF, 6FA1EBB3D025546AAD14D968DF7CABD3002598F2F561CCC1D4F07A9B0322DE02 ] irmon C:\WINDOWS\System32\irmon.dll
09:17:21.0731 0x1468 irmon - ok
09:17:21.0731 0x1468 [ 1EE06F61ADDADE7DD0270FDDD6050777, 231D5514AB35BFF342D0ABF337B3CE48079A31724B659D370D867F894E2D28B9 ] isaHelperSvc C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
09:17:21.0762 0x1468 isaHelperSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:17:21.0856 0x1468 Detect skipped due to KSN trusted
09:17:21.0856 0x1468 isaHelperSvc - ok
09:17:21.0871 0x1468 [ 38A6EC08D0067DECF7B5BA4C871B846C, 0FAB8EACA2BB4A0BF3895B6BB7CA9BCF74447CF640535A57998C6A4A35EAC030 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
09:17:21.0871 0x1468 isapnp - ok
09:17:21.0887 0x1468 [ 5529131AAB75E07D9295B19E20C54DAE, C2F2C7D33945C13DDC5EF540581772CEF73EFB23F19E6BCDBB6A99D8C96A302B ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
09:17:21.0902 0x1468 iScsiPrt - ok
09:17:21.0902 0x1468 [ C35FD802C800F3CBB4FD426D5A542A22, B2325956DB68222C5FBB43DFA0BF5EEC073470010E13997F2A5635CC89D66872 ] ItSas35i C:\WINDOWS\system32\drivers\ItSas35i.sys
09:17:21.0918 0x1468 ItSas35i - ok
09:17:21.0918 0x1468 [ DA0A946E6C4228B659FA798EF0B075C1, BC2F5710D6165615CD578A970BC154C8DB1ECCA5725D09A29954E9BE8FAC0ED7 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
09:17:21.0934 0x1468 iwdbus - ok
09:17:21.0934 0x1468 [ 50E156D426D494EB9F429A55BED837C9, 4E7A711B60C1CE72577FD24BE1E40A521C46114B05EDED07C3F4D7E3117C3E09 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
09:17:21.0949 0x1468 jhi_service - ok
09:17:21.0949 0x1468 [ 17F3B012B28F27E7B813A7B037A3D790, DADE75BB016438B7E0A11A1CF1FFA596C27246EF7F4E04D96366029C9F65F0C5 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
09:17:21.0965 0x1468 kbdclass - ok
09:17:21.0965 0x1468 [ 843B4BBD15DD0340C5C293CD419D4A76, F6D17CCE13697669DA4EF1F83E394F5496C437496E0E09307F8B615DE3216CC5 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
09:17:21.0981 0x1468 kbdhid - ok
09:17:21.0981 0x1468 [ 5BBB86F3F1700E0ACE1DF10F0EF7B227, 348FE61522F8C24F407F87D2966F62BD816DF27CD824AC103699CA66EE799640 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
09:17:21.0996 0x1468 kdnic - ok
09:17:21.0996 0x1468 [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] KeyIso C:\WINDOWS\system32\lsass.exe
09:17:22.0012 0x1468 KeyIso - ok
09:17:22.0059 0x1468 [ C9A520DEFDAAA6EDBA269B045F822E44, B84A3D261B8B5D214A3E3D869854C056C261423C4D463FB525FEB5AC7A635929 ] Killer Network Service C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
09:17:22.0121 0x1468 Killer Network Service - ok
09:17:22.0137 0x1468 [ 4887CA61EB3AAF2D5AE15B6BA9182A78, 7B4C4DFF3A68C378A1F8A92947564AE4DAF0272818096F7751654AD92359D910 ] Killer Service V2 C:\Program Files\Killer Networking\Network Manager\KillerService.exe
09:17:22.0152 0x1468 Killer Service V2 - ok
09:17:22.0152 0x1468 [ 65EF1DBF0132AE84A71B555E97445D4E, 5B48E8E469EA81B58DA11AF79006752A689089467320E5CC19E9DAFFFB60A6DD ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
09:17:22.0168 0x1468 KSecDD - ok
09:17:22.0168 0x1468 [ 44758CF3E2C08937F33CFAAE495FAE98, 1FD62CC05C4B202546755BCD6E4998248FAA3BD89B755B8AA19B6ED132C3DFA1 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
09:17:22.0184 0x1468 KSecPkg - ok
09:17:22.0184 0x1468 [ 10F2EBC1F1C4549C355781715DE47B66, 9D23CBA56245532D88396DF99C62A26E71A7EEEF7CD8BA98FFF9FD2804DDF946 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
09:17:22.0199 0x1468 ksthunk - ok
09:17:22.0215 0x1468 [ C4151271434A490707B4FD4E6AAE9EED, DDB809D002039645CDED08322B9CDCA04C483A119380098FF9EBA998A1A3811D ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
09:17:22.0231 0x1468 KtmRm - ok
09:17:22.0246 0x1468 [ 081D030BC669BDEDC68B8FE81A67E6A7, B5C1FA89ACAE1683A524CD14E2D7D6C3C1FAE0ABCD330841D493FC6DB0843798 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
09:17:22.0262 0x1468 LanmanServer - ok
09:17:22.0277 0x1468 [ 514E8BD07F42D95667F54777D57403D0, 3D024A18F7AC70A846FAB3255AA1048F8DD1DC4301F1B70B647B71F5E7A1AA24 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
09:17:22.0293 0x1468 LanmanWorkstation - ok
09:17:22.0293 0x1468 [ C2A49E8EEE7C3D06ECA80847A42F65D5, E1559EF96E6F2146E4AC0BE46CBFF5FA29829812A64A6F09803C00E3E0AAB1F0 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
09:17:22.0309 0x1468 lfsvc - ok
09:17:22.0309 0x1468 [ DB8F10ED986BFE0A5B663A1D067F2CCC, 88EE540F545C8838E9F855094A2A4AAC096BD24F77103E06464CCD77C3FCFFFD ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
09:17:22.0324 0x1468 LicenseManager - ok
09:17:22.0324 0x1468 [ 3CF979AFF0196DF3DF5E54DFC049EB1F, FEA82EF2AA4222171E80548EB00A4F0FBD27363B84AA9E6B8F82147C568BADEE ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
09:17:22.0340 0x1468 lltdio - ok
09:17:22.0355 0x1468 [ D6DD748EAC3BC540CFE65C73FE20C099, 8A79E1F1834D949D027B4D3471297ADFB539B9282DE5DF5FDBE60AE171F3CFFC ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
09:17:22.0371 0x1468 lltdsvc - ok
09:17:22.0387 0x1468 [ BD35F484DA59014D091736F8F10BFB42, 7004408EEE281BA707248369910483928A15F3304F4A8F594EA2E04D43929926 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
09:17:22.0387 0x1468 lmhosts - ok
09:17:22.0402 0x1468 [ CFBF8EC48688652B9A709370B1E50315, D263526DE73891BDDD3AB4AAEB6042810FE61A38974F260B42A4B811AF7FFDB0 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:17:22.0418 0x1468 LMS - ok
09:17:22.0434 0x1468 [ 48380096385DB46E43D85CD92B9500DB, D93F4FDAA5A665E09004F7676E821AEAD0ED059F0E006FF73F02BB8FF1C0F9FC ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
09:17:22.0434 0x1468 LSI_SAS - ok
09:17:22.0434 0x1468 [ F708223E5829510DF0D5AF209D11C8B8, DE82ACC6D04092C22BA4E63CF527814467870A10B93D7E9B061DBA23CEF9424B ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
09:17:22.0449 0x1468 LSI_SAS2i - ok
09:17:22.0449 0x1468 [ B91BCC8F670F128A4BB826ACF2C2B9D5, D905232E3E49EA6CACE04CDB241D12CA9E84F106D15340C921B980610C1080FB ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
09:17:22.0465 0x1468 LSI_SAS3i - ok
09:17:22.0465 0x1468 [ FA31CDF977CD31AF9AEAAA422966ACC1, 705761786930A2534CD1B797F5F16F56F58647192175F5D19E13642A89462CAA ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
09:17:22.0480 0x1468 LSI_SSS - ok
09:17:22.0496 0x1468 [ 52B6D805C60127F0456DF019775F5740, 3005C49349072EDD68DBFC6DBF884FC75E060920EA3FA90A60C39F5A83939595 ] LSM C:\WINDOWS\System32\lsm.dll
09:17:22.0527 0x1468 LSM - ok
09:17:22.0527 0x1468 [ E86400D7B6E095E89CF63667D94D3F50, 4E30374B82FB1D8904B9803109C4557C565023FA94C7AE61BB2ADAAACAE0E179 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
09:17:22.0543 0x1468 luafv - ok
09:17:22.0559 0x1468 [ 07514F5635999D7DDB5F3A62B5C5AEB3, D3717437D14C36873E2D0C1AA65F29EB9A5DB1DE60A7EE86A093FD126B7EBC05 ] LxpSvc C:\WINDOWS\System32\LanguageOverlayServer.dll
09:17:22.0574 0x1468 LxpSvc - ok
09:17:22.0574 0x1468 [ 1CA48E995EE9BDAE7EE3601C792D8DA4, DC4EE789810D3993343F7085DBCFBE1E74B10A31B32C60964582E2F27B5D716B ] MapsBroker C:\WINDOWS\System32\moshost.dll
09:17:22.0590 0x1468 MapsBroker - ok
09:17:22.0605 0x1468 [ BD3D311802427608403C5E73A8D6137D, C85DCB557E931E302AF90270731C3F5AA820CDF14D7DBACA95284FD9E4BF5F3D ] mausbhost C:\WINDOWS\System32\drivers\mausbhost.sys
09:17:22.0621 0x1468 mausbhost - ok
09:17:22.0637 0x1468 [ 61C2D9790943D8E3AD05AE35E4A313EF, 96BBA5333F4AEEE41FAD28124DD448CFECD8111F931758CAB60FCB1DAA05E239 ] mausbip C:\WINDOWS\System32\drivers\mausbip.sys
09:17:22.0637 0x1468 mausbip - ok
09:17:22.0637 0x1468 [ 61BCE12529E96E6F0335A2A8DEB83C61, BFDD1E52736311CF53AE9C778C664D37B5B711B544BC41BDFB137F7A9789AD2A ] megasas C:\WINDOWS\system32\drivers\megasas.sys
09:17:22.0652 0x1468 megasas - ok
09:17:22.0652 0x1468 [ CA22763F12783A9C81C512ED747CECDD, 8D2403364D5479D89479FA0C23BB9511A4360F51504F78AA1675220CDCD21398 ] megasas2i C:\WINDOWS\system32\drivers\MegaSas2i.sys
09:17:22.0668 0x1468 megasas2i - ok
09:17:22.0668 0x1468 [ FDB06D857FC43D654547BBB31D039DB4, 4CBE0F0FBDD88A5DB4F333466BB4E1C886E0742D41B4ED418587B40C4F59B307 ] megasas35i C:\WINDOWS\system32\drivers\megasas35i.sys
09:17:22.0684 0x1468 megasas35i - ok
09:17:22.0699 0x1468 [ 230361AF74DDB91705284E024A22DF4F, 82F13E3E4A8B3CB6AE65C1C9F878702D16D101B0DCC79B9FF8368F9B87E0F285 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
09:17:22.0715 0x1468 megasr - ok
09:17:22.0715 0x1468 [ F1E754DEEB3369BCCE2228D5C10DE101, ECC894FCF4C3F2364883BA55242C432E9E416D93E71B67985DF24ECB39F9BAC4 ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
09:17:22.0730 0x1468 MEIx64 - ok
09:17:22.0746 0x1468 [ 69259AFDF347B5F4AF06E900C4A1F62E, 167FF155F3E1B362A5D5FDB010A5F539F5E13CAD7E64E6F105CC770DA3639EEB ] MessagingService C:\WINDOWS\System32\MessagingService.dll
09:17:22.0746 0x1468 MessagingService - ok
09:17:22.0762 0x1468 [ 71C6748EE8DE938532057EF10B4B7E44, 455175332156939B3CDA4511A2A6C213ABBFDB85EEECA98B6AB014C994F532C4 ] Micro Star SCM C:\Program Files (x86)\SCM\MSIService.exe
09:17:22.0809 0x1468 Micro Star SCM - detected UnsignedFile.Multi.Generic ( 1 )
09:17:22.0887 0x1468 Detect skipped due to KSN trusted
09:17:22.0887 0x1468 Micro Star SCM - ok
09:17:22.0887 0x1468 [ 1ECAB1D7A88F953397D09ECFCF789B91, 42AFE658FABAA6816700886B2F0697A692DE6B5DB0B90B361E099BF79B44E389 ] Microsoft_Bluetooth_AvrcpTransport C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys
09:17:22.0903 0x1468 Microsoft_Bluetooth_AvrcpTransport - ok
09:17:22.0934 0x1468 [ A8931C3820D5F392D89176E0628E766E, 0F035833B1CBABDF9E5142F3E5EB6413DC7DDBF3A0562170018A8EBA20992CA4 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
09:17:22.0949 0x1468 mlx4_bus - ok
09:17:22.0949 0x1468 [ EB4D7C9354CB88DE4B085EA3EEA5BC76, DD842967ED5A9232AF34E68548C98F9760487D5626C9628A44598A97B28F24D3 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
09:17:22.0965 0x1468 MMCSS - ok
09:17:22.0981 0x1468 [ CA25F2D78FDD0D36E3F3071B4B317BD4, 21B5902EF802FAFA7DC6FD737CE9888C74526983FDCE31CDFAB11630E1476FD1 ] Modem C:\WINDOWS\system32\drivers\modem.sys
09:17:22.0996 0x1468 Modem - ok
09:17:22.0996 0x1468 [ 13142B3B30F633F407D5256B2FFCCEF0, 0A8DD229FD752E8B7E1D11E1A066BCF8B3E2023068AD731FF23ACBF4D182D23D ] monitor C:\WINDOWS\System32\drivers\monitor.sys
09:17:23.0012 0x1468 monitor - ok
09:17:23.0012 0x1468 [ 66C9CCC6A100ACF7A4514BD3091CE566, 1423EC39D4203D717B79BF2E5F4A89A0541CCEA2162351A670EA46AA69A0859D ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
09:17:23.0028 0x1468 mouclass - ok
09:17:23.0028 0x1468 [ 6BE61DAF4CDC0E13940096EAC4A9F490, 954DA0C9FE3881030EC0B9A428C2C2BBC86353EC9421009AC48FDC047315160F ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
09:17:23.0043 0x1468 mouhid - ok
09:17:23.0043 0x1468 [ 2CFB54C638F75E39FBB22723401A8A56, 5E4B1107534AF4ADCD031FC4931B6819B8371720A3D68B5C9788C2AB34DA2C21 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
09:17:23.0059 0x1468 mountmgr - ok
09:17:23.0059 0x1468 [ 6B9E93FF7C9213359E548A494D733D52, 406CE127B6F8B4334B4EADD35788246E50FB505FE1E391B91FF60B1E56348295 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:17:23.0074 0x1468 MozillaMaintenance - ok
09:17:23.0074 0x1468 [ D78D87D9F0F6A0BB96A712DB3CD47440, 38AF07573224472BAEF036959E2A10AAA12980C22EF1F190285108DE498D10BC ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
09:17:23.0121 0x1468 mpsdrv - ok
09:17:23.0137 0x1468 [ 9C7CE5CF0CDB6F41FDB96EF03754D283, A9A8B755EAF20C13FA32240FF71134020F21EF1EB7F033F385AA1F7FDB3CEF14 ] mpssvc C:\WINDOWS\system32\mpssvc.dll
09:17:23.0168 0x1468 mpssvc - ok
09:17:23.0184 0x1468 [ C12373EC998C6F17C0FE2D6C3CBB9C04, 5F41757D6774B2DCADB340430B26C2C1BA93D7A47948DA92023622B66BB7B482 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
09:17:23.0215 0x1468 MRxDAV - ok
09:17:23.0231 0x1468 [ 3C0FA2ED75875481D00F3D77B1A3E336, 031E1A6F826CEDB44D9FAAA1615872087B822F7A4E0731D3023AEF1CFCD10A2F ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:17:23.0246 0x1468 mrxsmb - ok
09:17:23.0246 0x1468 [ 42FE3D84EFE835443151DC2A50D05643, 3582EA0CAA2A02AA9A6FDECF9DE0F962BF10FB1C2E7E804A3F0D62C4A4C365B1 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
09:17:23.0262 0x1468 mrxsmb20 - ok
09:17:23.0277 0x1468 [ F14DE177087F9E990EDE95ACE1F94662, E0B8C7DAF8C13CAD08B974D681981038E33ED8871717C550477EDCFD05A3B96D ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
09:17:23.0293 0x1468 MsBridge - ok
09:17:23.0293 0x1468 [ 9A94F32C1DC90A7E5A35D0F820A8FB1D, 4CAFCE804D9135BE9CBF80307D570F24E4A102890DAB504E3DEFF3B335C9B80E ] MSDTC C:\WINDOWS\System32\msdtc.exe
09:17:23.0309 0x1468 MSDTC - ok
09:17:23.0324 0x1468 [ 128E1D8C23F690DF1DD7AFDB214DB6ED, 9A04B77E91956B76B2FA2FE5F192C794E0C1DA708AE99B64B3B3D39902452E39 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
09:17:23.0324 0x1468 Msfs - ok
09:17:23.0340 0x1468 [ 5A5ABA987943317300A4E55A5C5EB8C4, 9AC863F537BBB2D776C3F240B510DEE94BD84A7675C695D1270770609E77F65B ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
09:17:23.0340 0x1468 msgpiowin32 - ok
09:17:23.0340 0x1468 [ D727DEA75E316C80793C7098225D3F56, F6E7F01DDDED03E29BE64796873875A4CC7215B3C8152192A465EE2E76FFC8A1 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
09:17:23.0356 0x1468 mshidkmdf - ok
09:17:23.0356 0x1468 [ E12A703CE10B068727499276340D5296, 67F513A83D896DBF014D7446D66F1A1F9F0D03ADB23B57FD1A3CCC880ED50299 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
09:17:23.0371 0x1468 mshidumdf - ok
09:17:23.0387 0x1468 [ 8E42D6B92CB4567467E29F58F2E31715, F1EEB6811526C079EF8C3702A535B23FA14C5A33CA2B14C9A65BAE136568B724 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
09:17:23.0387 0x1468 msisadrv - ok
09:17:23.0402 0x1468 [ C9930B9F2ABF42C732202813951A9A26, FFCE4E4FEC9F8393C75828C1D5CC380A666D4606891789D3A6923CE6701D5D99 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
09:17:23.0418 0x1468 MSiSCSI - ok
09:17:23.0418 0x1468 msiserver - ok
09:17:23.0418 0x1468 [ D836D32987A85D9E3955D2166A864885, 53096374A953B4CBD01BD23C17ADA9887D4F9B99712020DE46E98F5B2FBCC58E ] MSITrueColorService C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe
09:17:23.0449 0x1468 MSITrueColorService - ok
09:17:23.0465 0x1468 [ 2F3B9A23F8DEE9C3AD58CB3D966D83DD, C030A6376B392AA2D9CB8FF16196A4F71F4E7A3E32124B4B30D714D75B6583B2 ] MSKSSRV C:\WINDOWS\System32\drivers\MSKSSRV.sys
09:17:23.0481 0x1468 MSKSSRV - ok
09:17:23.0481 0x1468 [ AECFFBE104D428E8A74BCABF5B3B9912, EA94A7FA1F9BE357311E411293F4D3CC8F80ED1523BFE362DA56A3C2AC65DF58 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
09:17:23.0496 0x1468 MsLldp - ok
09:17:23.0512 0x1468 [ 83364A92271339D8042C9DD5FD938A84, 23B9A90411DEF1ABA0A9EBFA6CC39F7EA2BFABD578F3783AD398551816AFEC2A ] MSPCLOCK C:\WINDOWS\System32\drivers\MSPCLOCK.sys
09:17:23.0512 0x1468 MSPCLOCK - ok
09:17:23.0527 0x1468 [ AE5A4B89CDFF544B6481970BFD48A056, 6BE9ABE33305387AA61B29AB075C2C72CCFC01A7E86C573B6BE9B4A0FFA9D3EC ] MSPQM C:\WINDOWS\System32\drivers\MSPQM.sys
09:17:23.0543 0x1468 MSPQM - ok
09:17:23.0543 0x1468 [ 999433544A4136A9B879C98049821EE6, 757B1EEE1BE010E06140D3F99F755F482782940D829BD7E00877775D9263C534 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
09:17:23.0559 0x1468 MsRPC - ok
09:17:23.0574 0x1468 [ 4566CB65F176CE5CD8FCA487D2E3A64B, C058E431ED6D3F83A6C923648A79664A61A25F8797DA83C4AE25B491CC195F30 ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
09:17:23.0574 0x1468 mssmbios - ok
09:17:23.0590 0x1468 [ 8A11E03B32840C0B73C14D16794F1A8A, A003C44F5234522454E285D388E506B7880CCE5FCE5622618F97C2DFFC6EA9DB ] MSTEE C:\WINDOWS\System32\drivers\MSTEE.sys
09:17:23.0590 0x1468 MSTEE - ok
09:17:23.0606 0x1468 [ 794285C4F166B8108292E63FEA3C41E3, 69BB7DDB7D6F3D21395432384FB06E114B2C343664CD62A5DE1A95FBC0F5AEDD ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
09:17:23.0606 0x1468 MTConfig - ok
09:17:23.0621 0x1468 [ EEB9D3E90B83546864211D63C1A0A74A, E67118F7B91A192B50C9C2DC159B4276BBD8BF9CC935ABADA459E4DF4191066A ] Mup C:\WINDOWS\system32\Drivers\mup.sys
09:17:23.0621 0x1468 Mup - ok
09:17:23.0637 0x1468 [ 69CECA6726FAD321F5643B16A1FF3934, 8F43BEC668DD0A1D65D3B545B78AF4324AE36DCC3524B7CF3385FE2B19CB6B07 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
09:17:23.0637 0x1468 mvumis - ok
09:17:23.0652 0x1468 [ FDFEBB61C54AA5313F4CA78355A727AB, 803AB5734F64B9D7F927AA7C3167CFEF086B003E3632C5F82182817E0D02BAFA ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
09:17:23.0684 0x1468 MyWiFiDHCPDNS - ok
09:17:23.0699 0x1468 [ B66E5DDF484DE03D61B83118E45D5E11, ECADFC9178CC957498F54F22758F4944C23CE692653DA1862061C9382AE8FD23 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
09:17:23.0715 0x1468 NativeWifiP - ok
09:17:23.0730 0x1468 [ B281FAC1C60FE21ED3F635ECF673A981, 6641CCBD38AEF3FA5D9EDD24F01AAB6509AD6D3927371CD7938C04B3BBC92FD1 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
09:17:23.0777 0x1468 NaturalAuthentication - ok
09:17:23.0777 0x1468 [ 6FEC83EDC4A3D1E99039CA1D96AD720D, F6DB011FBED10EAF8CCDC9EDDCB47F728B6B17A6A3CA5D6DB5DE50EEFE7DDD4D ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
09:17:23.0793 0x1468 NcaSvc - ok
09:17:23.0809 0x1468 [ C3D3E2DFBD52C48EA787604F49060A5C, 0F5E3C9E63F6421398154EF942182FE67CCCCE6DE25B1EE2A30A8E6E3C17145A ] NcbService C:\WINDOWS\System32\ncbservice.dll
09:17:23.0824 0x1468 NcbService - ok
09:17:23.0840 0x1468 [ 9AB04C4C14B32D127DB6E7D3DF79FF26, DAC84CBDF605C43657CDA1B95A86DC0D55E236A75BFDA3041472C5D6222EB025 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
09:17:23.0855 0x1468 NcdAutoSetup - ok
09:17:23.0855 0x1468 [ AB9EB3CADF4D415B598487397476A23A, EA48BC5CCD9814F6CA50485818BA150A1066D462306764C197935A926DF0565E ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
09:17:23.0871 0x1468 ndfltr - ok
09:17:23.0887 0x1468 [ 5269DDC879DF5FEA2B7DB91AA4726CCA, 14B0A7A03A1A49D7018F8E82A8B95BEDCBF444535B4FF4A38157FC4FD61FA72B ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
09:17:23.0918 0x1468 NDIS - ok
09:17:23.0918 0x1468 [ AF73B18F3096B165A6F4417C5ED36B01, B0FA9E52D7208F756103E2E853F1D17F594C9FDD2E76304743C581613E612449 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
09:17:23.0934 0x1468 NdisCap - ok
09:17:23.0950 0x1468 [ 1A9B1F5B8B131CE461A01C9424E149D7, 66E3F49308DF111B5D5DBF57F11A05E0B9492530587E37C6729C46AED17647D3 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
09:17:23.0950 0x1468 NdisImPlatform - ok
09:17:23.0965 0x1468 [ 4C8BBD7EE829CE9BFB8E21134AC477E0, ED8E0D603AFFA4BD7C7057B7B10FEB811B89CB8C6D66EC8212AC24062D58CEDB ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:17:23.0965 0x1468 NdisTapi - ok
09:17:23.0981 0x1468 [ 76DB7B344F90A29A16CB6B7C67B87CF6, 921E6AF5B22CF3A9E153F6A6F5E3FFE64BE49959AD705F865D2734B0F8A07517 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
09:17:23.0996 0x1468 Ndisuio - ok
09:17:23.0996 0x1468 [ A76D79B71300EB3FEDD3D12D4C6F1D76, 9B20C3716DDD9EECCDDFA2C4F1A9ACA512B612A8CDFC8C22B2F867280AE51A3B ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
09:17:24.0012 0x1468 NdisVirtualBus - ok
09:17:24.0028 0x1468 [ DA9896F6ED9EAFDAC19177ADF99DD932, A89EA83567059A59058C0330951B292C1FD98A829276618703570293C73E2FFE ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
09:17:24.0043 0x1468 NdisWan - ok
09:17:24.0043 0x1468 [ DA9896F6ED9EAFDAC19177ADF99DD932, A89EA83567059A59058C0330951B292C1FD98A829276618703570293C73E2FFE ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:17:24.0075 0x1468 ndiswanlegacy - ok
09:17:24.0075 0x1468 [ 934E4A5CFD9CB891CD338052FA3467C6, 0D7C1709E6C818E2DA969220C888BF3A28D0952E73322EDDFF66AFEEB03A3103 ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
09:17:24.0090 0x1468 ndproxy - ok
09:17:24.0090 0x1468 [ 0E3B0F3645D1BAE79397C66FE8AF6402, 6568FD9646FE7C7D61D280C26097583EFA2FB9F59D43340A7283BEAD3A5CC206 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
09:17:24.0106 0x1468 Ndu - ok
09:17:24.0121 0x1468 [ A704515CF3038668E9E2CA66E31A0700, 0F5A75AC5FF8E021D15D89ACE4C4D215825D931097E1BB633F46177E36F40157 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys
09:17:24.0137 0x1468 NetAdapterCx - ok
09:17:24.0153 0x1468 [ DD09E3115DF2CDB36FED21E67149EB91, F2FAD5091F456E593FB25843026C5F2440D3605E5355F5FEFBFEF5E9E70DDED6 ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
09:17:24.0153 0x1468 NetBIOS - ok
09:17:24.0168 0x1468 [ 045A018E0BA5F9B75C5928A31C0E822C, 4285B752D5D1BC601B43537064DCE385F52A46D13E7988088B3BF2E2ADF3E2F2 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
09:17:24.0199 0x1468 NetBT - ok
09:17:24.0215 0x1468 [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] Netlogon C:\WINDOWS\system32\lsass.exe
09:17:24.0231 0x1468 Netlogon - ok
09:17:24.0246 0x1468 [ C3D07481FDD607F9B66B2CF1D8E26EF0, 5B20EAE39884B103F83A36E9AA55BA8932432344C7BADB11D8B827C07C7999E4 ] Netman C:\WINDOWS\System32\netman.dll
09:17:24.0262 0x1468 Netman - ok
09:17:24.0278 0x1468 [ E9931F57F05696CBF53A086449D97BF6, 986C99033AA10A258F0CC42727B14C5812BC76AB535CDF54FCA1B038C4BF9546 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
09:17:24.0293 0x1468 netprofm - ok
09:17:24.0309 0x1468 [ C8B1AF912319FEF251288BDD27E9576D, 0A8C2CDE353C23F076F6ED8609F3074116179B3C8BF7700324250689FDB2331C ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
09:17:24.0809 0x1468 NetSetupSvc - ok
09:17:25.0514 0x1468 [ 7EC8B56348F9298BCCA7A745C7F70E2C, F677CBD94ABE25AECF08ECFBBDA063A9C032C678327A0D105CB6B3E587C44C19 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:17:25.0530 0x1468 NetTcpPortSharing - ok
09:17:25.0530 0x1468 [ DA8548D75434CE421BF921BAAC0916D9, 3A7E1D5EC02D6D4FD3321A1B8ADB20E99DD556E2D5FE1C98633F06EE6A023A23 ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys
09:17:25.0561 0x1468 netvsc - ok
09:17:25.0702 0x1468 [ 4A6105F614D0C7B0FCEC9E101696132C, D50448B807DB4C0AE902524CC5D0F6C24164EF5E8ADDAD96F3046097401CF775 ] Netwtw04 C:\WINDOWS\system32\DRIVERS\Netwtw04.sys
09:17:25.0889 0x1468 Netwtw04 - ok
09:17:25.0920 0x1468 [ 162A571ABAF9546339EE0BB482FF6AE7, E6E590B628AA65D161D7A87C9CF360D905FCC858E73EE1C4723FE217E8A91EA2 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
09:17:25.0936 0x1468 NgcCtnrSvc - ok
09:17:25.0951 0x1468 [ 6084A17157D6F80EAD0413152DEF6185, 2018FAC7A18DCEEA2095E76832BD38CF884C0E093B8743053B1EE1057612CA92 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
09:17:25.0995 0x1468 NgcSvc - ok
09:17:26.0001 0x1468 [ EEECC4C67144A39BA5B9B6E351932606, C3CB9042D00559893EA37969898840D3D437703E6B13BCF21253AB40F6071446 ] NIWinCDEmu C:\WINDOWS\System32\drivers\NIWinCDEmu.sys
09:17:26.0008 0x1468 NIWinCDEmu - ok
09:17:26.0018 0x1468 [ BF69FF80C3975B1D1E9428A689A16CB1, 670016D59D2169B44E2EF4CBDE281A34C4E868D2465362B09FA2DBFA393A2804 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
09:17:26.0043 0x1468 NlaSvc - ok
09:17:26.0049 0x1468 [ 7190932DB00BE83B57C01B5EAC4D746B, A3C7C87874620E042EFCDF64332450ACEDD4FAB7F6C1B2DE97A1C6EDA2DA3055 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
09:17:26.0061 0x1468 Npfs - ok
09:17:26.0064 0x1468 [ 218DB396170D77BB94F69B526CC51B8F, 6AACC3C38E22061A210918771D3B087903CB7024AFBD013827864C02CD75A3F9 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
09:17:26.0078 0x1468 npsvctrig - ok
09:17:26.0081 0x1468 [ 457DAC0D0978F5391E0742ADCB4C2E28, AD53F2FC597E90AFF0795655A36192BA803AD1E737C86FD216CD39E2EC4F9C36 ] nsi C:\WINDOWS\system32\nsisvc.dll
09:17:26.0098 0x1468 nsi - ok
09:17:26.0101 0x1468 [ A4952889D7C5804F17ABB9F454A371C2, 0FCE2AD4F705805D95993337915607F74CE2AA9EC92919DDE3D2569D6B9B5C13 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
09:17:26.0112 0x1468 nsiproxy - ok
09:17:26.0153 0x1468 [ FCEFE8F8E6F5D46BB4BFA6DDEF6392E6, F9B5161C6EEB570BF2D06F465949B3855D36EDF2FC96794A56A75193EAB75406 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
09:17:26.0207 0x1468 Ntfs - ok
09:17:26.0212 0x1468 [ C029E5408EEE26C3B4E5BA5D29738DB8, 8463A19A690304DC757E7698FCB59902B6305A0E9C48BF2FB2DF24C1EFA4A6EC ] Null C:\WINDOWS\system32\drivers\Null.sys
09:17:26.0226 0x1468 Null - ok
09:17:26.0242 0x1468 [ 1154A31459B0E6D973DA40876240E832, 6740A717633566873388570D00CF64676F8249F65006BDDA0C8E90A426655458 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
09:17:26.0259 0x1468 NvContainerLocalSystem - ok
09:17:26.0270 0x1468 [ 1154A31459B0E6D973DA40876240E832, 6740A717633566873388570D00CF64676F8249F65006BDDA0C8E90A426655458 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
09:17:26.0276 0x1468 NvContainerNetworkService - ok
09:17:26.0276 0x1468 [ 189E5FCB96ABFEA84239A16062256EE4, F3233B1B14363CD4CD032F43368FD10A42C0BE665F4B13A7E253C327C2B832DB ] nvdimm C:\WINDOWS\System32\drivers\nvdimm.sys
09:17:26.0292 0x1468 nvdimm - ok
09:17:26.0557 0x1468 [ 834471AA5299E6566A9DA17AECB96214, B8D8DF1D31C3AF3283B944B94B87E6FD959F5A3E8EB5FC07F9E826B4FEDBB869 ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nvmi.inf_amd64_c0371d6f71af28d4\nvlddmkm.sys
09:17:26.0870 0x1468 nvlddmkm - ok
09:17:26.0901 0x1468 [ 1F50ED95984009BF3634D6BD1A16FA5B, 650A25B2419331D95B1E4C26DE253AC3500374EDEFC5DB55CD5D5884A26783F0 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
09:17:26.0901 0x1468 nvraid - ok
09:17:26.0916 0x1468 [ D6C14906B78F235461EEF96A886830D4, 5D0EDE46EB9965C494B994F7071696C91C0C01352D1B000501E7B55F54F11952 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
09:17:26.0916 0x1468 nvstor - ok
09:17:26.0932 0x1468 [ DF8E3DD83BA7558DC155092A2B6E53DA, 5E7D4F52937A1619DE495D1EA90AD28CBEED8C6C3FA7797E9EA9E36CBBF0BE2C ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
09:17:26.0932 0x1468 NvStreamKms - ok
09:17:26.0932 0x1468 [ 11E9791C1F356DC51156A9DCF241F641, B6012B5EEDA5794CA685E2428FD7C64FC8F988431798C61FC13B1DEA8851846C ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
09:17:26.0948 0x1468 NvTelemetryContainer - ok
09:17:26.0948 0x1468 [ 3569074FE33A57E74A49E9B71A316714, 12EA5B1BAD6B535B4C8D822557712D13DF5EAD26CB4BC85B9309664BFB20200D ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
09:17:26.0963 0x1468 nvvad_WaveExtensible - ok
09:17:26.0963 0x1468 [ C69FD87489EC115FD6C615290C936046, 27900DE480AFF486FFF422EEFADD1EF82AFD00F7F5CCB324EECACE52A665BA1B ] nvvhci C:\WINDOWS\System32\drivers\nvvhci.sys
09:17:26.0963 0x1468 nvvhci - ok
09:17:26.0979 0x1468 [ 9DBC464AB85AA48C9760C6C2E591E2D3, C9D718F8BE838E13F7488F1E8DAA79809340235A5BA5BF206C1C3DBF0A5DDB48 ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
09:17:26.0995 0x1468 OneSyncSvc - ok
09:17:27.0041 0x1468 [ EABD6FC38504B46913E2B1B739DAD185, A6225F8A939E6DA467777F85FAB02A218FB4B7ECDF68C34FE156E85BEA6E04BB ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
09:17:27.0088 0x1468 Origin Client Service - ok
09:17:27.0088 0x1468 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:17:27.0104 0x1468 ose - ok
09:17:27.0119 0x1468 [ CD5ECD6470B6B235B73569A091150299, FAAE20B0F2F15ADA5B3F5F2BBBFEA000A95EC8A64B37C9364145CE04EE204352 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
09:17:27.0135 0x1468 p2pimsvc - ok
09:17:27.0151 0x1468 [ CCD10679BA0D9EF549F80C458C2AD1C4, 7B433FEE4BEA69C28A98F4BFBE5FA603DB2CE1DFCF229EBB4D9B7A0FD159FF04 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
09:17:27.0166 0x1468 p2psvc - ok
09:17:27.0166 0x1468 [ 13B175715A4391E4E5D2AB2EBC8CDBB5, 12BA91A586C5A31FBECEB2D4842E52F79EDD3E2AD4DB169C902B9A120AEC0201 ] Parport C:\WINDOWS\System32\drivers\parport.sys
09:17:27.0182 0x1468 Parport - ok
09:17:27.0182 0x1468 [ 428B9FAFB0EE6EF66EAAB7B49A96487A, 90892AC924B529B86B42D011B2B2F0556E204650C890FDACABD8051AD6EDB631 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
09:17:27.0198 0x1468 partmgr - ok
09:17:27.0213 0x1468 [ 646118D521C8131F6940E8BD808246A0, AB43BF7BD1410C344F72F4DFE87094C4B883018C518088D6A244C95235B0A7BD ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
09:17:27.0229 0x1468 PcaSvc - ok
09:17:27.0244 0x1468 [ 7B6C0AFE5029A791F23B03EB13194797, E175EF1248ABD178A3C54D2CA910D2F3B7B1AB07A79CB88A383307EC1876C7A0 ] pci C:\WINDOWS\system32\drivers\pci.sys
09:17:27.0260 0x1468 pci - ok
09:17:27.0260 0x1468 [ C447CDA030A3415711E4E940D2E9B399, 292888AE9D44013D8B12BB1D8803988EFF64957DE682B64FDC82E100646390DA ] pciide C:\WINDOWS\system32\drivers\pciide.sys
09:17:27.0276 0x1468 pciide - ok
09:17:27.0276 0x1468 [ 753174DF234EA8BBF732986D5F78FCE7, 6BE93B24DA2161DAE5ECBE393729BD4661F04CD0CDEBEBF6D92E9E212FA89D71 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
09:17:27.0291 0x1468 pcmcia - ok
09:17:27.0291 0x1468 [ 1D05B6DE437515281CD91A16C16529E6, 0FC581E40AF55D916CF428ECF4387C1E909C3361426F1D9F723F9497C9B025D8 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
09:17:27.0307 0x1468 pcw - ok
09:17:27.0307 0x1468 [ F5F1A092463D6E46E71CC709A65403D1, 9EEB499D54842667B4ECF1036E28926C8AD20515333373D2965C57BC2C7EAD4C ] pdc C:\WINDOWS\system32\drivers\pdc.sys
09:17:27.0307 0x1468 pdc - ok
09:17:27.0338 0x1468 [ 3E8A310729B4BECFF410684E5F9ACB80, 0FD022E4DDC8696C0E57DBEF8FF2A614F29AA8B26D4ACFFDA441822C87CF88A4 ] PDF Architect 5 Manager C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
09:17:27.0416 0x1468 PDF Architect 5 Manager - ok
09:17:27.0432 0x1468 [ 42B12A76D3C98AE69C97727E3BEC7D8A, C878A05A9817F62514432685FAA795737F628EF7258EC5C7846045E1CAB2DF6E ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
09:17:27.0463 0x1468 PEAUTH - ok
09:17:27.0479 0x1468 [ CD9BA1C279BE0E92E971C2B45A7F3D9B, EC6546868718771EE45D07E9E856E5F33DD4339C1115E4479D7DEF4394D141D0 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
09:17:27.0479 0x1468 percsas2i - ok
09:17:27.0479 0x1468 [ 6D5EA79E82A48B181E18C2C39416E8C8, 4F5EF24FFFABB82B1E9D98DE3275508D458589F729C4976FDB3C2EC51549D414 ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
09:17:27.0494 0x1468 percsas3i - ok
09:17:27.0510 0x1468 [ 185100798FBD23C849DC1C00ED43D99D, 10895ADE339744BBABDFB50BE6025217C02C76B1911C2C8740A57912385B38DE ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
09:17:27.0526 0x1468 PerfHost - ok
09:17:27.0557 0x1468 [ 1206779B445417A29B33FCC7230CD28C, FCC61CF4F27F0585F267D37324CBCDE2DE20C3EB34E87256F59997F0984C8EDE ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
09:17:27.0588 0x1468 PhoneSvc - ok
09:17:27.0604 0x1468 [ 807ED476A62E79935315342BD3FAA046, FF56FC79C6B6043A10C123CF85A8DDA0B8564E03D49AD5811DDCBB99823C4836 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
09:17:27.0619 0x1468 PimIndexMaintenanceSvc - ok
09:17:27.0651 0x1468 [ 4E614DBE28B5857F70DEBCC804629E67, B93C42FB96BBA0577CB892274905352AE4A6DE257F676D6A23CE0297F945D7E7 ] pla C:\WINDOWS\system32\pla.dll
09:17:27.0697 0x1468 pla - ok
09:17:27.0713 0x1468 [ DBD6E8A5C358AAA3B4900EFD5CF94CC8, C8261CBE358562B3F31ADA0567723E0118A8687DFC8939FABC65E61C38BFE20B ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
09:17:27.0729 0x1468 PlugPlay - ok
09:17:27.0729 0x1468 [ E8BE4041A69023B6A4D1096EE8436347, 133BAA21852D077EA600F0A09C112F6511ACB792757472891E71185E94135D5B ] pmem C:\WINDOWS\System32\drivers\pmem.sys
09:17:27.0744 0x1468 pmem - ok
09:17:27.0744 0x1468 [ 99ECEDA6B2E1FDB6892FBD5AED1E5D99, C970DDDBDB4AF8C6A1AA92D780B82920B4922304649509075CF14A2AB86C3CCF ] PNPMEM C:\WINDOWS\System32\drivers\pnpmem.sys
09:17:27.0744 0x1468 PNPMEM - ok
09:17:27.0760 0x1468 [ 75690F495CEDBEF3D5989828AEEAE832, 3257E7261DF8F39CA4988BBED3060B9E8A5988978F66A4B1409E08F65B262FED ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
09:17:27.0760 0x1468 PNRPAutoReg - ok
09:17:27.0776 0x1468 [ CD5ECD6470B6B235B73569A091150299, FAAE20B0F2F15ADA5B3F5F2BBBFEA000A95EC8A64B37C9364145CE04EE204352 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
09:17:27.0791 0x1468 PNRPsvc - ok
09:17:27.0807 0x1468 [ 9744ADAF8DD679D64A33D828FABA39E1, AE820E529697A2F308E6A24127B3D4A7F02C406DA46A6CB65243EC3F6B400950 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
09:17:27.0822 0x1468 PolicyAgent - ok
09:17:27.0838 0x1468 [ F39D3876C731BB01BFE8F574188837C8, 51CB5E89397D6A150A05BDD53CC9B90B419A040BE1828C2E7BBD6684FE371588 ] Power C:\WINDOWS\system32\umpo.dll
09:17:27.0854 0x1468 Power - ok
09:17:27.0854 0x1468 [ 1FB09FD846D5030B82EB345E9970A105, 871D38DD966EDD919B2E0C51125E1834A15A0222E2452605988BFD7E7B37C5C1 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
09:17:27.0869 0x1468 PptpMiniport - ok
09:17:27.0932 0x1468 [ AD62FCEC1CB8ECD7C0E3DFD2FA79FDE4, 6372FC5E78A2DDB8AE6EB73BEB5C0D4056FB6BE9F231A36BAC37AE970F5EB247 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
09:17:28.0042 0x1468 PrintNotify - ok
09:17:28.0057 0x1468 [ A60202AE474E2173ED91118DD73ADAAD, 6AE315E1DD9E3B03E48B8848FCB0CDD506080F0012DE478BA99D102F91E968E6 ] PrintWorkflowUserSvc C:\WINDOWS\System32\PrintWorkflowService.dll
09:17:28.0073 0x1468 PrintWorkflowUserSvc - ok
09:17:28.0088 0x1468 [ E0E55CDA29C80A9520FCFC78D7F8A73D, 9DE15A73643D71183E568F8F4DD8776D935786BE46F15BFE2DFD607378FC9E58 ] Processor C:\WINDOWS\System32\drivers\processr.sys
09:17:28.0104 0x1468 Processor - ok
09:17:28.0104 0x1468 [ C974AC54A9D34AF4899E98ECC1784E03, C71B76743AAF1E8490204F7B8204C4B98BD2BFDEE159EEA42A28A23300D3B87C ] ProfSvc C:\WINDOWS\system32\profsvc.dll
09:17:28.0135 0x1468 ProfSvc - ok
09:17:28.0135 0x1468 [ E4BF8BE7B3711BCBBC95EE983C0236F4, A71C09D83034C96F7ED4DB58F7388F8A13C7FD1A3F41FE8EEC553C42B65DFFC6 ] Psched C:\WINDOWS\system32\drivers\pacer.sys
09:17:28.0151 0x1468 Psched - ok
09:17:28.0151 0x1468 [ 29F12CD3F77B65C7E37F8517395B13D2, 690517756A21B3DE4CF4A027AA712FC62DB6F5F2E89B4D2DE220A29C4A36878B ] PushToInstall C:\WINDOWS\system32\PushToInstall.dll
09:17:28.0182 0x1468 PushToInstall - ok
09:17:28.0182 0x1468 [ C32ECB99AD25E9A04F01C8665DF29EF8, 0489B3DEC6A33E50D8A48A8DAD3F5B923A81F7300E4A71358D90D2879BAC9AA2 ] pwdrvio C:\WINDOWS\system32\pwdrvio.sys
09:17:28.0182 0x1468 pwdrvio - ok
09:17:28.0182 0x1468 [ D619356B955EEFA642F5FF72755E8B3C, 1FD54978A77ACD6FBF1236E177ED074894743A9141E4169FE9AFE28680FC93C5 ] pwdspio C:\WINDOWS\system32\pwdspio.sys
09:17:28.0198 0x1468 pwdspio - ok
09:17:28.0198 0x1468 [ 8AB5F41584C98047ABEF490FC1E31F7E, F8480F9D9C1A60901975C529CC0911ED592834AB1068FADD88B15E6497A59221 ] QWAVE C:\WINDOWS\system32\qwave.dll
09:17:28.0229 0x1468 QWAVE - ok
09:17:28.0229 0x1468 [ 00F72861538B6C4E925A21BAE397A49D, 6847E2332CC8573850428CC7E3A73B2DA0274977F53BDDF7DBA68D223A501CC4 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
09:17:28.0245 0x1468 QWAVEdrv - ok
09:17:28.0245 0x1468 [ 0FFABEB2D06CD74DDE0BCA510EEAEEBC, 8598F39D312754C92A3776104D596F0C0312712D934B9994B2711F95FA6FE0AE ] Ramdisk C:\WINDOWS\system32\DRIVERS\ramdisk.sys
09:17:28.0260 0x1468 Ramdisk - ok
09:17:28.0260 0x1468 [ B834761352403111D0113284D8736025, 444D05D5F4CED956AFE48CA29CD59420BDB2B14336D19BE2A28612A851EACF4E ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:17:28.0276 0x1468 RasAcd - ok
09:17:28.0276 0x1468 [ FA99CE309B66586A0AA6EF9CFF7BC467, 4684EB05828C2153FE94468E7A9A75D8C81F90E700B437C5990BC9451AD39AC7 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
09:17:28.0292 0x1468 RasAgileVpn - ok
09:17:28.0292 0x1468 [ C7CCE345D0010B3B9AC5067578436BFE, 4473E7D0492B7F0214576861A6AD90363D7F826B5E0DE15A56E93DA94BBF19E7 ] RasAuto C:\WINDOWS\System32\rasauto.dll
09:17:28.0307 0x1468 RasAuto - ok
09:17:28.0323 0x1468 [ 775ED7E51B58CF9EB415A1DBA540DACF, A3035A8A299D35B7A24A347FB8A2DB6B5892FD2A181D90F64CCD4806EA154395 ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
09:17:28.0323 0x1468 Rasl2tp - ok
09:17:28.0354 0x1468 [ 032D13E37743DA2559E586D5BBDCB895, 16ED38F376826363B0122EF0F6AC33921E3C4F0F3C2DB30BB6211078078C7196 ] RasMan C:\WINDOWS\System32\rasmans.dll
09:17:28.0385 0x1468 RasMan - ok
09:17:28.0385 0x1468 [ E2433A620ABF4083157944E4692C500D, 126CA9F9D38FB4FA312A82FEA24C13D0693407384B1BCD55A0CBEFA8E52E1D8A ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:17:28.0401 0x1468 RasPppoe - ok
09:17:28.0416 0x1468 [ EE5D1D51FA74ECCE57CF2DB8F6A417D8, CC295366C60CAECA7CC32903E3A983635B55A5F5FD6E6BC4FEFE997B8154345C ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
09:17:28.0432 0x1468 RasSstp - ok
09:17:28.0432 0x1468 [ 5F7027A2F16AFF56DA68D996FAFDAAD8, E1DC1CC818E7ED8B107386CD55EFF38B663FD3F9A2ACDD0919F5AF3591638D1F ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:17:28.0448 0x1468 rdbss - ok
09:17:28.0448 0x1468 [ 206AB796793FDBD518B82E2F308A7176, ED0DBDE7106970F217F4FB1FB184B6795A16356C879C17E0910840F64F292809 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
09:17:28.0479 0x1468 rdpbus - ok
09:17:28.0479 0x1468 [ 3DE4216324BE32FC3AF7667AE2406EE5, B2E3C47983C58B32E07E251FF729670B5D481249EEDFD3A3EFB0F8734673F1F6 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
09:17:28.0510 0x1468 RDPDR - ok
09:17:28.0510 0x1468 [ 0600DF60EF88FD10663EC84709E5E245, 48572DC0C644E13BD1713E29E522763EB4E00337ACA64D1392960D17EAF8923A ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
09:17:28.0526 0x1468 RdpVideoMiniport - ok
09:17:28.0526 0x1468 [ 65652EFAAF4A8A59E60A2D7BE15317E8, 83A9A8506EF4769625EF0EF43B93906A6FBD9133E52C12B17A68B89DAC68D026 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
09:17:28.0541 0x1468 rdyboost - ok
09:17:28.0573 0x1468 [ 3DCB3FAFE46B9FE41C9065EBBED97724, AEB08C8C1E6AB6181A5F2B540F913B59A1256AF0E6D5355C4AC7DDBA0BF0F20B ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
09:17:28.0620 0x1468 ReFS - ok
09:17:28.0635 0x1468 [ B76350D40A46DBA17205F8373528FD83, A599A9B1297B5D70632A9EF23E9771BA646672A1B0E323144EDE906CCA172EB7 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
09:17:28.0666 0x1468 ReFSv1 - ok
09:17:28.0666 0x1468 [ D455D47E6ACD3A8D98C943F7D0C3A146, 3FD9FFCFA2B338FFD4A3A7BB9565AE9D0610B59A2F0C4310809F29696D7CE0DF ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
09:17:28.0682 0x1468 RegSrvc - ok
09:17:28.0698 0x1468 [ 980F60634FAF9C58FC468AF9AA609D68, 7BA03FE851F78D5DC9062ACEADF194ACB4F8F56C9D496B17D846CE1E4373B404 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
09:17:28.0713 0x1468 RemoteAccess - ok
09:17:28.0729 0x1468 [ 106E630F1B2A8BF2BBD4508D9B166406, FAFBE21EC61B97B4B825285EBA0F661382A95119E1740EE4FB9A1F6FB3C0F5F7 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
09:17:28.0745 0x1468 RemoteRegistry - ok
09:17:28.0760 0x1468 [ 53BE6D9C36A9CB95A1568C24D44A8A34, DD8245F87B9D4203F56595D6ABF9F1E74EA071D4B7BB0469A293CA9E20BDA246 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
09:17:28.0791 0x1468 RetailDemo - ok
09:17:28.0791 0x1468 [ 59F600BDA5B6EE591802945F1D8388D5, A30593A0EC696DE21264969664261E7ADA12C9E1161445BD41E71B7E3232604F ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
09:17:28.0807 0x1468 RFCOMM - ok
09:17:28.0807 0x1468 [ 0BAC36D65882BE4D12514C15297FE289, 888C3D54044E04B025345F618F1B08CDEDC3BAABEE7DE970C090B210E1887F17 ] RfeCoSvc C:\WINDOWS\System32\drivers\RivetNetworks\Killer\RfeCo10X64.sys
09:17:28.0823 0x1468 RfeCoSvc - ok
09:17:28.0823 0x1468 [ 3D4F4CCE0364CD3F1B539D2630686F24, 620EFC53D6F5279AEF4748FAE22F7239E7855D1F5C79B85F6CB54EF51C516408 ] rhproxy C:\WINDOWS\System32\drivers\rhproxy.sys
09:17:28.0838 0x1468 rhproxy - ok
09:17:28.0838 0x1468 [ ADA13EBD9C23C51876A5B2EADF7F2E29, D08E6A907DE5DC6F51CA71CBF7886FE7D8C6FB09154B633D86CDBE9C311361A0 ] RmSvc C:\WINDOWS\System32\RMapi.dll
09:17:28.0854 0x1468 RmSvc - ok
09:17:28.0854 0x1468 [ 3CD63AE6A9A1DE4CD5831AE15221C861, CB8B5FDA48D9D4E5A9F26F67859105E2769AF82B2CA1B0B35D9BFBA611445CC0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
09:17:28.0885 0x1468 RpcEptMapper - ok
09:17:28.0885 0x1468 [ 19EC4D05E01FE350B3494CEA122D64EB, 09FF60A8F22D66796257E33F4CFD6059D4A11A3173A7691718E9FE841E15ABA2 ] RpcLocator C:\WINDOWS\system32\locator.exe
09:17:28.0901 0x1468 RpcLocator - ok
09:17:28.0917 0x1468 [ 107661923943E9DC06ED2713AC5F7753, 2B311E9BD635F1CEB222EF798C5523447AAF63E2331377804884572D7512F299 ] RpcSs C:\WINDOWS\system32\rpcss.dll
09:17:28.0948 0x1468 RpcSs - ok
09:17:28.0964 0x1468 [ FFFB16EF6E0B8B5F7F19B425923E7D12, 27C2882AC7B27BAC5A4051C2C9326A6D289F297158DE7A3A93E8B09378DC91AA ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
09:17:28.0979 0x1468 rspndr - ok
09:17:28.0979 0x1468 [ 9B78249A7866242755C866CE3CA9CA72, 4A19C8E3DCA6E4437FB7E6EA3723D6E9EE0B75C65E69BDA514E97813E207149A ] RTSUER C:\WINDOWS\system32\Drivers\RtsUer.sys
09:17:28.0995 0x1468 RTSUER - ok
09:17:28.0995 0x1468 [ A2939E69027B97105014434BFBFF7195, 9DC09BE94415564D0E80431223BDA1C59E3555AB5267DD3F64E71D4A18C8553A ] s3cap
|
|
13.08.2018, 08:43
| #8 |
| | PUP.Optional bleibt hartnäckig TDSSKiller Log, Teil 2: Code:
ATTFilter C:\WINDOWS\System32\drivers\vms3cap.sys
09:17:29.0011 0x1468 s3cap - ok
09:17:29.0011 0x1468 [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] SamSs C:\WINDOWS\system32\lsass.exe
09:17:29.0026 0x1468 SamSs - ok
09:17:29.0026 0x1468 [ 04C51BBD8C9F54E5F2C5D831B03B11E3, 15AD9F224CBBCAFB117574F03C6F1C02639928A95BC4533453EBAFB20F7AE671 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
09:17:29.0042 0x1468 sbp2port - ok
09:17:29.0042 0x1468 [ D48F36EA4B4E8237B24E33B18D76EB2A, 128E754F15FDB00D218FB23431BF0FBDC65D64EEF294D72535B0C07EB5472136 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
09:17:29.0073 0x1468 SCardSvr - ok
09:17:29.0073 0x1468 [ 1B1FB3D8403E621F2B9201EF414E21D9, 5EFBEA5DC09CD5F151EF224BE2FF2C985D19301B17E5C16F5D00CB2852DAF8BF ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
09:17:29.0104 0x1468 ScDeviceEnum - ok
09:17:29.0104 0x1468 [ 0070C2DC6563C48EDA63A282748F3FCD, 12C8505DDD05994641B2B19666D7A54E12A21F6894913342A9BA5D148F193BE0 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
09:17:29.0120 0x1468 scfilter - ok
09:17:29.0136 0x1468 [ 9D13410D7B4D76AA2EA73EC8CA0E0190, 7C46D202683F34F1C07D9D297E9A239376800DC8C84FE1585FE7FC723B6EBBA0 ] Schedule C:\WINDOWS\system32\schedsvc.dll
09:17:29.0167 0x1468 Schedule - ok
09:17:29.0167 0x1468 [ 6538E939E55B589AA4F5BC22D35A6B36, 262BB2C6499B1B033E07CD0B8CB9C41122EE9DE52B34F664999B667E1C7CDB0D ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys
09:17:29.0182 0x1468 scmbus - ok
09:17:29.0182 0x1468 [ 620E4F2FDD04FFB70702676423F1C2AC, 25A19FFA966605C229F5BFBCBBBEE36695FC673C7814CF13E79EE4A9B3D8CBE2 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
09:17:29.0198 0x1468 SCPolicySvc - ok
09:17:29.0214 0x1468 [ 495273177E87B0C34D7E431E9254FA23, 61116DA77622F5A0E931F5033C1B870A22AD3438C056FD1F320F857908E4124B ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
09:17:29.0229 0x1468 sdbus - ok
09:17:29.0229 0x1468 [ 9EF09DE84CE20B787C02395394AC2A7E, 17019B74506D26707EBC342365008A9BB5AACA381FB60ABA85F34D153FB0682C ] SDFRd C:\WINDOWS\System32\drivers\SDFRd.sys
09:17:29.0229 0x1468 SDFRd - ok
09:17:29.0245 0x1468 [ 01607A2FAB0068450A06C90AF755D57E, 9615261063475045CBC99F17BD3A4919198D0F77CA9E4EC7B13826E514BC8543 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
09:17:29.0260 0x1468 SDRSVC - ok
09:17:29.0260 0x1468 [ F80D6C03FEA2F7DEE14023B7229DA8C2, B62AFCFCDE9C1BA0A5D80BAAC3D3D95546DB2E532C04C765FF85B27D1CBD5B8D ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
09:17:29.0276 0x1468 sdstor - ok
09:17:29.0276 0x1468 [ 44B1F4F200B4D3AE8B53290101148AFC, 34F18FEDE525BB398371329CA9F93BD3D88C30E23FCA576978D94EC67513228C ] seclogon C:\WINDOWS\system32\seclogon.dll
09:17:29.0292 0x1468 seclogon - ok
09:17:29.0292 0x1468 [ A1CF4831C4EAFE95865922CE3EBEABC0, 5E4A19AE320B0B7159B6DD6F45CA8414BE0273E85C20A1BF45D2DE16FA30B8D8 ] Securepoint VPN C:\securepoint\SPSSLVpnService.exe
09:17:29.0339 0x1468 Securepoint VPN - detected UnsignedFile.Multi.Generic ( 1 )
09:17:29.0401 0x1468 Detect skipped due to KSN trusted
09:17:29.0401 0x1468 Securepoint VPN - ok
09:17:29.0417 0x1468 [ 927AEFF824C08AD5E22BB27E4A1D50AA, C951AD571A726FA2F6C8DA2CEE528BD5A642780FD128F829E50869BBE8577A16 ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
09:17:29.0448 0x1468 SecurityHealthService - ok
09:17:29.0464 0x1468 [ 7D7ED932B6417D8687D1D972989B310B, A5DF3B6CEE97DD110FD1BC542CC5A5313B2F447E5FCC40DF6EFB9D7D49CD792C ] SEMgrSvc C:\WINDOWS\system32\SEMgrSvc.dll
09:17:29.0526 0x1468 SEMgrSvc - ok
09:17:29.0526 0x1468 [ CA614C9FBC8307AB1DC937F3393899E2, 4833CC631FA30E4D4B45BBC2CE41DE72B332B6A1FFD23B7DBFD6EDD6BC1A2ED8 ] SENS C:\WINDOWS\System32\sens.dll
09:17:29.0542 0x1468 SENS - ok
09:17:29.0557 0x1468 [ 46AEFFC68BEAF89805B95CC6F9529C2E, 7A6A38A329E82F684191561479604142BBB35121822A5CDD828819C606F2A60A ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
09:17:29.0604 0x1468 SensorDataService - ok
09:17:29.0620 0x1468 [ 2B81117E9C3E20BBAA2CB5467D000F77, AC0DF8E635908026EE43EE0444DEF61481E211737A85A473D64EC8BB214D1135 ] SensorService C:\WINDOWS\system32\SensorService.dll
09:17:29.0651 0x1468 SensorService - ok
09:17:29.0667 0x1468 [ DF94FAAEC4CDAA3886A0169E660C984B, 54BB09459D59B5DDA24D72821840FA7A71A194EA464E09DFDE021B24CB27FCAD ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
09:17:29.0682 0x1468 SensrSvc - ok
09:17:29.0698 0x1468 [ C5CF2941AA9E417B3A224601255C002E, 31E2988E13D9BB3630980E8B71AE5FB244EFB15970623C1FE76B7ACA25A4A2F2 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
09:17:29.0698 0x1468 SerCx - ok
09:17:29.0713 0x1468 [ B9C113BD9FCA4F3E23F03708A7DA07CC, 0A070BDDA956B1869D58A173B56ABA011E1F7A3C5D258343D0AEDC1EC87F4B53 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
09:17:29.0713 0x1468 SerCx2 - ok
09:17:29.0713 0x1468 [ 1845736FA47A1DFBBB642FE21095B4E0, 057E8750E8695F6B72A33BBF1C5CFCCD6BFC992E6B99A487A07F5A4921004791 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
09:17:29.0729 0x1468 Serenum - ok
09:17:29.0729 0x1468 [ F1BABF50469041797ED9928C31318832, 1A8C75F4696D4D2AA47EA33BC96069A394466953EBC3CFB2B3D6B961B8B5875A ] Serial C:\WINDOWS\System32\drivers\serial.sys
09:17:29.0745 0x1468 Serial - ok
09:17:29.0745 0x1468 [ 340116988930B07629A2D0C2B380A365, EBAAC3DF2E8DABFB477340E79FC8E3A8B74340C389D73E51D64A97A332664113 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
09:17:29.0760 0x1468 sermouse - ok
09:17:29.0776 0x1468 [ 87340BC77470B34F11A9E558B591DB08, FD91561FE5951B4F59FEE23707E1ACE31293E508EF734A5CDB0F34D332EFDDF7 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
09:17:29.0792 0x1468 SessionEnv - ok
09:17:29.0792 0x1468 [ 77FF0A5BA023D8E8C82EACCD54EA5C78, A4A88A550419C347E369DDD29D4EB5C1BC4D980FBA9C655DF787A166FCA2497D ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
09:17:29.0807 0x1468 sfloppy - ok
09:17:29.0807 0x1468 [ 1941F5CA54C469E16957587FD56ED842, D356547A9702A50AEB5F7765AC44668EEA913563A422ABBD0427EC22833A5B78 ] SgrmAgent C:\WINDOWS\system32\drivers\SgrmAgent.sys
09:17:29.0823 0x1468 SgrmAgent - ok
09:17:29.0823 0x1468 [ D3170A3F3A9626597EEE1888686E3EA6, 9321991C441B095DF15D24C8AE58F87EE5A3242532E8C023D0F78B2F96FEE6B7 ] SgrmBroker C:\WINDOWS\system32\SgrmBroker.exe
09:17:29.0838 0x1468 SgrmBroker - ok
09:17:29.0854 0x1468 [ AC1D97F89F2EC7E334A406603A686973, D230059C1CB400CCA62438603356F058B40E17DE4C7BD4DADDBB981E4F5E4C9C ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
09:17:29.0885 0x1468 SharedAccess - ok
09:17:29.0901 0x1468 [ 0BE15FDA358837ABD88DC72AA75C75CD, 3990FA051E7C280B446C8A749FCEE04E384230CC5E286B4E7080B1737E5730DD ] SharedRealitySvc C:\WINDOWS\System32\SharedRealitySvc.dll
09:17:30.0934 0x1468 SharedRealitySvc - ok
09:17:30.0950 0x1468 [ 63B104867F70F0D81125C37989146960, 468431098DD9B91F1C58551CEB4DBE6E1C456FFE845E302571B970EF05AE03A8 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:17:30.0988 0x1468 ShellHWDetection - ok
09:17:30.0995 0x1468 [ F6D90D09D2BCFA2B5E492BFECA40EDE4, 7B427335943C1EFDE482D59F3A23149FCD45BB014643BEF620A708720383C4A8 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
09:17:31.0012 0x1468 shpamsvc - ok
09:17:31.0016 0x1468 [ 1443CF919C2A3207CE7724E0A31686A2, 3F0ECC565F67638A57A23BF69C399AD638DA9F81F1660CF3E027DC057E990EA4 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
09:17:31.0023 0x1468 SiSRaid2 - ok
09:17:31.0028 0x1468 [ C0B1EAD6CC127CAE4E84EBF54105B3B8, 86F5C937D9DC61F262FF00B45249162F4087B6A1CA0FC24EF7950E4E77FEF26B ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
09:17:31.0037 0x1468 SiSRaid4 - ok
09:17:31.0041 0x1468 [ 26B9D21CDFA3A9DC311BCCCD2073A52F, 4149E7DB6DDAF447CACE9F4099606DC38023BDBBDF634AB0D5833B2C2760A35E ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
09:17:31.0060 0x1468 SmbDrvI - ok
09:17:31.0065 0x1468 [ B7C6144293CFAD2DEDCD022C44735DC2, 75F26A8F43EED45764D50B2CCE44C453BFBBD0FA56B6AF1F2B4B8B3665C3961E ] smphost C:\WINDOWS\System32\smphost.dll
09:17:31.0076 0x1468 smphost - ok
09:17:31.0089 0x1468 [ A3BEF2736E902B9DCA68554F4E10E08C, 5C7590D8F2D637B6D4A5F68945D8350B1C3D48EBE1B2C36658361900C9425611 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
09:17:31.0118 0x1468 SmsRouter - ok
09:17:31.0127 0x1468 [ 577EC13EB5215325E9B9FC51FB56A974, 1D7A0245A3C474BCD4EC69704040FB50C0E086DB1711C5B7FC4D9C4A7909DAB9 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
09:17:31.0143 0x1468 SNMPTRAP - ok
09:17:31.0157 0x1468 [ 5E70A578D27BCC7E37E16055669F2836, 7713A750902E1B9BA70C9F9EE8977E7C591AAE80D155657370E63FA2CEDACCAC ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
09:17:31.0177 0x1468 spaceport - ok
09:17:31.0182 0x1468 [ FE1776E587227120DC04EAEC45473245, 9DEBD997D275065481EEEDD2310479F2021D53B64AA6D5CEEA70E9BB8C9856C7 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
09:17:31.0189 0x1468 SpatialGraphFilter - ok
09:17:31.0194 0x1468 [ D05EB2BB52EC6B665D1631EC33241B80, 29598FC180020515254A9FAE7BE8077549C656EDB425059691007EEC0F9346F9 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
09:17:31.0203 0x1468 SpbCx - ok
09:17:31.0223 0x1468 [ 52A4B8C04C345434C974B9A949521BAE, 5FAA7E1BECD6FA28E4BA53E9B3301328B6E8516867BD7D76202A73B8CD530BC5 ] spectrum C:\WINDOWS\system32\spectrum.exe
09:17:31.0257 0x1468 spectrum - ok
09:17:31.0274 0x1468 [ C05A19A38D7D203B738771FD1854656F, 3A832F3CBA33682EAA18ABB721BF2D5A6FE9AC853038C684C264700DEB52AA65 ] Spooler C:\WINDOWS\System32\spoolsv.exe
09:17:31.0293 0x1468 Spooler - ok
09:17:31.0371 0x1468 [ 95EBCA251177AD13238FF0DC15C3202C, A7AAB09BAA42562D3638664FEE899B47BF93AEFC94EC112E9E433A3F093909A8 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
09:17:31.0465 0x1468 sppsvc - ok
09:17:31.0481 0x1468 [ 3EB4023AC700182D84CB6761D3727394, 6993C127F4AD8B899E6A285EDB849807F522D9B0A0018E5436114F527EC8B1F1 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
09:17:31.0512 0x1468 srv2 - ok
09:17:31.0512 0x1468 [ 93DF24D0C33F2894429D4180145CBDA7, 763F05818AD5F348887C297FA14FB77B6F54B9A5C3C1D70CF2B7B0692961950C ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
09:17:31.0543 0x1468 srvnet - ok
09:17:31.0543 0x1468 [ 39F85ED010EFC25ABA360675102539B1, 1D81F0A4FE2AE7AE207BA9A1F6D423E2C1A51717D00EF22017FA918C046E28F3 ] ssdevfactory C:\WINDOWS\System32\drivers\ssdevfactory.sys
09:17:31.0543 0x1468 ssdevfactory - ok
09:17:31.0559 0x1468 [ 1AEA66706573E8CCD6038369FE37F237, A62CAFE205D5B4C9F8528EDDA4E20BA4E2D1E231F2B183FE70EFE6458B2D5460 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09:17:31.0574 0x1468 SSDPSRV - ok
09:17:31.0590 0x1468 [ 5EE518DFADC18573E681BB78833E93FA, E98CCD3E2ADA265D6E3CF48CDBFE5C3067E0546F179F23B77C267F65CEB978EE ] ssh-agent C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
09:17:31.0606 0x1468 ssh-agent - ok
09:17:31.0621 0x1468 [ 96BA18D5C74ED6764F4032EC29E7720B, EF58BB8DC8727198059333F93F4A6BF12EEA89C705C1F8E47C03C73B94A4F83F ] sshid C:\WINDOWS\System32\drivers\sshid.sys
09:17:31.0621 0x1468 sshid - ok
09:17:31.0621 0x1468 [ B79A1306E30DA3700D3803C78AC9B77A, 3929E349A69F61FE8330E86CDA266F8C4CD37D377EA057D17175BCB7F0964353 ] ssps2 C:\WINDOWS\System32\drivers\ssps2.sys
09:17:31.0637 0x1468 ssps2 - ok
09:17:31.0637 0x1468 [ C7DF51E24DD853E7E2D3C0BCDCE57D6C, D1BFDC89F00C5B8388EB233290B6D540C246D0267B1C192C51645004A8CD8C62 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
09:17:31.0653 0x1468 SstpSvc - ok
09:17:31.0746 0x1468 [ B9E4174DFBDCA9979A92D17C2E67890E, 1717A6B7CADDDFCA8879B293C29617E194437E049308BCEDF3D07007C41FE39F ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
09:17:31.0840 0x1468 StateRepository - ok
09:17:31.0856 0x1468 [ DA82903F26AE12034CC5229F61098948, E7B5CA27C864BE95EC109D0692F44BE9F5F56AB6173AB1811F4E83A3EB5F26CA ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
09:17:31.0856 0x1468 stexstor - ok
09:17:31.0856 0x1468 [ 306FF12041780273C371794F4CBCB055, B4D04C25D5059D6BB3F14DB7649378625DFFA03C26F2A7C061E9A439BE011F30 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
09:17:31.0871 0x1468 StillCam - ok
09:17:31.0887 0x1468 [ EB2C25A3700309F3F67D9334CF33A36C, 9262778566EEEA810AD32CD660DEA841797BD9F874252CC5445D917FF159280B ] stisvc C:\WINDOWS\System32\wiaservc.dll
09:17:31.0919 0x1468 stisvc - ok
09:17:31.0919 0x1468 [ F2D1983C7BEF5E3AB8978A7796C59A75, 39B2005F7CCEC95D2F67AE5F69C3768FEFA04AABC0723BAD8A986A036AF0629B ] storahci C:\WINDOWS\system32\drivers\storahci.sys
09:17:31.0935 0x1468 storahci - ok
09:17:31.0950 0x1468 [ 76C9E2AA3400C22FC7091AD2F2999F95, 0015CF42CBA603448DFD85909D5047D5F9BE9153972C3832B1CF4B92A6BF0D01 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
09:17:31.0950 0x1468 storflt - ok
09:17:31.0950 0x1468 [ 701078F20919BD635EA25F691880F651, 6D56027007EF92A72C20B9B8024FDD96E03E2B8746F39D57BD1F7CAD2FC80DB2 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
09:17:31.0966 0x1468 stornvme - ok
09:17:31.0966 0x1468 [ 47CE4211A40C2C023A8138E18757F3D2, D684D2A7DECC23418A685358EA9B4F6EB3A68C690D5ED8E82F4B4639DF022775 ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
09:17:31.0981 0x1468 storqosflt - ok
09:17:32.0013 0x1468 [ DEA7BB6D3724F2FD9E61ED085E69DFA7, 5047F184894E79C31739D3C9632E43E8D2ABD70AA674DE82D6D2D0FDA137BF3F ] StorSvc C:\WINDOWS\system32\storsvc.dll
09:17:32.0044 0x1468 StorSvc - ok
09:17:32.0044 0x1468 [ 25D7B79F80F3C2CD97D797C14D470165, 5425F98A66741BB2BC7BDC8B21C3AF859A503596D983010883BF5BE4FD999D9D ] storufs C:\WINDOWS\system32\drivers\storufs.sys
09:17:32.0060 0x1468 storufs - ok
09:17:32.0060 0x1468 [ 1FC7B7BE58A29DF27F5E6F6C2F061FA3, D8CD6D1BD0ACA4B851DBC85F898CB5DA8715C5AB3D62D7B0D6BBFEADC0382A8E ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
09:17:32.0075 0x1468 storvsc - ok
09:17:32.0075 0x1468 [ 0B154B033AD7F9215DED11E0CFC80A25, 383D7BF361D75A3B78E4C8E3F616E487FA6172F860AE364B1AC73F75BE38944F ] svsvc C:\WINDOWS\system32\svsvc.dll
09:17:32.0091 0x1468 svsvc - ok
09:17:32.0106 0x1468 [ 54255DF324C621A97220EBFA832237D2, 27BAB2018BE66C67D6C2BBAA8E849E89B4150B8C81E7350DB0A1D14BEEB965D9 ] swenum C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys
09:17:32.0106 0x1468 swenum - ok
09:17:32.0122 0x1468 [ B3C113C9B784A4D296C7A7BA515F74BF, 0D20281B8AA9ED6C89E10122F3A153C2E21464686E5A3D2F907224584E6B5BCF ] swprv C:\WINDOWS\System32\swprv.dll
09:17:32.0153 0x1468 swprv - ok
09:17:32.0153 0x1468 [ A2A42A570524C975259E3B81C4D80DCA, 4B2A6295E46DD2042B3C741D9519A0376687B30711F2DA8B9B81A039E46229F9 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
09:17:32.0169 0x1468 Synth3dVsc - ok
09:17:32.0184 0x1468 [ 3069A6B1C30CBB0B0129C17987866E76, BE53E7114737686682BD7A8B113BB297C5491F9999FFF2E111F69EBAF087298E ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
09:17:32.0231 0x1468 SynTP - ok
09:17:32.0231 0x1468 [ F53F327A0A214560926546E627AFA818, 7AF593223E1D98B5B333EFA820D8264A29B57CFBE9FF9DBC0F0598D178FDBAB3 ] SynTPEnhService C:\WINDOWS\System32\SynTPEnhService.exe
09:17:32.0325 0x1468 SynTPEnhService - ok
09:17:32.0356 0x1468 [ 62492FAAC26223E8A21E79A2331A3F10, 164C2650EAD344B6DFF95B8275436231E7994B7F06ACB3DA19054849BED61FD2 ] SysMain C:\WINDOWS\system32\sysmain.dll
09:17:32.0388 0x1468 SysMain - ok
09:17:32.0388 0x1468 [ 607143646829B70F7C60F4CF499AD41D, 00746AA3D0ECE27BC04FCAB4955A199C5E040F850D0129865EC8F03DD202EF7A ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
09:17:32.0419 0x1468 SystemEventsBroker - ok
09:17:32.0419 0x1468 [ CE9975A9E0DFBEFECECE218D2674C1CD, 20ABA9B78FF40C89A757ED2B4AE2F8BE5F4C6C257AA00A324849D68ACA59A264 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
09:17:32.0434 0x1468 TabletInputService - ok
09:17:32.0450 0x1468 [ 134B275751051C5D03F9ACCDC4F8CAAB, D50F96485AF6F26EA9A5A3A2ADEACC2DFD3B2ABCDAB88195B75CC72EAC543BE2 ] tap0901 C:\WINDOWS\System32\drivers\tap0901.sys
09:17:32.0450 0x1468 tap0901 - ok
09:17:32.0466 0x1468 [ E38C7C4D57B1438F70A1B913870E8665, EEBE640E31F3D9126FD2F58EB93051FE4EEA591223DFAB9E918DEBE879718B95 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
09:17:32.0481 0x1468 TapiSrv - ok
09:17:32.0544 0x1468 [ AD15A3D2B165B5CBA09D5A634C9881C1, BAD9310C29B63626680E65E000DEB73B0F4C65F48EC60E8F791F5ADBDB6E53C6 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
09:17:32.0591 0x1468 Tcpip - ok
09:17:32.0638 0x1468 [ AD15A3D2B165B5CBA09D5A634C9881C1, BAD9310C29B63626680E65E000DEB73B0F4C65F48EC60E8F791F5ADBDB6E53C6 ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
09:17:32.0700 0x1468 Tcpip6 - ok
09:17:32.0700 0x1468 [ 085F8A5F09E64CC27309AF160EF4F9BA, DB3DFD3059836A9FB26FE924E9F2B960E454F4B20D8862266DFDA3168D610FD8 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
09:17:32.0716 0x1468 tcpipreg - ok
09:17:32.0716 0x1468 [ 16071C42E21CE3378FA449322FB9AB1D, 44CA7FD91275546492EEF0A59261E2B1C924613515D45EFD2EF0442023B2CBE5 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
09:17:32.0731 0x1468 tdx - ok
09:17:32.0731 0x1468 [ B2C4D7CB291293CAC636748E695D111E, 5E0AA8147EFDA5D21CEE8AE254F74A974B0ADAF298F569CAA73AC4E3B758438A ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
09:17:32.0747 0x1468 terminpt - ok
09:17:32.0762 0x1468 [ 10ADC3589E50B1ED8452C86E0CBE8248, BE82341A12EA83D9EFADC9AC35CF16D327F8499C99107DCDE88DD0F5DF84523C ] TermService C:\WINDOWS\System32\termsrv.dll
09:17:32.0809 0x1468 TermService - ok
09:17:32.0809 0x1468 [ 1A0A0F6A139148AFDC4622046D4B3CBD, 8FC2FB99B70A3A5B2F1D757A2F0E3085B1D242B792A35070E1DB3871A275329E ] Themes C:\WINDOWS\system32\themeservice.dll
09:17:32.0825 0x1468 Themes - ok
09:17:32.0825 0x1468 [ 811910E891A6DB4A864AE119EB71218C, 2CBB6159E2ACAE4BA73892A4F7F8A3981C159083C29F1A1D548C59FB713B9D74 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
09:17:32.0856 0x1468 TieringEngineService - ok
09:17:32.0856 0x1468 [ 8BF5E2FD72E939CF68D617E273034793, EE27D070E1C4EFE902BE173C5561F5601499F835762278CC1E5987886BD8A4D1 ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll
09:17:32.0872 0x1468 TimeBrokerSvc - ok
09:17:32.0903 0x1468 [ 1FD998EEF7CBDBC71C0FCA164B01864F, 2E5F85A81E2182FE39E9536D34A6B20C9F48CC896730982DA50AD37D1A4DAD99 ] TokenBroker C:\WINDOWS\System32\TokenBroker.dll
09:17:32.0966 0x1468 TokenBroker - ok
09:17:32.0966 0x1468 [ BF705C64C1522646BF00E72393DC5D6F, 9D60CB5DFBD400C59C33C5221040FBBFE1A18870E75E176A6BC7D352783B56A7 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
09:17:32.0982 0x1468 TPM - ok
09:17:32.0982 0x1468 [ A5C0F857C38278A90E953A24E1701196, 1A646E47013946CCE41C798A494C6D266AEFC8A8D6EB65CD8848E72106687E38 ] TrkWks C:\WINDOWS\System32\trkwks.dll
09:17:32.0997 0x1468 TrkWks - ok
09:17:33.0013 0x1468 [ 4578046C54A954C917BB393B70BA0AEB, 2DFE9DE656B415CF7D81F583F33A20A74CD54C07DB8C3196AA2102431F42F74F ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
09:17:33.0028 0x1468 TrustedInstaller - ok
09:17:33.0028 0x1468 [ 0D721F40C179EC5737C15E551F22C69B, BBA04E11C3D9150C60F74D8B1A3F444BDE0C19857BB7C45D58448F641082DE1A ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
09:17:33.0044 0x1468 TsUsbFlt - ok
09:17:33.0044 0x1468 [ DE1296871208D1F13B7AC57C4B1FA46C, D18709F65E372A47AE114ECFD6A45E6736089B4A8E719E2FB5D831D9415E995D ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
09:17:33.0060 0x1468 TsUsbGD - ok
09:17:33.0060 0x1468 [ BC938ABBF586272BD4063CA51F09149F, 06EB662948D212ACDF930C3CD01C6381A6FB152AC0F1628C86764F0973ABA1CB ] tunnel C:\WINDOWS\system32\drivers\tunnel.sys
09:17:33.0075 0x1468 tunnel - ok
09:17:33.0091 0x1468 [ E94996BB8F323AF02860196C1400AD30, DE605439FC5B59C1064DF05F63C94D7C275482C1C66BEC74FA4A83F61C2051FC ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
09:17:33.0106 0x1468 tzautoupdate - ok
09:17:33.0106 0x1468 [ BDFACE024EFF2398214797143AD76C87, EF9B6CB1F6EAE4786BBDE1E0946BECC5BD2AA493FC32A8F779A757BA57238EC9 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
09:17:33.0106 0x1468 UASPStor - ok
09:17:33.0122 0x1468 [ 00C4396DE1CD3502884BB2E2B6D6861C, 39F6BF25096ACE29CAF964DCA15078F47986F645DF49FB502A2CDF2C05C89AAB ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
09:17:33.0138 0x1468 UcmCx0101 - ok
09:17:33.0138 0x1468 [ ED9CBD1541C8AFDAA9B8255A384E2B53, D970F5E976CEBE0BCDF07B9E155EDB5B3C225812991779748CD04A9C4852DF3D ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
09:17:33.0153 0x1468 UcmTcpciCx0101 - ok
09:17:33.0169 0x1468 [ F58F1BC6A6972437CE18516F8ACCEB9F, 2C619D1E2E80662FA463EE48E3D41C8437A81B0F68EE67A0839A93DEDCD2E0B2 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
09:17:33.0169 0x1468 UcmUcsi - ok
09:17:33.0185 0x1468 [ EE62D07172014C8BBE7C80A3AAF56E8F, C93DFEB0179129AE95968BA1E1E68D71504D1288FE1A1106EB9A2EAA04AEE8E1 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
09:17:33.0200 0x1468 Ucx01000 - ok
09:17:33.0200 0x1468 [ 12E2B6B642360E66396502B62B048694, C9AC86BF767ED4ACE0F58BA3720369A2758BA154AFFE10CAAD5A2C4C259BA50A ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
09:17:33.0216 0x1468 UdeCx - ok
09:17:33.0216 0x1468 [ 6A442723D4D05D9F15D24C9942CDA00D, 4A60D6CF7214A3891877AC6E5A49AE49D056567162D6355C0D893510F0241DA7 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
09:17:33.0231 0x1468 udfs - ok
09:17:33.0247 0x1468 [ D30AF38971B6670C222250AC2CBB6227, 52C1C7AC29D06C701DA0E2772294CED0C1790EC7FCBD5074238B54BEB951E9D0 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
09:17:33.0247 0x1468 UEFI - ok
09:17:33.0263 0x1468 [ 588B9212DEE84F5192C09A147AA5C316, 80C70FD489D72015FCF8AFBE649F6C77F40B613882A1F031A2DAE088B9B4F67B ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
09:17:33.0263 0x1468 Ufx01000 - ok
09:17:33.0278 0x1468 [ 78B5C069C9AA1463ACC833FD7E2A3BD5, A44BAB6AB5E071537BD37A26DAF6D0D69BBFFFF686C183BFAAB04286DD3B81BB ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
09:17:33.0278 0x1468 UfxChipidea - ok
09:17:33.0294 0x1468 [ 533BF4F456A1C6E7581E8C0A4EC59300, E5AE7EB4A8E6CE410F465C48F102797806172B5881C2CF570A9851CCDFE656FD ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
09:17:33.0294 0x1468 ufxsynopsys - ok
09:17:33.0310 0x1468 [ 360FEE6F687D98EFFE46A5433FE6182E, 1A35569DC29F45F78D705BCEDE850CAF86FD27D6253977497EB3B000CAAE0B27 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
09:17:33.0310 0x1468 umbus - ok
09:17:33.0325 0x1468 [ F6F1A9D91F684AA02951B96EE8127DAE, 351139331041BC123C9FEE3A5CE4965AFC4CDCA488080338D98C5EB85D5843D4 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
09:17:33.0325 0x1468 UmPass - ok
09:17:33.0341 0x1468 [ 0D806415E1F86E7C1C192261C247EF0D, 640CB73D9ACC3B6E0F2A2A5A4587375F05A7519081BEC510B926A8A4A496C3B9 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
09:17:33.0372 0x1468 UmRdpService - ok
09:17:33.0388 0x1468 [ EAEC69961D9D8B39FEA44D56F7FB259D, 43FEB15A32B353B6F3C8E5F1072FF9507F2FA7799A414F30FEA0B8C47999D969 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
09:17:33.0435 0x1468 UnistoreSvc - ok
09:17:33.0450 0x1468 [ 2362D5C18120FAB9CE5BD1F73EE33758, D9AB5D5BEAF95F62A204CE8A3B8B3B6C9C1E85FB5425CA2AADCBB4770EDCDF30 ] upnphost C:\WINDOWS\System32\upnphost.dll
09:17:33.0466 0x1468 upnphost - ok
09:17:33.0466 0x1468 [ 49A5E1B43C59DC0E363AD9C2D7D10BE4, B903C1C24DAF316AF9D8C1770687DE0A24ACDA4EFE47845E13BE99985609B7CE ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
09:17:33.0481 0x1468 UrsChipidea - ok
09:17:33.0481 0x1468 [ 53F1DA2D92D1D8CE4BB9D33E58D7DF01, CD3F4B92EDA042FE696C59D67BEB711C7AF0EB5979AD5F4110297C47454EBBFA ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
09:17:33.0497 0x1468 UrsCx01000 - ok
09:17:33.0497 0x1468 [ 09518A324B95BBC0B472BD5A472CB916, B3C6BF8C84268C02CC43E5C6B37648F9691B6038D275F4BEBA7B5E9ECA046181 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
09:17:33.0513 0x1468 UrsSynopsys - ok
09:17:33.0513 0x1468 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
09:17:33.0528 0x1468 USBAAPL64 - ok
09:17:33.0528 0x1468 [ C7AD46F101A681B0F4D7F15534A5FF04, 20380A613A3E476A6282BC642534328AC35E24A03D34D6A2DF1C5468912C72D7 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
09:17:33.0544 0x1468 usbaudio - ok
09:17:33.0560 0x1468 [ B7211393225AB05324C52BA47B31FEB4, 3FFB7F1C1CA5001B95026D30ECD1991747DDAFFBE3B4929CAEDFA90E169A28AE ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
09:17:33.0560 0x1468 usbccgp - ok
09:17:33.0575 0x1468 [ 250D21958EE5F45CD13FE6BE3788EE70, C0EF097EE2ED91950BD3A6881AB08698E85C4ABABC4F7520F7E92E70CA454D4E ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
09:17:33.0591 0x1468 usbcir - ok
09:17:33.0591 0x1468 [ 4269DE1EB8029D55B3BB3A8A330FCF90, 5D9081A07F91AF704D27EEE60516D6E1E0A106D1656CEF0C5C50E51C23E17F61 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
09:17:33.0591 0x1468 usbehci - ok
09:17:33.0606 0x1468 [ D67AABAE0C9EBAC9BBA2E20E0AF52EF1, FE51895BB81E5320F66C433378469092D39F325D310543AFE28A5603FA9B4F08 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
09:17:33.0622 0x1468 usbhub - ok
09:17:33.0638 0x1468 [ D1F6348F41DFCE25AA918E38F02E80FD, 1ED0F3358D0C245C7160F3E9B5A5C5927488BE69468C51E5F329801EE844A476 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
09:17:33.0653 0x1468 USBHUB3 - ok
09:17:33.0653 0x1468 [ A547E7B1B3FB2228259AA85AC7E82698, AB18BBE30A2D149A0E10621DC8497A72DFB841B09F4E4B47FED21843C0F88D92 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
09:17:33.0669 0x1468 usbohci - ok
09:17:33.0669 0x1468 [ 692C0BA4109C8F78392A299369F51129, A675E11CD4794693D0B65A06E85F264199506A4C6EDBB68503163EED389B8D1F ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
09:17:33.0685 0x1468 usbprint - ok
09:17:33.0685 0x1468 [ 45A9E57185B79420EFEA5A4AED655809, 91D4BDBBAF1D06C404AC926357C3F20D780CF5C858B223930D69CFB17D81F3D3 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
09:17:33.0700 0x1468 usbser - ok
09:17:33.0700 0x1468 [ CEF7527514EC49EBE0C760D784643EF0, 2A4E49C5C906339C31F0A646E53773297F4B4CEAFD94CE653C37556AE243E104 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
09:17:33.0716 0x1468 USBSTOR - ok
09:17:33.0716 0x1468 [ A4124036C4FD2B94C6157C4588EEB4E3, 595C8BFB5E63AEA2F7DF2745F7C7CE45938B091470C921E3064E766A0E12851F ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
09:17:33.0731 0x1468 usbuhci - ok
09:17:33.0731 0x1468 [ 9431F7E997A8750139517709B04D8629, 250DE2A461DD3E6D40BD7A21041BF451D954D5BC14A9BC4D819955A135FC34F4 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
09:17:33.0747 0x1468 usbvideo - ok
09:17:33.0763 0x1468 [ 9F4CCFCD4B4C6008C940510E43D54AEC, CD6082E95EBA618490A2A97E258875440B3440E721B21E81608804B90DEF0D20 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
09:17:33.0778 0x1468 USBXHCI - ok
09:17:33.0809 0x1468 [ CE0E3BA8FC974BEE5BE20E4F43A1C583, E19DE81559FD92D1F7B0ADB4297926E6971F7FCB642E11758D361FC2A22C33BB ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
09:17:33.0856 0x1468 UserDataSvc - ok
09:17:33.0872 0x1468 [ B8D1D74FEF1F190BA4DA7E7A72D5D9CE, F467F39EE09DDC7750BF42C3FF317E0DC324897589268B4C7B63F8E176445820 ] UserManager C:\WINDOWS\System32\usermgr.dll
09:17:33.0919 0x1468 UserManager - ok
09:17:33.0950 0x1468 [ C6C17BECA29DB0D6F6FF6D45EB65FF80, EAF77B7A92E1C86E046C1570521F2389B804AADDB52C860DC2124340378FF26B ] UsoSvc C:\WINDOWS\system32\usocore.dll
09:17:33.0997 0x1468 UsoSvc - ok
09:17:34.0013 0x1468 [ 3E283D06357616CD4117CC15BDB7C4C3, ACE50702EE61C9F93855720037898F19E509D45982F9173643EDA455F54FB9E7 ] VacSvc C:\WINDOWS\System32\vac.dll
09:17:34.0029 0x1468 VacSvc - ok
09:17:34.0029 0x1468 [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] VaultSvc C:\WINDOWS\system32\lsass.exe
09:17:34.0044 0x1468 VaultSvc - ok
09:17:34.0044 0x1468 [ 8DCB7E5A9497C030484E5AD9E541B85C, 1170E5C190E2B6F2966076EFF11B8476CC03D924F43144C2936E11314A89ACA6 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
09:17:34.0060 0x1468 vdrvroot - ok
09:17:34.0075 0x1468 [ 4940B49502323905B66039D0D1AB4613, 963BFD563B5A79F0AE81EB9708E85901A545545D4F25FCF37A17295EE9EDA514 ] vds C:\WINDOWS\System32\vds.exe
09:17:34.0091 0x1468 vds - ok
09:17:34.0107 0x1468 [ 5C25C1A89650C95D15F7988D71487B08, EC42E586309B46CF51EC5DC00362ABA82A503545292CACE7B3D23BB0F5E687B9 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
09:17:34.0122 0x1468 VerifierExt - ok
09:17:34.0138 0x1468 [ E8E5F722A699EF037891D735CB588F8D, 66D0C76C668DBD5BCE2B30B1936486EC21455BE293203C41B8E3B031ED012A22 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
09:17:34.0154 0x1468 vhdmp - ok
09:17:34.0169 0x1468 [ 209A34F4BE17B0A56328C86F8CCC5577, 58F8A57233FC7DD220A6EF64FD48C2A5756B21AB30644FF6919847D13FF44F16 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
09:17:34.0185 0x1468 vhf - ok
09:17:34.0185 0x1468 [ 44F4ED5D8FC0CFA7C3755D44C575D994, CB52418888916D185C74992BDD7A26E13A1C60F83E5FF664A3DE00424C1C4BC6 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
09:17:34.0185 0x1468 vmbus - ok
09:17:34.0200 0x1468 [ E2D57FB1A62F0BB7F70570806A09CE2B, DCF1699488D913C9E94E2C74CD8606BDAFF69B995B2E3B7DE7F2E9C4D2E6ECF2 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
09:17:34.0200 0x1468 VMBusHID - ok
09:17:34.0200 0x1468 [ C9F69EBA06A703CE726CC6FC0AEFB5E9, 53E441D9D6017CC4BB75F41C6CB9DA79DE500CACBDDE58104D1857A2B749C373 ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
09:17:34.0216 0x1468 vmgid - ok
09:17:34.0232 0x1468 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
09:17:34.0247 0x1468 vmicguestinterface - ok
09:17:34.0263 0x1468 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
09:17:34.0278 0x1468 vmicheartbeat - ok
09:17:34.0278 0x1468 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
09:17:34.0294 0x1468 vmickvpexchange - ok
09:17:34.0294 0x1468 [ DB7FB1DA7E1564EACBADD436191309C5, B567DFB5828D64A2A199C16538F3557696C3381B858420F23EABC757FDC341C2 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
09:17:34.0325 0x1468 vmicrdv - ok
09:17:34.0325 0x1468 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
09:17:34.0341 0x1468 vmicshutdown - ok
09:17:34.0357 0x1468 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmictimesync C:\WINDOWS\System32\icsvc.dll
09:17:34.0372 0x1468 vmictimesync - ok
09:17:34.0388 0x1468 [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
09:17:34.0403 0x1468 vmicvmsession - ok
09:17:34.0403 0x1468 [ DB7FB1DA7E1564EACBADD436191309C5, B567DFB5828D64A2A199C16538F3557696C3381B858420F23EABC757FDC341C2 ] vmicvss C:\WINDOWS\System32\icsvcext.dll
09:17:34.0419 0x1468 vmicvss - ok
09:17:34.0419 0x1468 [ 708410755721F94FC8939673893C2E2B, C8516DDE667614545DA076A9D034A7941D3E03953CB41576A979199363AB7A99 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
09:17:34.0435 0x1468 volmgr - ok
09:17:34.0450 0x1468 [ 1514506CA7462A64DC38C48108DDBB45, DEE5D7B79962D9EB6D92FCF870CA1B06FE68CE6AE25F82A5B449445C99E76D2A ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
09:17:34.0450 0x1468 volmgrx - ok
09:17:34.0466 0x1468 [ F0EE4E6028CCA58BEA9A04E7BEAB7DB4, 628D0E3D60256B914E46C26BCE8F512DFE0409C34EA603EB0A20C80EB469A4D2 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
09:17:34.0482 0x1468 volsnap - ok
09:17:34.0482 0x1468 [ 77FD1607F2C371ABD241EC7699C58884, A6FE00D76C615DC641A667EB9B6824C992ED752A31A89AE3FE43BAE5462F3EB7 ] volume C:\WINDOWS\system32\drivers\volume.sys
09:17:34.0497 0x1468 volume - ok
09:17:34.0497 0x1468 [ CB90DACF9194DD9D60A2C1DBFBC1E0D1, BE454495C79857FD8DF4ABAF5BDB7D076467BBC27B31E87FA9D920F2001B670D ] vpci C:\WINDOWS\System32\drivers\vpci.sys
09:17:34.0497 0x1468 vpci - ok
09:17:34.0513 0x1468 [ ED0B3436E1DE601C6C8EB86789AC8BAB, 0CD186B09903A1D3748A3258D8B84557F3674DA04FEB8EFA24AE81FFE376265C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
09:17:34.0528 0x1468 vsmraid - ok
09:17:34.0544 0x1468 [ C7053D974A35EAB81F153FF33C883613, 9D89DC644971F93931D0E59D42ADE0A4AB49A5490709B46FCBBC309041C5432D ] VSS C:\WINDOWS\system32\vssvc.exe
09:17:34.0606 0x1468 VSS - ok
09:17:34.0622 0x1468 [ 3D706FBED35DF3B17809C6714F31F9B0, BBC337479DEB628721E651FC165EA01D986E31950189F1A81534922667101487 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
09:17:34.0622 0x1468 VSTXRAID - ok
09:17:34.0638 0x1468 [ 0B11DBB8173AD374D67893D54EBEE9F3, AB8B6FC81244729157E59D062FCC234FD7E818804D94AA6B7BF81E01B7922395 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
09:17:34.0638 0x1468 vwifibus - ok
09:17:34.0653 0x1468 [ 95540F74893235C189409C98643D7A77, 4F041301C95F55C8448C3CC5825ED9E631E770BA35BEC8498A0ABB3563584AAE ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
09:17:34.0653 0x1468 vwififlt - ok
09:17:34.0669 0x1468 [ 60A14582772A4DF0D0BE27B3F873BE6B, 93DB43D2F4B985A3FF1A152ADEDBB52567CCC29B899F96F8BA0FA9558EF2DF6D ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys
09:17:34.0669 0x1468 vwifimp - ok
09:17:34.0685 0x1468 [ 4F904ADE8BECDFB48CBA3F44FC0676A1, 2C3D619E9AD0D0DAEC0D170795FD6E5B7FE3FC667C947660320A9BC671B55736 ] W32Time C:\WINDOWS\system32\w32time.dll
09:17:34.0716 0x1468 W32Time - ok
09:17:34.0732 0x1468 [ 1C8447EFBC2B36B1CFE889E519F46A6E, 2601185B01909682FB921400C26BE6391AC93F72E84E70E2F49B4059987E191E ] WaaSMedicSvc C:\WINDOWS\System32\WaaSMedicSvc.dll
09:17:34.0747 0x1468 WaaSMedicSvc - ok
09:17:34.0747 0x1468 [ 87A01F65BD16C9FCCDD1B65F56CB93B0, E84B46DB67F2FCB22DB7130570FE7211FC96A806AC9D1D69D187899C93785CB2 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
09:17:34.0763 0x1468 WacomPen - ok
09:17:34.0778 0x1468 [ 25FAB8A2CFFA21FDB472AB3AE6C17A57, C97E651111643F32FD5B94BEDA31D62E6FF83CA0644FFE8BA98463EC9EA6EF9B ] WalletService C:\WINDOWS\system32\WalletService.dll
09:17:34.0794 0x1468 WalletService - ok
09:17:34.0810 0x1468 [ 85E187443F68F285DB78BD2279AE3701, FAC03A162CF07FCC6BDB4E45F5EDF16D48BE10D95F73A74E9BADA62EC7F24B53 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:17:34.0825 0x1468 wanarp - ok
09:17:34.0825 0x1468 [ 85E187443F68F285DB78BD2279AE3701, FAC03A162CF07FCC6BDB4E45F5EDF16D48BE10D95F73A74E9BADA62EC7F24B53 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:17:34.0841 0x1468 wanarpv6 - ok
09:17:34.0841 0x1468 [ 395447583F42FD840520EE87AE439D74, 984AE1EE8BA3B8926C6FC94BC22DE9061C90C15135EA56D0F16C1D3C4EF8DAF8 ] WarpJITSvc C:\WINDOWS\System32\Windows.WARP.JITService.dll
09:17:34.0856 0x1468 WarpJITSvc - ok
09:17:34.0888 0x1468 [ 6E235F75DF84C387388D23D697D6540B, 7113DD02243E9368EF3265CF5A7F991F9B4D69CAB70B1A446062F8DD714AFC8E ] wbengine C:\WINDOWS\system32\wbengine.exe
09:17:35.0889 0x1468 wbengine - ok
09:17:35.0905 0x1468 [ 4A9F35F16FDC5FEED34E10F02697CA1F, 71FF0EE5CB33A2B65BC56DC4381D4C6834685C8DB2B9FEB741B149DD5029F0F3 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
09:17:35.0936 0x1468 WbioSrvc - ok
09:17:35.0952 0x1468 [ 8A304D6CDC067922448CBA1EBB9FFCA8, DE40DD3A32DFF22C477F38B5E2224D55B8CCF2499EFFE0A8E9923728295BAEC1 ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
09:17:35.0952 0x1468 wcifs - ok
09:17:35.0990 0x1468 [ 24E96C02CBCCFFDE8D5CB9E7509DE374, E889050EF966ACF7BEACAC8782D28F7BB484E70025A6A40162EFAECF3D396FD4 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
09:17:36.0032 0x1468 Wcmsvc - ok
09:17:36.0045 0x1468 [ B797B163EDCA46B5244F4E083BE7A7E7, 18D977A8015380A87EC9962273B90806145186A69F3455B3445A0FE1FE431219 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
09:17:36.0073 0x1468 wcncsvc - ok
09:17:36.0077 0x1468 [ FCA1B5465213EF4DE373A1F7E76D260E, 2548A9D11027871AD0290FDADF1E42E828E6120ECE925B12BAB3F09E25172489 ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
09:17:36.0095 0x1468 wcnfs - ok
09:17:36.0099 0x1468 [ E6B9D4C5BB2C8B7BA7946EC54392B14E, 3EC126095A98E76E003EE0F8CE71E44B1CD9CA6EF63FF94A84981CB763B4E2A6 ] WdBoot C:\WINDOWS\system32\drivers\wd\WdBoot.sys
09:17:36.0118 0x1468 WdBoot - ok
09:17:36.0138 0x1468 [ 152926023B401D1F5F8852929572F5C3, 61D0FDB0E3A4D16FFA6852174B3824F6294502E331BB0831BCF99F049B09C328 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
09:17:36.0161 0x1468 Wdf01000 - ok
09:17:36.0171 0x1468 [ C0100756EBE0B8CCC9517949A0809893, 7E510269FE9984CDAB42A6C053F18C9B65A3DAD431D3050F83192995E83FDF7C ] WdFilter C:\WINDOWS\system32\drivers\wd\WdFilter.sys
09:17:36.0204 0x1468 WdFilter - ok
09:17:36.0211 0x1468 [ 067D1A81B4708CA97523709FDF57B728, CA331223250B37E7D2D8B04640EDF279F7FD7336017181ECF2D3E4F82E370F97 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
09:17:36.0227 0x1468 WdiServiceHost - ok
09:17:36.0232 0x1468 [ 067D1A81B4708CA97523709FDF57B728, CA331223250B37E7D2D8B04640EDF279F7FD7336017181ECF2D3E4F82E370F97 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
09:17:36.0245 0x1468 WdiSystemHost - ok
09:17:36.0262 0x1468 [ 5DDA2C4B9AAED51E73DD6D580406F07A, 5C103E442ED4A9CC3C4E81D6C4E6BEE2FD14E4DBE57EC46DA0EF4C539D42756B ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
09:17:36.0292 0x1468 wdiwifi - ok
09:17:36.0292 0x1468 [ EAF4FB729E94561EE31BDE5BEF869C65, 73290250B565E0A3F453BC45E69FF16A1D964E372A15401A2D3E2CDEB4670B38 ] WdmCompanionFilter C:\WINDOWS\system32\drivers\WdmCompanionFilter.sys
09:17:36.0292 0x1468 WdmCompanionFilter - ok
09:17:36.0308 0x1468 [ CF07A18380EBA6609F66002B82BE2E84, 1470438EE0996C2614CB879415884DB610B219D965AED45D1DB8B2F84863B20B ] WdNisDrv C:\WINDOWS\system32\drivers\wd\WdNisDrv.sys
09:17:36.0323 0x1468 WdNisDrv - ok
09:17:36.0386 0x1468 [ C748A3C5E6222847FAA853465A4FFAFA, 81021BB03E97425B6B5780C76925D906F181DAD3F50F039BD87E8F2A0E775D4B ] WdNisSvc C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe
09:17:36.0511 0x1468 WdNisSvc - ok
09:17:36.0526 0x1468 [ BDCC510E85F7AF152E2DFF030A526EA2, 67830B42DE20EBB30DD33093F30FBA166B27D3C1F25B52DABE1BC436671A1882 ] WebClient C:\WINDOWS\System32\webclnt.dll
09:17:36.0542 0x1468 WebClient - ok
09:17:36.0542 0x1468 [ 506F0A1CCABF4428733CF854BCBB6832, 859A7E21ABB93A0AD538AAF93D32E31B961EA6012C24567B4C76A9ED8FD4AD46 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
09:17:36.0558 0x1468 Wecsvc - ok
09:17:36.0573 0x1468 [ D8D727E8311C86B2A993A9006A453BAC, AD6C93F5ED51C621841DF68A25D5932578FADB83689FB668D056F316A8AA749D ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
09:17:36.0589 0x1468 WEPHOSTSVC - ok
09:17:36.0589 0x1468 [ 30B4568D058E17500E7BF88AECEDF3F1, 612597DFAF63E55ACB80789483CBCF0E5AC5FF7607C478C61E5A86D77B169E9E ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
09:17:36.0604 0x1468 wercplsupport - ok
09:17:36.0620 0x1468 [ 5DDB06B07A60E7AEA69837931373C159, 4E0A3260058B19F414B5053701C4723C27735818212AB3D297F896BF4C39E536 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
09:17:36.0636 0x1468 WerSvc - ok
09:17:36.0651 0x1468 [ 0427A785512BB39BEA530DC5367A9A03, 8ED29AE0FDB65D4E1D8CD3FA1783D74EF7B01AB30DD1090C917A74AC88FD4C3E ] WFDSConMgrSvc C:\WINDOWS\System32\wfdsconmgrsvc.dll
09:17:36.0683 0x1468 WFDSConMgrSvc - ok
09:17:36.0683 0x1468 [ EB0B154F12F78DE232F38EF61BCDEEA2, D4BC28969C94F9A3906339B42FC3638E8BFF575C28C709461D48A84821A89A21 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
09:17:36.0698 0x1468 WFPLWFS - ok
09:17:36.0698 0x1468 [ 752F5931696914DF2EC0B27275C38458, 83415E7BE50D9548785FBF6550FA679E425B5990F303E2D74513275A5E1DC828 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
09:17:36.0714 0x1468 WiaRpc - ok
09:17:36.0714 0x1468 [ 3AE28A996C9EB8A6F2AC12BC55035126, E54227B97F42800D445241EA638EFE86A7FEC664E96A0FA38BC48DDF7DA182AD ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
09:17:36.0729 0x1468 WIMMount - ok
09:17:36.0729 0x1468 [ CEDC4E5155D9D48F2922C21EC02419B7, B147CC9A14B92E224C7755D41E0453506F983E7874573F1DF79F3EBF27BED090 ] WinDefend C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe
09:17:36.0745 0x1468 WinDefend - ok
09:17:36.0761 0x1468 [ 2BB82BABE32D41F430D290239ABC0E87, 2D519F0B86F7B87B7028E404821EDE8B7BDA18288EF32CF81C25B9C1E629FFB1 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
09:17:36.0776 0x1468 WindowsTrustedRT - ok
09:17:36.0776 0x1468 [ 5F0EDDA201630E132C2251BC9DA85023, 842B5CBA8C33616345EDC2F91B560416AAEAAB15A8CE1F36978B251CE4CBDA16 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
09:17:36.0792 0x1468 WindowsTrustedRTProxy - ok
09:17:36.0808 0x1468 [ 939AA47A32AFE2BC17EB39FB2ED1DDC2, 7BBE6FE475FF7971EBB59682872003059AC9B27D51898BA4C094C70534E057B6 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
09:17:36.0839 0x1468 WinHttpAutoProxySvc - ok
09:17:36.0839 0x1468 [ 762D8D839C44C5A0BE0449AA84034522, E6602D0FDB501081DF165CE904DA0FEC75F3FE29C3B07B44DED6268612742F9C ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
09:17:36.0854 0x1468 WinMad - ok
09:17:36.0854 0x1468 [ 72D83880FEF0C788C5F305F330744208, 3126C2907170BBA47421D61CD6ED04DA3A3FCC66B4DBFCB4E3B56001B3BF6045 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
09:17:36.0870 0x1468 Winmgmt - ok
09:17:36.0886 0x1468 [ 48194110C410B335AC985D9194275A1C, 1CE64B9DD2DB4CCB3916AA4F4C5F8C71C647ABF7845D284019725761138B8A8B ] WinNat C:\WINDOWS\system32\drivers\winnat.sys
09:17:36.0901 0x1468 WinNat - ok
09:17:36.0948 0x1468 [ C57185CC62AA13E4F5A989D904CC9A16, 993F27F710148335C4244AB74D4B1D232DEDB0E3D82E39093A1E422C72283D31 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
09:17:37.0026 0x1468 WinRM - ok
09:17:37.0042 0x1468 [ 6FA3D810FE082001B16ADE19829F1E8E, 64B420FC14AB3194D4D2907EA5BE741456928E7E3CB9CBA50FEB8677A43B1971 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
09:17:37.0057 0x1468 WINUSB - ok
09:17:37.0057 0x1468 [ D2D6DB37E06608A5AF5B68D8E677B219, C7AAFEE7AAF76A4DCFF4FD2EE7232501832A57E3EE92CE20FA4A5D22F03FBE45 ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
09:17:37.0073 0x1468 WinVerbs - ok
09:17:37.0089 0x1468 [ 08BEB7851B4B8AA07325C23A657233F1, 6D7A4D194D342A5BC3EE9738765B2F5D6B75165954CA6B0D9CD4B40B262C300E ] wisvc C:\WINDOWS\system32\flightsettings.dll
09:17:37.0120 0x1468 wisvc - ok
09:17:37.0167 0x1468 [ 2490E373EC18869BA4FE435CFDE3ADEE, 5A3A9D11B426E5F13040758A1BE2284851C3E653E49340C1C75CF9EC3CE418B7 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
09:17:37.0245 0x1468 WlanSvc - ok
09:17:37.0276 0x1468 [ 28A32E1F7A46A833DE104EF43E389F5F, 5A88C409DD9CC74ED6CEBEB5DFC8DDADFAB9D1CBDFD4EB78D7CBB6D55749C235 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
09:17:37.0354 0x1468 wlidsvc - ok
09:17:37.0370 0x1468 [ 59F6A50CD336D0ADD22E3F1FC0D73957, A62469B30325965735FE76AE7D83E5D829AE09D7F0996CC0B42604E68426B088 ] wlpasvc C:\WINDOWS\System32\lpasvc.dll
09:17:37.0432 0x1468 wlpasvc - ok
09:17:37.0432 0x1468 [ EAEF2A087812BB7110C744446AB731D5, F5571D3C47564DFB6182DC43CC28124892323B60C3F389599DFEC94D227B4A86 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
09:17:37.0448 0x1468 WmiAcpi - ok
09:17:37.0448 0x1468 [ ABAC310F5E01CBA9B33AE694F99D0977, 700CDC85479CDBF765FB1A6A389DC991FC4D2A77851A81FF80BEED921250DBF6 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
09:17:37.0464 0x1468 wmiApSrv - ok
09:17:37.0464 0x1468 WMPNetworkSvc - ok
09:17:37.0479 0x1468 [ E122AD60BF4D7E4B28CCBABF33B28C1F, 1ABABE62FCC1B1A837540EE66F3EB0CE062962F05247002D61CFDE6ABB8E7E87 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
09:17:37.0479 0x1468 Wof - ok
09:17:37.0526 0x1468 [ 0D3303BDBC591ECF113601D7853A1AA7, 437CF89541696E0B1A8056F4A5189642FC76D762113ED4F71458AF4D72FC3E9A ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
09:17:37.0573 0x1468 workfolderssvc - ok
09:17:37.0604 0x1468 [ 58DA02D34C964C00AF9140C07CCFF8F0, 6A02F326251A790F76E59737E20CB6C38190F671766E56CE6C7FB33D1A4588B9 ] WpcMonSvc C:\WINDOWS\System32\WpcDesktopMonSvc.dll
09:17:37.0651 0x1468 WpcMonSvc - ok
09:17:37.0667 0x1468 [ 7412ECE8BD5590881FA9780B68BD70C5, 52329B5BF78E2F5792369FE5A72CF4E3E216D4F0670507D10F3DB8383FA5E0BC ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
09:17:37.0682 0x1468 WPDBusEnum - ok
09:17:37.0682 0x1468 [ 15C1131EA0216F799C86B03EDAE0BE45, 39F50C084407BC3B498714B74DDA5D63E0539681F324A18ABBED3CD0DE5D52AA ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
09:17:37.0698 0x1468 WpdUpFltr - ok
09:17:37.0698 0x1468 [ 096969606BB5C4822AB020081EA07FC5, 522F372834B0497215F45ACBC417DA10DCE45C6D3C7099E47BBA18700C294B22 ] WpnService C:\WINDOWS\system32\WpnService.dll
09:17:37.0714 0x1468 WpnService - ok
09:17:37.0729 0x1468 [ 8B694BC50D2D2B98311283CFE5B40EE6, 734F8985CAD99E8635ACF09309D958D2B7FB05C6FF54DBE3623DC071BECE3413 ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
09:17:37.0745 0x1468 WpnUserService - ok
09:17:37.0745 0x1468 [ C1C2E769FCD3B00A59FF876FB2AD4336, B4D9065268A8B3C509E9160E6F30C20F80D14876C9F6C1057245F09CEB6B0F36 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
09:17:37.0760 0x1468 ws2ifsl - ok
09:17:37.0776 0x1468 [ DCB549367EB94CD8AFAA28E3F77F6493, 9FD2C6E03F398E76403502CFC94EB8EBD2F90ED5E95ABA5E86C1B7F63601C43C ] wscsvc C:\WINDOWS\System32\wscsvc.dll
09:17:37.0792 0x1468 wscsvc - ok
09:17:37.0792 0x1468 [ A3317B8C6765C18F3BD9FE9DD352B05D, 8312D05F32909933FA692B893D5F6E1DC2E5908C8E590D4B6A51EA724DF4744C ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
09:17:37.0807 0x1468 WSDPrintDevice - ok
09:17:37.0807 0x1468 [ 3C15A5AC47B1CA4D9A9F8680E224996F, F95EC4E4E5FDFF1D68179205430AAD01A0124DBD682FAFF6270B99B4AACC793F ] WSDScan C:\WINDOWS\system32\DRIVERS\WSDScan.sys
09:17:37.0823 0x1468 WSDScan - ok
09:17:37.0823 0x1468 WSearch - ok
09:17:37.0870 0x1468 [ 63C79AD0202728F4608757340B7D602B, 68CEF28372BD23149AE7E33BE83AB8FD49FB615F60E238C15B3E46D46D5CEB3E ] wuauserv C:\WINDOWS\system32\wuaueng.dll
09:17:37.0964 0x1468 wuauserv - ok
09:17:37.0964 0x1468 [ 813DC18CC654CFB1875074139B0FEFD3, 87901841AFD9224BFEC06A712BE3C2371E16D3571210D4792F91034A2B926A06 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
09:17:37.0980 0x1468 WudfPf - ok
09:17:37.0980 0x1468 [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
09:17:37.0995 0x1468 WUDFRd - ok
09:17:38.0011 0x1468 [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
09:17:38.0026 0x1468 WUDFWpdFs - ok
09:17:38.0042 0x1468 [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
09:17:38.0058 0x1468 WUDFWpdMtp - ok
09:17:38.0089 0x1468 [ FAFE3B08208AA28C82BC42731B4EEBE8, 333D9CBE6B3492BC30A7B64C1F83494B38AD2CE7C832C1D68FEBD2EB8029230D ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
09:17:38.0136 0x1468 WwanSvc - ok
09:17:38.0136 0x1468 [ 51D3A1E2285E2E931A553281BBA10E81, 8B371AF5E7717C53780A5C2F68400412C4DB0F01AC6551476FF062B83A7D0AC8 ] xbgm C:\WINDOWS\system32\xbgmsvc.exe
09:17:38.0151 0x1468 xbgm - ok
09:17:38.0183 0x1468 [ DB952AD196A9548CF5235A71E5197F3F, 6C51EB14B2808665FCB999F376A97018F6B0A91EE6E63A25C044EA59A5713EE1 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
09:17:38.0214 0x1468 XblAuthManager - ok
09:17:38.0245 0x1468 [ 8C0DD7BFFF5A81AEC26AD720057F5451, 4503D4DD540DB9977BBFF3BF7E92BE9778578B769972CF8A54AF0F1FF5C79BF5 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
09:17:38.0292 0x1468 XblGameSave - ok
09:17:38.0292 0x1468 [ 93352403D9E6B71C275996690672488F, A012D907679B29988D18C71928BDF528506DC05A2DEF01F472B7F0CC043A0340 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
09:17:38.0323 0x1468 xboxgip - ok
09:17:38.0323 0x1468 [ C7FEC5C0377E5598BA919B29731CA45F, C153C62742B6F981905AEF7C464761E5894260F26EE164968B21D93979376378 ] XboxGipSvc C:\WINDOWS\System32\XboxGipSvc.dll
09:17:38.0339 0x1468 XboxGipSvc - ok
09:17:38.0370 0x1468 [ 3A94BD93CD2D9C34725D924230B502A5, 87AF2061D348FFFA190D0E50E6860903BED46968CF64B7765D8D80127C702E6A ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
09:17:38.0401 0x1468 XboxNetApiSvc - ok
09:17:38.0401 0x1468 [ CE1F78B5C1F14F74242008B2B3153FA2, 682D1F32DD1BBEB031D5129CE40D9C77D3C6CF4FB5979F1918B2482AF617B5BE ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
09:17:38.0417 0x1468 xinputhid - ok
09:17:38.0479 0x1468 [ 00A8C2DD875BC4B458CBFED72AAF45F4, 8DCEC939116D694D3E778C5AFDFAA12AD11387C5C3FCBC7EF4EAA1DA091F242F ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
09:17:38.0573 0x1468 ZeroConfigService - ok
09:17:38.0573 0x1468 ================ Scan global ===============================
09:17:38.0589 0x1468 [ 44D259E3B8F950D123CBE21893CEF1AB, 94FEA350B54D1581FF07D078D25A27FE3C9F815E24D299A0504FB1153E68A903 ] C:\WINDOWS\system32\basesrv.dll
09:17:38.0589 0x1468 [ 1C346B5D7E5336246604A9FCFCB092BC, BD0C56C943A8F23CA9CD1CE1FE4F9D2183F752B469A72D14B713301A867AE776 ] C:\WINDOWS\system32\winsrv.dll
09:17:38.0589 0x1468 [ FE8D1AB6D6711BE791A01C17EDEBD0D6, EECE3A16DFA0BE1BB1E7B882D33FB926C90A1DCA89805DD3514FABF7C9F05253 ] C:\WINDOWS\system32\sxssrv.dll
09:17:38.0604 0x1468 [ E2F4C75AFA20E742DE1B70372F15DCD7, 6AF120D627E26274D001A01E5CB9B165318B14B9FA8F1C8C59BF069DA1114618 ] C:\WINDOWS\system32\services.exe
09:17:38.0620 0x1468 [ Global ] - ok
09:17:38.0620 0x1468 ================ Scan MBR ==================================
09:17:38.0620 0x1468 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
09:17:38.0651 0x1468 \Device\Harddisk0\DR0 - ok
09:17:38.0933 0x1468 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
09:17:38.0995 0x1468 \Device\Harddisk1\DR1 - ok
09:17:38.0995 0x1468 ================ Scan VBR ==================================
09:17:38.0995 0x1468 [ D543616FF7D826E82AA4AAC9B21C7688 ] \Device\Harddisk0\DR0\Partition1
09:17:38.0995 0x1468 \Device\Harddisk0\DR0\Partition1 - ok
09:17:38.0995 0x1468 [ 4FAF4B694EF0F91EB8ADE9A60A13CC3C ] \Device\Harddisk0\DR0\Partition2
09:17:38.0995 0x1468 \Device\Harddisk0\DR0\Partition2 - ok
09:17:38.0995 0x1468 [ A3E760644E8D923E8AFA8ACF249962FB ] \Device\Harddisk0\DR0\Partition3
09:17:39.0011 0x1468 \Device\Harddisk0\DR0\Partition3 - ok
09:17:39.0011 0x1468 [ C4B83505F809033581F394677FB87BAC ] \Device\Harddisk0\DR0\Partition4
09:17:39.0011 0x1468 \Device\Harddisk0\DR0\Partition4 - ok
09:17:39.0011 0x1468 [ 118DB90A539345146C89554AD3A6EE18 ] \Device\Harddisk1\DR1\Partition1
09:17:39.0011 0x1468 \Device\Harddisk1\DR1\Partition1 - ok
09:17:39.0027 0x1468 [ 63D435B936E37A26CA66C759AD2961C1 ] \Device\Harddisk1\DR1\Partition2
09:17:39.0027 0x1468 \Device\Harddisk1\DR1\Partition2 - ok
09:17:39.0027 0x1468 ================ Scan generic autorun ======================
09:17:39.0027 0x1468 SecurityHealth - ok
09:17:39.0167 0x1468 [ 016BFC61D982991F63863935F892A8E6, C080994A37E8F6C5E6E902A751829B55C5BF3242015E2E9D80A61DF2E34A8072 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
09:17:39.0323 0x1468 RTHDVCPL - ok
09:17:39.0402 0x1468 [ 1034796691CCBC39F4F4413497AA82D8, 390B33324108E3340B0C9B073DDAB78EC253CB3B0BAA0FBDD2A58BA6B4D81640 ] C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe
09:17:39.0526 0x1468 MsiTrueColor - ok
09:17:39.0526 0x1468 [ 400946E5F205C00349440A88C0D83C0B, 7F6CEBD6191CF0E584401C5794D3B530BB2BE19A97CC5BA4F84808A28C8F2BAA ] C:\Program Files (x86)\SCM\SCM.exe
09:17:39.0542 0x1468 SCM - detected UnsignedFile.Multi.Generic ( 1 )
09:17:39.0620 0x1468 Detect skipped due to KSN trusted
09:17:39.0620 0x1468 SCM - ok
09:17:39.0636 0x1468 [ 1F6D867871B2680A7B6D7D4186EC5AD8, A6B3D3DBCFDF4610EB35309A341443A56A997EA5A97B8DFAD0598234A65167A0 ] C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
09:17:39.0667 0x1468 Nahimic2UILauncher - ok
09:17:39.0667 0x1468 [ 73C519F050C20580F8A62C849D49215A, 38847DC4C82C0775E7DAFCBC7FEA50749CDAC7B50AB8602E8FDFAD4401954C87 ] C:\WINDOWS\system32\rundll32.exe
09:17:39.0683 0x1468 ShadowPlay - ok
09:17:39.0683 0x1468 [ 010567DC0EC6E3BEFD5FEDB22EF6904C, 774BB9C26BFDF8D6A89FC4C4255DC8462FB5DFB2C7999619596BC45C23AD18A5 ] C:\Program Files\iTunes\iTunesHelper.exe
09:17:39.0698 0x1468 iTunesHelper - ok
09:17:39.0730 0x1468 [ 0A02476BD4A0E3F367A7922A3D456626, 4E7F84FEF2DCF5CF8EC328653D0FD08C0A59C4C194D2A1AAFA5B613F3B2C0AA5 ] C:\Program Files\Everything\Everything.exe
09:17:39.0776 0x1468 Everything - ok
09:17:39.0776 0x1468 [ 14EE38E102CBD86878885546EABC36C8, CBAA7F7E608404BB324AAB4EBC36FF9B3A6DA7A8DB7F5EE47695F7E913D9641F ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
09:17:39.0792 0x1468 ControlCenter4 - ok
09:17:39.0839 0x1468 [ 7619ACFFCE18BAFFAABCAE163A2481F9, CA520D0B3A4610031E30F51296EA5CBD8B2DCFBA64CCA1FE716743E2E524D5B7 ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
09:17:40.0904 0x1468 BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
09:17:40.0966 0x1468 Detect skipped due to KSN trusted
09:17:40.0966 0x1468 BrStsMon00 - ok
09:17:41.0308 0x1468 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
09:17:41.0683 0x1468 OneDriveSetup - ok
09:17:41.0699 0x1468 [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
09:17:41.0730 0x1468 WAB Migrate - ok
09:17:42.0027 0x1468 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
09:17:42.0339 0x1468 OneDriveSetup - ok
09:17:42.0370 0x1468 [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
09:17:42.0386 0x1468 WAB Migrate - ok
09:17:42.0386 0x1468 [ B9848BAAA6FE8B0010075396E03B2CC8, 5BC2B850959FB974F8DB68C08AEEE7CD3400AFC9D2BDE713DEF7266D74A2050E ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
09:17:42.0402 0x1468 iCloudServices - ok
09:17:42.0402 0x1468 [ 1191702C5BDC362202FD9A624A514DF2, DB30ADCFEA1CDA6E693B31738B24B91735C41A6708BF2E440D647BC822A642DF ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
09:17:42.0402 0x1468 iCloudDrive - ok
09:17:42.0714 0x1468 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
09:17:43.0027 0x1468 OneDriveSetup - ok
09:17:43.0058 0x1468 [ 642102CCB9EF737E188D136B93AB9A1F, 9BF47F3B3DAD7938C804C951FC81AC5C1EA8BDD94AB29630D5080CE797F3CC0F ] C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDrive.exe
09:17:43.0105 0x1468 OneDrive - ok
09:17:43.0121 0x1468 [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
09:17:43.0136 0x1468 WAB Migrate - ok
09:17:43.0136 0x1468 Waiting for KSN requests completion. In queue: 299
09:17:44.0152 0x1468 AV detected via SS2: Windows Defender, windowsdefender:// ( ), 0x61100 ( enabled : updated )
09:17:44.0168 0x1468 Win FW state via NFP2: enabled ( trusted )
09:17:44.0293 0x1468 ============================================================
09:17:44.0293 0x1468 Scan finished
09:17:44.0293 0x1468 ============================================================
09:17:44.0293 0x272c Detected object count: 0
09:17:44.0293 0x272c Actual detected object count: 0
09:18:32.0995 0x47ec Deinitialize success
|
|
13.08.2018, 09:09
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PUP.Optional bleibt hartnäckig Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! adwCleaner v7.x Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.08.2018, 14:07
| #10 |
| | PUP.Optional bleibt hartnäckig Ich habe das alte AdwCleaner gelöscht, den Win Defender im Security Center mit "Echtzeitschutz -> Aus" ausgeschaltet und AdwCleaner vom Link auf dem Desktop installiert. Dann habe ich die Enstellungen für Tracing, Prefetch, Proxy, IE, Chrome und Winsock vorgenommen und den Scan durchgeführt. Ich habe dann zwei Log Dateien erhalten. AdwCleaner[C00].txt Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-08-10.2
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-13-2018
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1242 octets] - [13/08/2018 14:51:59]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-08-10.2
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 08-13-2018
# Duration: 00:01:27
# OS: Windows 10 Home
# Scanned: 41771
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
|
|
13.08.2018, 14:28
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PUP.Optional bleibt hartnäckig Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.08.2018, 09:28
| #12 |
| | PUP.Optional bleibt hartnäckig Danke, hier sind die neuen Logs: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
durchgeführt von CP-MSI (Administrator) auf CP-MSI (14-08-2018 10:05:28)
Gestartet von C:\Users\CP-MSI\Desktop
Geladene Profile: CP-MSI (Verfügbare Profile: CP-MSI & Administrator)
Platform: Windows 10 Home Version 1803 17134.167 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2e329e8610bbb375\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Portrait Displays, Inc.) C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files\Everything\Everything.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\MsMpEng.exe
(Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2e329e8610bbb375\igfxEM.exe
(Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
() C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe
() C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\Everything\Everything.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1806.1821.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.XboxApp_44.44.7002.0_x64__8wekyb3d8bbwe\XboxApp.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9240512 2017-12-21] (Realtek Semiconductor)
HKLM\...\Run: [MsiTrueColor] => C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe [4811048 2016-09-10] (Portrait Displays, Inc.)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [301848 2016-06-16] (MSI)
HKLM\...\Run: [Nahimic2UILauncher] => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [693432 2016-12-07] ()
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-07-06] (Apple Inc.)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2199656 2018-02-09] ()
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-06-26] (Apple Inc.)
HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-06-26] (Apple Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-07-16]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2017-08-24]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0bed8956-0d49-4cdf-8b0c-8665a9bad82d}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{a3ca15f9-fa8e-488c-a5ce-7309e4c5a908}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{ab800688-53bb-4caf-940d-4a481eb3c672}: [DhcpNameServer] 172.26.103.1
Tcpip\..\Interfaces\{eaf6c53f-2a0e-4bab-b265-9585337b11c5}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-2039413497-2618475307-42166365-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://oem15.msn.com/?pc=NMTE
HKU\S-1-5-21-2039413497-2618475307-42166365-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem15.msn.com/?pc=NMTE
SearchScopes: HKU\S-1-5-21-2039413497-2618475307-42166365-1001 -> DefaultScope {FD9C9E1C-CADD-4E1D-8E18-431477DE020A} URL =
SearchScopes: HKU\S-1-5-21-2039413497-2618475307-42166365-1001 -> {FD9C9E1C-CADD-4E1D-8E18-431477DE020A} URL =
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
FireFox:
========
FF DefaultProfile: v1iivgyt.default-1503386800692
FF ProfilePath: C:\Users\CP-MSI\AppData\Roaming\Mozilla\Firefox\Profiles\v1iivgyt.default-1503386800692 [2018-08-14]
FF Homepage: Mozilla\Firefox\Profiles\v1iivgyt.default-1503386800692 -> hxxps://google.de/
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-25] (Intel Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-07-05] (Apple Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 Everything; C:\Program Files\Everything\Everything.exe [2199656 2018-02-09] ()
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [541896 2018-04-19] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [976848 2016-01-14] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-02-05] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-02-05] (Intel Corporation) [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-02-12] (Intel Corporation)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2327488 2018-03-06] (Rivet Networks)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [454872 2016-02-13] (Rivet Networks)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2016-06-16] (Micro-Star International Co., Ltd.) [Datei ist nicht signiert]
R2 MSITrueColorService; C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe [180520 2016-09-10] (Portrait Displays, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265864 2018-03-19] ()
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2017-04-13] (Electronic Arts)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SynTPEnhService; C:\WINDOWS\System32\SynTPEnhService.exe [360456 2018-05-16] (Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-07-31] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-07-31] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3848328 2018-03-19] (Intel® Corporation)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys [144456 2016-02-12] (Rivet Networks, LLC.)
R3 CBUSB; C:\WINDOWS\System32\drivers\CBUSB_64.sys [76648 2018-03-05] (MARX CryptoTech LP)
R3 e2xw10x64; C:\WINDOWS\System32\drivers\e2xw10x64.sys [165608 2017-10-25] (Qualcomm Atheros, Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136216 2018-04-19] (Intel Corporation)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
R1 MpKslf2544502; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{60CFF12B-5BBF-4D7D-A146-2E9061F682D8}\MpKslf2544502.sys [58120 2018-08-14] (Microsoft Corporation)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8623128 2018-04-04] (Intel Corporation)
R3 NIWinCDEmu; C:\WINDOWS\System32\drivers\NIWinCDEmu.sys [112408 2016-09-07] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmi.inf_amd64_c0371d6f71af28d4\nvlddmkm.sys [16936528 2018-01-02] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-08-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-08-18] (NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 RfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\RfeCo10X64.sys [141480 2018-03-06] (Rivet Networks, LLC.)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [416472 2016-07-12] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [56840 2018-05-16] (Synaptics Incorporated)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46896 2018-04-16] ()
R3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [47944 2018-01-10] (SteelSeries ApS)
R3 ssps2; C:\WINDOWS\System32\drivers\ssps2.sys [38688 2017-06-02] (SteelSeries ApS)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46584 2018-07-31] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-07-31] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-07-31] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-08-14 10:05 - 2018-08-14 10:05 - 000018423 _____ C:\Users\CP-MSI\Desktop\FRST.txt
2018-08-14 10:05 - 2018-08-14 10:05 - 000000000 ____D C:\FRST
2018-08-13 17:57 - 2018-08-14 02:44 - 000000000 ____D C:\Users\CP-MSI\AppData\Roaming\vlc
2018-08-13 15:59 - 2018-08-13 15:59 - 002412544 _____ (Farbar) C:\Users\CP-MSI\Desktop\FRST64.exe
2018-08-13 14:49 - 2018-08-13 14:51 - 000000000 ____D C:\AdwCleaner
2018-08-13 14:31 - 2018-08-13 14:31 - 007417040 _____ (Malwarebytes) C:\Users\CP-MSI\Desktop\adwcleaner_7.2.2.exe
2018-08-13 10:51 - 2018-08-13 10:51 - 000011322 _____ C:\Users\CP-MSI\AppData\Local\recently-used.xbel
2018-08-13 09:16 - 2018-08-13 09:18 - 000300462 _____ C:\TDSSKiller.3.1.0.17_13.08.2018_09.16.08_log.txt
2018-08-13 09:15 - 2018-08-13 09:15 - 004949824 _____ (AO Kaspersky Lab) C:\Users\CP-MSI\Desktop\tdsskiller.exe
2018-08-11 21:59 - 2018-08-11 21:59 - 000001089 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2018-08-11 21:59 - 2018-08-11 21:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-08-11 21:59 - 2018-08-11 21:59 - 000000000 ____D C:\Program Files\VS Revo Group
2018-08-11 21:58 - 2018-08-11 21:58 - 007197480 _____ (VS Revo Group ) C:\Users\CP-MSI\Desktop\revosetup205.exe
2018-08-10 14:30 - 2018-08-10 14:43 - 000000000 ____D C:\Users\CP-MSI\AppData\Roaming\NAPS2
2018-08-10 14:30 - 2018-08-10 14:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAPS2
2018-08-10 14:30 - 2018-08-10 14:30 - 000000000 ____D C:\Program Files (x86)\NAPS2
2018-08-10 14:30 - 2016-07-12 16:38 - 000150736 _____ (TWAIN Working Group) C:\WINDOWS\SysWOW64\twaindsm.dll
2018-08-05 00:15 - 2018-08-14 09:54 - 000089138 _____ C:\WINDOWS\ntbtlog.txt
2018-07-27 15:45 - 2018-07-27 15:45 - 000000085 _____ C:\WINDOWS\wininit.ini
2018-07-25 22:40 - 2018-07-25 22:47 - 000000000 ____D C:\ProgramData\HitmanPro
2018-07-23 23:31 - 2015-10-30 09:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20180723-233127.backup
2018-07-23 22:53 - 2018-07-27 15:45 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-07-23 22:53 - 2018-07-23 22:53 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2018-07-23 10:36 - 2018-07-25 14:02 - 000000000 ____D C:\Users\CP-MSI\Desktop\PHP-MySQL
2018-07-18 16:28 - 2018-07-13 22:29 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-07-18 16:28 - 2018-07-13 22:29 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-07-18 16:28 - 2018-07-13 19:41 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-07-18 16:28 - 2018-07-13 13:05 - 005779456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-07-18 16:28 - 2018-07-13 12:58 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-07-18 16:28 - 2018-07-13 06:39 - 001040328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-07-18 16:28 - 2018-07-13 06:38 - 001174456 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-07-18 16:28 - 2018-07-13 06:37 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-07-18 16:28 - 2018-07-13 06:37 - 000269216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-07-18 16:28 - 2018-07-13 06:36 - 000134560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-07-18 16:28 - 2018-07-13 06:34 - 000709816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-07-18 16:28 - 2018-07-13 06:33 - 001063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-07-18 16:28 - 2018-07-13 06:33 - 001012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-07-18 16:28 - 2018-07-13 06:33 - 000567176 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-07-18 16:28 - 2018-07-13 06:32 - 000170904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-07-18 16:28 - 2018-07-13 06:31 - 009147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-07-18 16:28 - 2018-07-13 06:31 - 000713368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-07-18 16:28 - 2018-07-13 06:30 - 002718624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-07-18 16:28 - 2018-07-13 06:30 - 001097672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-07-18 16:28 - 2018-07-13 06:03 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-07-18 16:28 - 2018-07-13 06:03 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-07-18 16:28 - 2018-07-13 06:02 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-07-18 16:28 - 2018-07-13 06:01 - 007579648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-07-18 16:28 - 2018-07-13 06:00 - 002172416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-07-18 16:28 - 2018-07-13 06:00 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-07-18 16:28 - 2018-07-13 05:59 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-07-18 16:28 - 2018-07-13 05:59 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-07-18 16:28 - 2018-07-13 05:20 - 001129640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-07-18 16:28 - 2018-07-13 05:17 - 000581696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-07-18 16:28 - 2018-07-13 05:06 - 001295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-07-18 16:28 - 2018-07-13 04:44 - 000001308 _____ C:\WINDOWS\system32\tcbres.wim
2018-07-18 16:28 - 2018-07-11 12:23 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-07-18 16:28 - 2018-07-11 11:24 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-08-14 10:03 - 2016-12-16 15:22 - 000000000 ____D C:\Users\CP-MSI\AppData\LocalLow\Mozilla
2018-08-14 09:50 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-08-14 09:17 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-08-14 09:17 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-08-14 09:04 - 2017-08-07 17:53 - 000000000 ____D C:\ProgramData\NVIDIA
2018-08-14 09:04 - 2017-01-25 18:42 - 000000000 ___RD C:\Users\CP-MSI\iCloudDrive
2018-08-14 09:04 - 2016-12-16 15:01 - 000000000 __SHD C:\Users\CP-MSI\IntelGraphicsProfiles
2018-08-14 08:32 - 2018-07-13 11:19 - 000000000 ____D C:\Users\CP-MSI\AppData\Roaming\Everything
2018-08-14 08:32 - 2018-07-13 11:19 - 000000000 ____D C:\Users\CP-MSI\AppData\Local\Everything
2018-08-14 02:44 - 2018-05-20 00:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-08-14 02:22 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-08-13 18:12 - 2017-11-22 12:12 - 000000000 ____D C:\Users\CP-MSI\AppData\Local\Packages
2018-08-13 18:04 - 2016-07-16 02:47 - 000000000 ____D C:\ProgramData\MAGIX
2018-08-13 15:49 - 2017-05-24 14:28 - 000000000 ____D C:\Users\CP-MSI\Desktop\Tools
2018-08-13 15:01 - 2018-05-20 00:16 - 001718588 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-08-13 15:01 - 2018-04-12 18:13 - 000743096 _____ C:\WINDOWS\system32\perfh007.dat
2018-08-13 15:01 - 2018-04-12 18:13 - 000149732 _____ C:\WINDOWS\system32\perfc007.dat
2018-08-13 15:01 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-08-13 14:53 - 2018-05-20 00:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-13 14:53 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-08-13 14:53 - 2017-08-11 13:33 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-08-13 14:53 - 2016-12-17 13:10 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-08-13 14:53 - 2016-12-16 15:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-08-13 14:18 - 2016-12-20 11:45 - 000000350 _____ C:\WINDOWS\BRRBCOM.INI
2018-08-13 10:52 - 2016-12-17 16:20 - 000000000 ____D C:\Users\CP-MSI\.gimp-2.8
2018-08-13 10:51 - 2016-12-17 16:23 - 000000000 ____D C:\Users\CP-MSI\AppData\Local\gtk-2.0
2018-08-12 22:48 - 2018-05-20 00:17 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2039413497-2618475307-42166365-1001
2018-08-12 22:48 - 2018-05-20 00:08 - 000002434 _____ C:\Users\CP-MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-08-12 22:48 - 2016-12-16 15:06 - 000000000 ___RD C:\Users\CP-MSI\OneDrive
2018-08-11 21:57 - 2016-12-16 16:11 - 000000000 ____D C:\Users\CP-MSI\AppData\Roaming\IrfanView
2018-08-11 21:56 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-08-11 21:56 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-08-09 22:11 - 2017-08-11 13:33 - 000001015 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-08-09 15:58 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-08-08 20:44 - 2017-08-02 10:55 - 000000000 ____D C:\Users\CP-MSI\Desktop\Tp Routine
2018-08-06 18:57 - 2018-03-24 17:44 - 000000000 ____D C:\Users\CP-MSI\AppData\Roaming\WhatsApp
2018-08-06 18:40 - 2018-03-24 17:44 - 000002312 _____ C:\Users\CP-MSI\Desktop\WhatsApp.lnk
2018-08-06 18:40 - 2018-03-24 17:44 - 000000000 ____D C:\Users\CP-MSI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2018-08-06 18:40 - 2018-03-24 17:44 - 000000000 ____D C:\Users\CP-MSI\AppData\Local\WhatsApp
2018-08-05 18:20 - 2017-01-09 15:56 - 000000000 ____D C:\Users\CP-MSI\AppData\Roaming\Audacity
2018-08-05 16:26 - 2018-05-20 00:06 - 000619528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-08-04 13:04 - 2018-05-19 22:11 - 000000000 ___DC C:\WINDOWS\Panther
2018-08-04 13:04 - 2016-12-17 13:51 - 000000000 ____D C:\Users\CP-MSI\AppData\Local\CrashDumps
2018-08-03 01:56 - 2018-06-23 20:59 - 000000000 ____D C:\ProgramData\Packages
2018-07-31 18:40 - 2018-02-27 15:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-07-30 20:00 - 2017-10-09 19:25 - 000000000 ____D C:\Program Files\Native Instruments
2018-07-30 20:00 - 2017-10-09 19:25 - 000000000 ____D C:\Program Files\Common Files\Native Instruments
2018-07-29 22:46 - 2017-03-31 18:28 - 000000000 ____D C:\Users\CP-MSI\AppData\Local\Google
2018-07-29 22:46 - 2017-01-11 14:20 - 000000000 ____D C:\Program Files (x86)\Google
2018-07-29 12:46 - 2018-07-13 16:58 - 000001110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2018-07-29 12:46 - 2016-12-17 13:38 - 000000000 ____D C:\Users\CP-MSI\AppData\Roaming\Notepad++
2018-07-27 19:58 - 2016-12-17 13:09 - 000000000 ____D C:\Users\CP-MSI\AppData\Local\Adobe
2018-07-25 22:18 - 2017-02-15 22:16 - 000000000 ____D C:\Users\CP-MSI\AppData\Local\Downloaded Installations
2018-07-23 23:18 - 2017-05-14 22:41 - 000000000 ____D C:\Users\CP-MSI\AppData\Roaming\GetRight
2018-07-22 12:20 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-07-18 17:13 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-07-18 17:13 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-07-17 19:40 - 2016-12-17 15:01 - 000563832 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-07-16 12:28 - 2018-05-20 00:08 - 000000000 ____D C:\Users\CP-MSI
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-12-16 15:01 - 2016-12-16 15:01 - 000003332 _____ () C:\Users\CP-MSI\installshield_scm.reg
2016-12-16 15:01 - 2016-12-16 15:01 - 000001860 _____ () C:\Users\CP-MSI\scm.reg
2018-06-13 09:01 - 2018-06-13 09:01 - 033836800 _____ (TrueFire) C:\Users\CP-MSI\AppData\Roaming\TrueFireInstaller.exe
2017-06-01 20:25 - 2018-06-05 17:56 - 000005632 _____ () C:\Users\CP-MSI\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-03-07 00:03 - 2017-03-07 00:03 - 000000001 _____ () C:\Users\CP-MSI\AppData\Local\llftool.4.40.agreement
2018-04-09 12:29 - 2018-04-09 12:29 - 000000600 _____ () C:\Users\CP-MSI\AppData\Local\PUTTY.RND
2018-08-13 10:51 - 2018-08-13 10:51 - 000011322 _____ () C:\Users\CP-MSI\AppData\Local\recently-used.xbel
2017-12-11 14:51 - 2017-12-11 14:51 - 000007643 _____ () C:\Users\CP-MSI\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
2018-08-11 21:57 - 2017-10-04 14:17 - 000036312 _____ (Irfan Skiljan, IrfanView) C:\Users\CP-MSI\AppData\Local\Temp\iv_uninstall.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2018-05-20 00:06
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02.08.2018
durchgeführt von CP-MSI (14-08-2018 10:05:58)
Gestartet von C:\Users\CP-MSI\Desktop
Windows 10 Home Version 1803 17134.167 (X64) (2018-05-19 22:18:37)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2039413497-2618475307-42166365-500 - Administrator - Disabled) => C:\Users\Administrator
CP-MSI (S-1-5-21-2039413497-2618475307-42166365-1001 - Administrator - Enabled) => C:\Users\CP-MSI
DefaultAccount (S-1-5-21-2039413497-2618475307-42166365-503 - Limited - Disabled)
Gast (S-1-5-21-2039413497-2618475307-42166365-501 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-2039413497-2618475307-42166365-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden
ApoDispatchConfigurator (HKLM\...\{D6E596F0-D92A-4A7C-8643-0DB4D94A9EB9}) (Version: 2.3.1201 - Nahimic) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{E5347310-C82F-4833-AA36-8D11E5A8A86A}) (Version: 6.6 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D745E014-74DD-43A3-98DF-E7D38164B681}) (Version: 6.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C29B636B-9015-4ED1-A12F-6375A337F23B}) (Version: 11.4.1.46 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.35.1 - Asmedia Technology)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
AudioLaunchpadConfigurator (HKLM\...\{45759ED1-FC6C-4719-B503-7E9345796563}) (Version: 2.3.1201 - Nahimic) Hidden
Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1508.1001 - Micro-Star International Co., Ltd.) Hidden
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1508.1001 - Micro-Star International Co., Ltd.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-9332CDW (HKLM-x32\...\{E98A9C92-E767-475B-8BC6-8780A86DDC72}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
BurnRecovery (HKLM-x32\...\{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1602.101 - Application) Hidden
BurnRecovery (HKLM-x32\...\InstallShield_{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1602.101 - Application)
CheckDevicesConfigurator (HKLM\...\{1E6763AA-A255-4BF9-8698-50E36CF15040}) (Version: 2.3.1201 - Nahimic) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5307.55 - CyberLink Corp.)
EarMaster Pro 6.2 (HKLM-x32\...\EarMaster Pro 6_is1) (Version: 6.2 - EarMaster ApS)
Everything 1.4.1.895 (x64) (HKLM\...\Everything) (Version: 1.4.1.895 - David Carpenter)
FileZilla Client 3.34.0 (HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\FileZilla Client) (Version: 3.34.0 - Tim Kosse)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1707.2501 - Micro-Star International Co., Ltd.) Hidden
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1707.2501 - Micro-Star International Co., Ltd.)
iCloud (HKLM\...\{82FCC407-A0E5-4B80-9241-5ABA78B61090}) (Version: 7.6.0.15 - Apple Inc.)
Inkscape 0.92.1 (HKLM-x32\...\Inkscape) (Version: 0.92.1 - Inkscape Project)
Intel(R) Chipset Device Software (HKLM-x32\...\{619e726e-d2b4-4e28-9568-c964fd81ee6c}) (Version: 10.1.1.14 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.2.1183 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4836 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{5068B0F8-CE24-4B61-9C2F-301B411FFB9C}) (Version: 18.1.1611.3223 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{8c595286-0f9e-42de-a0d4-969aba282637}) (Version: 20.50.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{CCBE9F01-C2C3-469C-A508-2E23A7495E91}) (Version: 1.0.0.609 - Intel Corporation)
iTunes (HKLM\...\{8ABA0CC5-4643-4D1A-922C-55C332B02D71}) (Version: 12.8.0.150 - Apple Inc.)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
KB9X Radio Switch Driver (HKLM\...\EC950B206B0E7722C96A318DF396BABFBB057BC0) (Version: 1.1.2.0 - ENE TECHNOLOGY INC.)
Killer Bandwidth Control Filter Driver (HKLM\...\{77573DC2-C142-420B-BE8B-4FE3CF46EF19}) (Version: 1.1.57.1126 - Rivet Networks) Hidden
Killer E240x Drivers (HKLM\...\{91BE85D2-5846-4160-9A2D-0A7B6284728E}) (Version: 1.1.57.1126 - Rivet Networks) Hidden
Killer Network Manager (HKLM\...\{0093B9DB-35D7-41BA-87A1-8C364D944CB5}) (Version: 1.1.57.1126 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.57.1126 - Rivet Networks)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LauncherSetup (HKLM\...\{7EA1F26C-9A97-4FBF-81CF-51791FAA5175}) (Version: 2.3.1201 - Nahimic) Hidden
LAV Filters 0.69 (HKLM-x32\...\lavfilters_is1) (Version: 0.69 - Hendrik Leppkes)
LibreOffice 5.4.6.2 (HKLM\...\{F662982B-D4F5-4CFA-B2AE-90E16B44FF2F}) (Version: 5.4.6.2 - The Document Foundation)
Manager (HKLM-x32\...\{8DED36D9-54D6-4127-A112-5A1BA1CDD66B}) (Version: 5.0.26.33533 - 2017 pdfforge GmbH. All rights reserved) Hidden
Mass Effect™ (HKLM-x32\...\{44A570EE-FD93-4086-8997-2C38DFDE0019}) (Version: 1.2.20608.0 - Electronic Arts)
Microsoft Access Runtime 2013 (HKLM-x32\...\Office15.AccessRT) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{e52a6842-b0ac-476e-b48f-378a97a67346}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{f325f05b-f963-4640-a43b-c8a494cdda0f}) (Version: 14.10.25017.0 - Microsoft Corporation)
Mozilla Firefox 61.0.2 (x64 de) (HKLM\...\Mozilla Firefox 61.0.2 (x64 de)) (Version: 61.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.1 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 de)) (Version: 52.9.1 - Mozilla)
MSI True Color (HKLM\...\{B4A2776D-59CD-4193-A19D-DE15CB7FC5AA}) (Version: 1.6.3.005 - Portrait Displays, Inc.)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nahimic 2 (HKLM-x32\...\{8bd1653f-b053-4a68-8753-dd096b92dd0d}) (Version: 2.3.12 - Nahimic)
Nahimic2UISetup (HKLM\...\{49E32C1D-F5D8-4729-BD70-0C8EE30B4976}) (Version: 2.3.1201 - Nahimic) Hidden
NAPS2 5.8.2 (HKLM-x32\...\NAPS2 (Not Another PDF Scanner 2)_is1) (Version: - Ben Olden-Cooligan)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
NVIDIA GeForce Experience 3.9.0.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.61 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.12.0.34172 - Electronic Arts, Inc.)
ProductDaemonSetup (HKLM\...\{E217E1DD-DB05-447D-8ED4-11CE492E1BC0}) (Version: 2.3.1201 - Nahimic) Hidden
ProductNSConfigurator (HKLM\...\{4379DDE4-778B-4908-8ABA-5BA31F625C9B}) (Version: 2.3.1201 - Nahimic) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8328 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
SCM (HKLM\...\{48B3982B-546D-405D-BDB6-E09D8EBC340E}) (Version: 13.016.06153 - Application)
SeaTools for Windows 1.4.0.2 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.2 - Seagate Technology)
Sizing Options (HKLM-x32\...\{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1512.1801 - Application) Hidden
Sizing Options (HKLM-x32\...\InstallShield_{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1512.1801 - Application)
SonicMapperConfigurator (HKLM\...\{2CC9BF06-23A8-4A2A-AAC5-F5790D3DD7E5}) (Version: 2.3.1201 - Nahimic) Hidden
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
SteelSeries Engine 3.11.1 (HKLM\...\SteelSeries Engine 3) (Version: 3.11.1 - SteelSeries ApS)
Subtitle Edit 3.5.3 (HKLM\...\SubtitleEdit_is1) (Version: 3.5.3.0 - Nikse)
TrueFire 3 3.3.0 (only current user) (HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\92da2d5a-07e3-532d-b019-6e36924dfa06) (Version: 3.3.0 - TrueFire)
UIInstallUpgrade (HKLM\...\{EE4C500B-D09E-442B-9AB8-D2872A9ADE93}) (Version: 2.3.1201 - Nahimic) Hidden
Ultima Underworld 1 and 2 (HKLM-x32\...\Ultima Underworld 1 and 2_is1) (Version: - GOG.com)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.)
WhatsApp (HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\WhatsApp) (Version: 0.3.225 - WhatsApp)
XAMPP (HKLM-x32\...\xampp) (Version: 7.1.7-0 - Bitnami)
XSplit Gamecaster (HKLM-x32\...\{9E8A3821-032E-4230-9C12-C14D3FC8685E}) (Version: 2.8.1605.2342 - SplitmediaLabs)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2039413497-2618475307-42166365-1001_Classes\CLSID\{E36606FE-036A-4dd0-ABA9-A58F409803F0}\InprocServer32 -> kein Dateipfad
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-07-23] ()
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-06-26] (Apple Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_2e329e8610bbb375\igfxDTCM.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-30] (NVIDIA Corporation)
ContextMenuHandlers6: [ContMenu] -> {FCF608CF-5716-47C3-A1A8-991D873AF72B} => -> Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1697A33F-446B-4EB8-9536-29EFFEBDB9C8} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [2015-05-11] (CyberLink Corp.)
Task: {2903035C-5D37-4A1B-8094-64A5D5E3CB36} - System32\Tasks\{B9652F30-42F5-4385-9258-32743E1A5998} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\gu.exe" -d "C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition"
Task: {2A7216BB-750C-4388-B046-82B843ED59CC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {2CE6A85E-71D1-4739-84A1-13A76DE7D3B7} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe [2016-12-07] ()
Task: {30A249CA-8F68-4C1D-8CDA-ADCB9C871F5D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-07-31] (Microsoft Corporation)
Task: {31E07D94-8D14-4A1B-8E59-F23D6B736118} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-08-18] (NVIDIA Corporation)
Task: {443D7369-14A2-45ED-A3EB-2F9CA7CFBA56} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-01-14] (Intel(R) Corporation)
Task: {4DD4C062-6E2C-45FF-9BE4-F0DBCA4FA1BF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-07-31] (Microsoft Corporation)
Task: {58589239-F072-4001-ABC6-D520634124FD} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-18] (NVIDIA Corporation)
Task: {5B07A88B-CFEC-499A-95F8-47D5DB8BDAC7} - System32\Tasks\Nahimic2Svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe [2016-12-07] ()
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {8430AE40-7736-4D10-BEEA-A1129982D637} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-08-18] (NVIDIA Corporation)
Task: {8B8A1D42-1D7C-4189-A493-F24068555491} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Task: {8DD105CE-34B0-42AB-9490-E28E144CB05C} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe [2017-07-25] (Micro-Star International Co., Ltd.)
Task: {9C8BDB04-27E8-4787-8603-4671B81DEBA6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-08-18] (NVIDIA Corporation)
Task: {9D8BEBB8-88DE-4251-A523-71A1B9F6456F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-08-18] (NVIDIA Corporation)
Task: {A53A083E-9733-4DA7-AF39-33D12E176959} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-18] (NVIDIA Corporation)
Task: {A55E983A-9315-48D4-B872-36F367B5A051} - System32\Tasks\Everything => C:\Program Files\Everything\Everything.exe [2018-02-09] ()
Task: {B94CE06D-4A12-4E64-B3D3-7E3C1D93F16D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-18] (NVIDIA Corporation)
Task: {BF00E9D1-4E05-43BC-B23A-D83CFA5CC5A2} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {CBF0DBD5-46C2-4A67-856B-86663F251FBC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-07-31] (Microsoft Corporation)
Task: {D0F0479C-AE46-4DA8-AFE8-5180A3168077} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {DF29984A-9720-413F-8627-FDD81B292FE0} - System32\Tasks\Microsoft\Windows\PLA\System\{87E5576A-6957-4486-AB7C-A0F80DC16339}_System Diagnostics => Command(1): C:\WINDOWS\system32\rundll32.exe -> C:\WINDOWS\system32\pla.dll,PlaHost "system\System Diagnostics" "$(Arg0)"
Task: {DF29984A-9720-413F-8627-FDD81B292FE0} - System32\Tasks\Microsoft\Windows\PLA\System\{87E5576A-6957-4486-AB7C-A0F80DC16339}_System Diagnostics => Command(2): C:\WINDOWS\system32\schtasks.exe -> /delete /f /tn "\Microsoft\Windows\PLA\System\{87E5576A-6957-4486-AB7C-A0F80DC16339}_System Diagnostics"
Task: {EB7488BF-BFC6-4FFF-B05F-F009B81EA867} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-18] (NVIDIA Corporation)
Task: {F8B91420-4AB3-4E71-ABFB-AB19B6FA68E5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-07-31] (Microsoft Corporation)
Task: {FA798462-3746-438D-A0E1-CB022CC2D8FA} - System32\Tasks\Nahimic2Svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe [2016-12-07] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-12-08 02:48 - 2017-12-08 02:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-06-23 06:56 - 2018-06-23 06:56 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-12-20 11:45 - 2005-04-22 06:36 - 000143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2017-02-21 19:49 - 2017-08-18 06:36 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-07-13 11:19 - 2018-02-09 06:11 - 002199656 _____ () C:\Program Files\Everything\Everything.exe
2017-08-07 17:53 - 2017-10-30 22:24 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-07 11:27 - 2016-12-07 11:27 - 000201400 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll
2016-12-07 11:27 - 2016-12-07 11:27 - 000273592 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-06-15 16:38 - 2018-06-15 16:38 - 000054440 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2018-07-11 23:15 - 2018-07-06 08:55 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-18 12:25 - 2018-07-18 12:29 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-18 12:25 - 2018-07-18 12:29 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-18 12:25 - 2018-07-18 12:29 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-07-18 12:25 - 2018-07-18 12:29 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-07-18 12:25 - 2018-07-18 12:29 - 000653824 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2016-12-07 11:24 - 2016-12-07 11:24 - 000693432 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
2016-12-07 11:25 - 2016-12-07 11:25 - 002036920 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2svc32.exe
2016-12-07 11:28 - 2016-12-07 11:28 - 000495800 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2svc64.exe
2017-12-11 12:05 - 2017-12-11 12:05 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-07-06 02:00 - 2018-07-06 02:00 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-07-26 23:30 - 2018-07-26 23:30 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-07-26 23:30 - 2018-07-26 23:30 - 068154880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-09-30 06:54 - 2017-09-30 06:54 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-07-19 16:50 - 2018-07-19 16:51 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-04-26 05:19 - 2018-04-26 05:20 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-07-19 16:50 - 2018-07-19 16:51 - 004139008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-07-19 16:50 - 2018-07-19 16:51 - 000035840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-04-04 23:34 - 2018-04-04 23:34 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-07-26 23:30 - 2018-07-26 23:30 - 014919168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-07-19 16:50 - 2018-07-19 16:51 - 003982848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-07-26 23:30 - 2018-07-26 23:30 - 002938880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-05-30 23:56 - 2018-05-30 23:56 - 000872448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-19 16:50 - 2018-07-19 16:51 - 001396224 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-07-26 23:30 - 2018-07-26 23:30 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-26 23:30 - 2018-07-26 23:30 - 000162816 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\SKU.dll
2018-07-31 15:08 - 2018-07-31 15:09 - 000199168 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-07-31 15:08 - 2018-07-31 15:09 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-31 15:08 - 2018-07-31 15:09 - 007814144 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2018-07-18 12:30 - 2018-07-18 12:30 - 004173312 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1806.1821.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-05-03 07:18 - 2018-05-03 07:18 - 000634880 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1806.1821.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-08-14 09:17 - 2018-08-14 09:17 - 000016384 _____ () C:\Program Files\WindowsApps\Microsoft.XboxApp_44.44.7002.0_x64__8wekyb3d8bbwe\XboxApp.exe
2018-08-14 09:17 - 2018-08-14 09:17 - 034701824 _____ () C:\Program Files\WindowsApps\Microsoft.XboxApp_44.44.7002.0_x64__8wekyb3d8bbwe\XboxApp.dll
2017-09-26 06:48 - 2017-09-26 06:48 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.XboxApp_44.44.7002.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2016-12-16 15:55 - 2016-12-16 15:57 - 001651112 _____ () C:\Program Files\WindowsApps\Microsoft.XboxApp_44.44.7002.0_x64__8wekyb3d8bbwe\winsdkfb.dll
2017-01-02 11:06 - 2009-02-27 17:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-01-02 11:06 - 2018-01-18 15:39 - 000519168 _____ () C:\Program Files (x86)\Browny02\BrMonitor.dll
2017-01-02 11:06 - 2017-12-22 12:53 - 000180224 _____ () C:\Program Files (x86)\Browny02\BroSNMP.dll
2016-02-12 02:47 - 2016-02-12 02:47 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-12-07 11:23 - 2016-12-07 11:23 - 000176312 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2DevProps.dll
2016-12-07 11:21 - 2016-12-07 11:21 - 000250552 _____ () C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2OSD.dll
2018-06-23 06:56 - 2018-06-23 06:56 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2018-06-23 06:56 - 2018-06-23 06:56 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2017-12-08 02:49 - 2017-12-08 02:49 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-02-21 19:49 - 2017-08-18 06:36 - 069807552 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-02-21 19:49 - 2017-08-18 06:36 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-01-02 11:06 - 2017-11-07 19:55 - 000137728 _____ () C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2018-06-22 11:45 - 2017-11-07 19:55 - 000440832 _____ () C:\Program Files (x86)\ControlCenter4\Track.dll
2017-01-02 11:06 - 2018-01-18 15:39 - 001720832 _____ () C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2017-01-02 11:06 - 2018-01-18 15:39 - 000208896 _____ () C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll
2017-01-02 11:06 - 2017-11-07 20:04 - 000095232 _____ () C:\Program Files (x86)\ControlCenter4\BrCcLGer.dll
2017-01-02 11:06 - 2017-08-18 11:23 - 000087552 _____ () C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2017-01-02 11:06 - 2017-08-18 11:23 - 017974784 _____ () C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7881 mehr Seiten.
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\123simsen.com -> www.123simsen.com
Da befinden sich 7881 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 09:24 - 2018-07-23 23:31 - 000454635 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15605 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2039413497-2618475307-42166365-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img1.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\StartupFolder: => "Killer Network Manager.lnk"
HKLM\...\StartupApproved\StartupFolder: => "SteelSeries Engine 3.lnk"
HKLM\...\StartupApproved\Run: => "MsiTrueColor"
HKLM\...\StartupApproved\Run: => "SCM"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "EaseUS Cleanup"
HKU\S-1-5-21-2039413497-2618475307-42166365-1001\...\StartupApproved\Run: => "SyncManPath"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{3A1751A1-5915-41A1-94B6-869EFF562A4E}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{DBC286EF-DAC7-4115-8ACE-E75D3772968F}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{34F721CA-4FF9-476F-B0BE-D235A22E3C02}C:\users\cp-msi\appdata\local\programs\truefire 3\truefire 3.exe] => (Allow) C:\users\cp-msi\appdata\local\programs\truefire 3\truefire 3.exe
FirewallRules: [TCP Query User{E750CA06-80F5-4B40-98CF-6DA0498EDF70}C:\users\cp-msi\appdata\local\programs\truefire 3\truefire 3.exe] => (Allow) C:\users\cp-msi\appdata\local\programs\truefire 3\truefire 3.exe
FirewallRules: [{7C47B704-9FCF-4B09-9045-F9EE6E745E70}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{A753DC2A-AF2F-491A-97C3-58AAFB4E4C8B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1A335F09-7EE2-41FD-A683-4EA47758F643}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2C462444-E6F6-465F-AC1C-264C3B50E3EB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8B38C0B7-C9FE-4BE6-A18E-63179127F6F2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DEADF855-AE6F-4F7C-A96F-D2129E5AC687}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3B4886B1-1464-4A93-B76D-4997ED54DC6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9FFDDB4E-1ECE-46A3-9B32-9A91F654F5A0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{C7B34309-4E9B-4FBC-B807-D2AB667DEB53}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [UDP Query User{74623C29-B2DD-409C-A01D-151EAC0CCF00}C:\xampp\mysql\bin\mysqld.exe] => (Block) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{AA75F6D7-653E-47DA-9553-1C944C6D2BDB}C:\xampp\mysql\bin\mysqld.exe] => (Block) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{DC44732A-0C8F-4F8E-B7F0-2ED775337703}C:\xampp\apache\bin\httpd.exe] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{240A8332-5BE7-4E93-BB11-BFBD43314DD0}C:\xampp\apache\bin\httpd.exe] => (Block) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{A85DFEA6-D5AF-4095-8EEE-0A27836D1BB6}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [TCP Query User{50C9E1E4-FEED-4634-9C8F-B1A36C35F9CF}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{0E3441BE-5C39-4F32-BA80-422C03A29AF2}] => (Allow) LPort=54925
FirewallRules: [UDP Query User{DFDA4CC6-DCB9-4A5C-A5AA-F72EC454527C}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [TCP Query User{78C323F7-6CC3-45C2-86DF-2700D917FF6E}C:\xampp\filezillaftp\filezillaserver.exe] => (Allow) C:\xampp\filezillaftp\filezillaserver.exe
FirewallRules: [UDP Query User{24517063-9684-4CD5-8F94-3232A79CEC12}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{AD909969-1B69-4BA1-8DAE-468F174EECDB}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{0EC8F59D-ACB0-40A2-95D4-DEC2CEAC3A9A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [TCP Query User{080D2AD3-F1E2-40C3-B927-860BC99AD23D}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe
FirewallRules: [UDP Query User{B2198B81-CE3E-4E43-AA9A-6929C327CF99}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\addonweb.exe
FirewallRules: [TCP Query User{7ACE457C-6AF2-4FC0-ADE7-0F69FD4CF981}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe
FirewallRules: [UDP Query User{9091E0D1-9B27-4521-BF88-3E836A0F8BD9}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe
FirewallRules: [{8252A8AB-ABF6-4413-890B-EC5341103BB7}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{D3930025-AD22-4DCF-A84E-EE58B5762B7D}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [TCP Query User{6827789C-22DB-485C-A76B-C75E4F4751CA}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe
FirewallRules: [UDP Query User{5A4E717A-7F24-4744-9D92-881E71B1D865}C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 1404 - königsedition\tools\anno4web.exe
FirewallRules: [{94EB39FB-9D15-4511-B172-8AAE8A608170}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{57D5FAFC-E73C-4523-A094-DF77A42991BA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{606AB7A5-F610-41E9-8F59-DF5825AF4824}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6F42F84C-BFAB-4323-8D1F-E22A210E49E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{57ABF438-C6F6-4AFA-BA40-44A686BDF2C2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{85D6772E-C816-4207-BE29-70057E7CED15}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{00FD7BA1-8356-4A51-99DB-B8B72506A25A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E8E2FCD3-4369-42DA-A6BC-189711B06F8F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{1AC56BB3-F129-4357-A2B9-1D02EF042BBF}C:\users\cp-msi\appdata\local\programs\truefire 3\truefire 3.exe] => (Allow) C:\users\cp-msi\appdata\local\programs\truefire 3\truefire 3.exe
FirewallRules: [UDP Query User{3FB6CF67-774E-49CF-AFC6-8CDB0CC7C6CE}C:\users\cp-msi\appdata\local\programs\truefire 3\truefire 3.exe] => (Allow) C:\users\cp-msi\appdata\local\programs\truefire 3\truefire 3.exe
FirewallRules: [{CC91EB22-529D-45E6-B667-12DC6132149B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Wiederherstellungspunkte =========================
04-08-2018 07:41:21 Windows Modules Installer
05-08-2018 09:40:42 Windows Modules Installer
06-08-2018 12:26:14 Windows Modules Installer
07-08-2018 13:53:39 Windows Modules Installer
08-08-2018 15:49:29 Windows Modules Installer
09-08-2018 17:47:57 Windows Modules Installer
10-08-2018 19:31:52 Windows Modules Installer
11-08-2018 21:47:56 Windows Modules Installer
11-08-2018 22:00:46 Revo Uninstaller's restore point - Extended Asian Language font pack for Adobe Acrobat Reader DC
13-08-2018 00:29:53 Windows Modules Installer
13-08-2018 17:59:51 Removed Firebird SQL Server - MAGIX Edition
13-08-2018 18:02:22 Revo Uninstaller's restore point - MAGIX Content and Soundpools
13-08-2018 18:03:22 Revo Uninstaller's restore point - MAGIX Music Maker Silver
13-08-2018 18:04:15 Revo Uninstaller's restore point - MAGIX Photo Manager 15
13-08-2018 18:14:30 Removed M3UExportTool
13-08-2018 18:15:32 Finale wurde entfernt
14-08-2018 02:21:51 Windows Modules Installer
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/14/2018 09:12:00 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24
Error: (08/14/2018 09:12:00 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23
Error: (08/14/2018 09:12:00 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22
Error: (08/14/2018 09:12:00 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21
Error: (08/14/2018 09:12:00 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20
Error: (08/14/2018 09:12:00 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19
Error: (08/14/2018 09:12:00 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18
Error: (08/14/2018 09:12:00 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17
Systemfehler:
=============
Error: (08/14/2018 09:54:32 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (08/14/2018 09:04:27 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (08/14/2018 07:41:08 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (08/14/2018 07:38:10 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (08/13/2018 10:12:11 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (08/13/2018 09:23:27 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (08/13/2018 08:35:32 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (08/13/2018 07:10:14 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Windows Defender:
===================================
Date: 2018-08-14 02:22:59.101
Description:
Die Windows Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {64A44F24-75A7-481F-9EAC-0B499F3B3D05}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2018-08-14 00:34:23.728
Description:
Die Windows Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {E87F0D5E-3226-4F64-8236-3E396EBCE4F8}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2018-08-07 23:19:50.783
Description:
Die Windows Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {84F08FEB-CD03-43BD-A86C-282995DDB79A}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2018-08-06 21:26:50.938
Description:
Die Windows Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {33399C81-C621-422F-AAB7-24CE5CAD4343}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2018-08-06 21:12:44.823
Description:
Die Windows Defender Antivirus-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {5E81A95F-90D0-469F-BF20-F4988D306032}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2018-07-21 17:03:44.207
Description:
Fehler von Windows Defender Antivirus beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.273.91.0
Updatequelle: Microsoft Update-Server
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.15100.1
Fehlercode: 0x80240022
Fehlerbeschreibung: Die Suche des Programms nach Definitionsaktualisierungen ist nicht möglich.
Date: 2018-07-21 17:03:44.207
Description:
Fehler von Windows Defender Antivirus beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.273.91.0
Updatequelle: Microsoft Update-Server
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.15100.1
Fehlercode: 0x80240022
Fehlerbeschreibung: Die Suche des Programms nach Definitionsaktualisierungen ist nicht möglich.
CodeIntegrity:
===================================
Date: 2018-08-14 10:04:44.750
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Microsoft signing level requirements.
Date: 2018-08-14 10:04:44.748
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Microsoft signing level requirements.
Date: 2018-08-14 10:04:22.744
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.
Date: 2018-08-14 10:04:22.742
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.
Date: 2018-08-14 10:04:16.922
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftPdfReader.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.
Date: 2018-08-14 10:04:16.907
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftPdfReader.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.
Date: 2018-08-14 09:55:13.565
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.
Date: 2018-08-14 09:55:13.562
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume3\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
Prozentuale Nutzung des RAM: 21%
Installierter physikalischer RAM: 16260.12 MB
Verfügbarer physikalischer RAM: 12800.54 MB
Summe virtueller Speicher: 18692.12 MB
Verfügbarer virtueller Speicher: 14678.69 MB
==================== Laufwerke ================================
Drive c: (OS_Install) (Fixed) (Total:237.18 GB) (Free:54.21 GB) NTFS
Drive d: (Data) (Fixed) (Total:914.4 GB) (Free:18.58 GB) NTFS
\\?\Volume{70c8fa8f-1838-4970-a78c-a5d7eb907ba8}\ (WinRE tools) (Fixed) (Total:0.88 GB) (Free:0.35 GB) NTFS
\\?\Volume{d94ce0c7-7a91-42fe-ab44-9e6c30665fb6}\ (BIOS_RVY) (Fixed) (Total:17.11 GB) (Free:0.65 GB) NTFS
\\?\Volume{f19c7517-9aef-4bda-af16-3c0bddbb5e3d}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 4402EC77)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 4402ECA9)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
14.08.2018, 09:38
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PUP.Optional bleibt hartnäckig Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter BootExecute: autocheck autochk * sdnclean64.exe
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
Task: {BF00E9D1-4E05-43BC-B23A-D83CFA5CC5A2} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
C:\WINDOWS\System32\Tasks\Safer-Networking
C:\ProgramData\Spybot - Search & Destroy
hosts:
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.08.2018, 11:48
| #14 |
| | PUP.Optional bleibt hartnäckig Danke für deine Geduld, das ist wie ein Blindflug für mich, ich verstehe bei all dem leider nur "Bahnhof". Hier ist die Fixlog.txt: Code:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02.08.2018
durchgeführt von CP-MSI (14-08-2018 12:30:06) Run:1
Gestartet von C:\Users\CP-MSI\Desktop
Geladene Profile: CP-MSI (Verfügbare Profile: CP-MSI & Administrator)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
Task: {BF00E9D1-4E05-43BC-B23A-D83CFA5CC5A2} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
C:\WINDOWS\System32\Tasks\Safer-Networking
C:\ProgramData\Spybot - Search & Destroy
hosts:
emptytemp:
*****************
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4" => erfolgreich entfernt
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.6" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF00E9D1-4E05-43BC-B23A-D83CFA5CC5A2}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF00E9D1-4E05-43BC-B23A-D83CFA5CC5A2}" => erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => nicht gefunden
C:\WINDOWS\System32\Tasks\Safer-Networking => erfolgreich verschoben
C:\ProgramData\Spybot - Search & Destroy => erfolgreich verschoben
C:\Windows\System32\Drivers\etc\hosts => erfolgreich verschoben
Hosts erfolgreich wiederhergestellt.
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19256295 B
Java, Flash, Steam htmlcache => 1288 B
Windows/system/drivers => 639323 B
Edge => 10240 B
Chrome => 0 B
Firefox => 486387991 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 27136 B
LocalService => 0 B
NetworkService => 33236 B
NetworkService => 0 B
CP-MSI => 89391446 B
Administrator => 9340 B
RecycleBin => 0 B
EmptyTemp: => 575.7 MB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 12:31:07 ====
|
|
14.08.2018, 12:16
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | PUP.Optional bleibt hartnäckig Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: Malwarebytes Version 3 Downloade Dir bitte Malwarebytes Anti-Malware 3
2. Schritt: ESET Downloade Dir bitte ESET Online Scanner (Bebilderte Anleitung)
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu PUP.Optional bleibt hartnäckig |
| adwcleaner, auf einmal, besser, besuch, browserfenster, desinfektion, google, hartnäckig, heute, hitman, installationen, leiten, neues, plötzlich, pup.optional, spybot, tagen, unterstützung, verdächtig, versuch |
dann auf 
und dann auf 
. 
Linear-Darstellung
