Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Aus dem Web.....blokiert mein Internet (https://www.trojaner-board.de/178075-web-blokiert-internet.html)

Monstera 22.04.2016 10:45
Aus dem Web.....blokiert mein Internet
 
Hallo Experten,
liege hier im Krankenhaus und veruche ein wenig zu surfen.
Da kommt auf der rechten Seite ein Pupop "Aus dem Web" und blokiert mein Internet.

Auch macht sich ungefragt einfach eine Seite mit Werbung auf
Leider kann ich dadurch nichts doanladen da "Aus dem WEb" mir das Iternet blockiert.

Kann mir da jemand helfen, zu hause habe alles auf einem Stick
Gruß Monstera

M-K-D-B 22.04.2016 20:10
:hallo:


Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Danke für deine Mitarbeit!




Ggf. von einem anderen Rechner die folgenden Programme via USB-Stick auf den Desktop des infizierten Rechners laden und ausführen.


Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:


Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.

Monstera 22.04.2016 22:57
Hi Matthias,
hier Teil 1
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
durchgeführt von PC (Administrator) auf PC-PC (22-04-2016 23:16:49)
Gestartet von C:\Users\PC\Downloads
Geladene Profile: PC (Verfügbare Profile: PC & Gast & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
() C:\Program Files\Everything\Everything.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(LULU Software Limited) C:\Program Files (x86)\Soda PDF 3D Reader\HelperService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(O&O Software GmbH) C:\Program Files\OO Software\DiskImage\oodiag.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(O&O Software GmbH) C:\Program Files\OO Software\DiskImage\ooditray.exe
() C:\Program Files\Everything\Everything.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6769.40891.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6769.40891.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2015-11-27] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-28] (Synaptics Incorporated)
HKLM\...\Run: [OODITRAY.EXE] => C:\Program Files\OO Software\DiskImage\ooditray.exe [6360824 2015-08-28] (O&O Software GmbH)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-03-03] (Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [56592 2016-03-03] (Raptr, Inc)
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\Run: [F579D32520C4CBAF298862F1BEDBBDD0A557E2BB._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1003160 2016-04-06] (Google Inc.)
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51662464 2016-04-08] (Skype Technologies S.A.)
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\Run: [AntiBrowserSpy - BrowserMask] => C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [816640 2016-01-08] ()
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\MountPoints2: {8d0e7b99-e9a4-11e5-b6ff-20689d1e57b6} - "G:\autorun.exe"
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\MountPoints2: {9e81865e-3b60-11e5-88d7-806e6f6e6963} - "D:\start.exe"
ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => C:\Program Files\OO Software\DiskImage\oodishi.dll [2015-08-28] (O&O Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2015-11-24]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-03-06]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\Parameters: [NameServer] 82.163.143.171 82.163.142.173
Tcpip\..\Interfaces\{1f20a2f8-5f46-48e6-b412-693bd924926d}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{6dc7b702-0c45-4de1-a402-3cc3d6fa48c0}: [DhcpNameServer] 82.163.143.171
Tcpip\..\Interfaces\{c4506c39-3486-446e-aa19-5eac0360af24}: [DhcpNameServer] 82.163.143.171
Tcpip\..\Interfaces\{fd1e8feb-c8f3-4d2a-ac61-a21c3b3c1abc}: [DhcpNameServer] 82.163.143.171

Internet Explorer:
==================
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
SearchScopes: HKU\S-1-5-21-261562712-3610274027-2406615811-1000 -> {C1EE5DD0-D6CE-4591-AC55-509365F26D03} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=chr-yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-261562712-3610274027-2406615811-1000 -> {E71A49A3-7DFF-4CFD-801F-79BA30EDA49B} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-19] (Google Inc.)
BHO-x32: Soda PDF 3D Reader Helper -> {2FE0F895-6D1D-4c80-A20D-18E42DE9B631} -> C:\Program Files (x86)\Soda PDF 3D Reader\PDFIEHelper.dll [2013-08-19] (LULU Software Limited)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-25] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-25] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-19] (Google Inc.)
Toolbar: HKLM-x32 - Soda PDF 3D Reader Toolbar - {64C9D46E-8F8B-4158-9780-A6581C7439B1} - C:\Program Files (x86)\Soda PDF 3D Reader\PDFIEPlugin.dll [2013-08-19] (LULU Software Limited)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19] (Google Inc.)
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-19] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://google.de/
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR DefaultSearchURL: Default -> hxxp://www.yessearches.com/chrome.php?q={searchTerms}&ts=AHEpC3YnA3AqAE..&v=20160323&uid=A7608D7CBCBC8C550A10284618D43029&ptid=cos1&mode=nnnb
CHR DefaultSearchKeyword: Default -> yessearches
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-05]
CHR Extension: (Google Docs) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-05]
CHR Extension: (Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2016-04-22]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-25]
CHR Extension: (Adblock Plus) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-08]
CHR Extension: (Google-Suche) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-16]
CHR Extension: (Google Tabellen) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-05]
CHR Extension: (Ad.Block Plus+) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopfmfbdadhahnjfgcbfcflmnlgpgggg [2016-01-05]
CHR Extension: (Google Docs Offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-25]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-21]
CHR Extension: (Google Mail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-05]
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2016-03-06] (Adobe Systems) [Datei ist nicht signiert]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 Everything; C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] () [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
R2 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [7766264 2015-08-28] (O&O Software GmbH)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-03-03] (Plays.tv, LLC)
R2 Soda PDF 3D Reader Helper Service; C:\Program Files (x86)\Soda PDF 3D Reader\HelperService.exe [1162592 2013-08-19] (LULU Software Limited)
S2 Soda PDF 3D Reader Service; C:\Program Files (x86)\Soda PDF 3D Reader\ConversionService.exe [852320 2013-08-19] (LULU Software Limited)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4318760 2015-08-28] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-09-18] (Advanced Micro Devices)
R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [116888 2015-08-28] (O&O Software GmbH)
R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [41112 2015-08-28] (O&O Software GmbH)
R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [255640 2015-08-28] (O&O Software GmbH)
R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44696 2015-08-28] (O&O Software GmbH)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30544 2016-02-17] (HP)
U3 DfSdkS; kein ImagePath
U3 idsvc; kein ImagePath
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-22 23:16 - 2016-04-22 23:18 - 00017117 _____ C:\Users\PC\Downloads\FRST.txt
2016-04-22 23:16 - 2016-04-22 23:16 - 00000000 ____D C:\FRST
2016-04-22 23:15 - 2016-04-22 23:16 - 02375680 _____ (Farbar) C:\Users\PC\Downloads\FRST64.exe
2016-04-22 18:25 - 2016-04-22 19:41 - 00030720 _____ C:\Users\PC\Documents\Test-Moni.xls
2016-04-22 12:53 - 2016-04-22 12:53 - 00002252 _____ C:\Users\PC\Desktop\AdwCleaner[C2].txt
2016-04-22 12:47 - 2016-04-22 12:47 - 00001104 _____ C:\Users\PC\Desktop\AdwCleaner_5.112 - Verknüpfung.lnk
2016-04-22 12:43 - 2016-04-22 12:43 - 00005038 _____ C:\Users\PC\Desktop\AdwCleaner[C1].txt
2016-04-22 12:34 - 2016-04-22 12:51 - 00000000 ____D C:\AdwCleaner
2016-04-22 12:34 - 2016-04-22 12:34 - 03683904 _____ C:\Users\PC\Downloads\AdwCleaner_5.112.exe
2016-04-22 11:17 - 2016-04-22 11:18 - 00000000 ____D C:\Users\PC\Desktop\Spiele
2016-04-22 11:10 - 2016-04-22 11:11 - 00000000 ____D C:\Users\PC\Desktop\Konstruktionsapp
2016-04-22 08:21 - 2016-04-22 22:29 - 00000000 ____D C:\Users\PC\AppData\Roaming\Everything
2016-04-22 08:21 - 2016-04-22 08:21 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2016-04-22 08:21 - 2016-04-22 08:21 - 00000000 ____D C:\Program Files\Everything
2016-04-20 18:07 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-20 18:07 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-20 18:07 - 2016-03-29 10:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-20 18:07 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-20 18:07 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-20 18:07 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-20 18:07 - 2016-03-29 09:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-20 18:07 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-20 18:07 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-20 18:07 - 2016-03-29 09:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-20 18:07 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-20 18:07 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-20 18:07 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-20 18:07 - 2016-03-29 08:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-20 18:07 - 2016-03-29 08:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-20 18:07 - 2016-03-29 08:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-20 18:07 - 2016-03-29 08:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-20 18:07 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-20 18:07 - 2016-03-29 07:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-20 18:07 - 2016-03-29 07:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-20 18:07 - 2016-03-29 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-20 18:07 - 2016-03-29 07:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-20 18:07 - 2016-03-29 07:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-20 18:06 - 2016-03-29 12:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-20 18:06 - 2016-03-29 12:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-20 18:06 - 2016-03-29 10:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-20 18:06 - 2016-03-29 09:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-20 18:06 - 2016-03-29 09:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-20 18:06 - 2016-03-29 09:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-20 18:06 - 2016-03-29 08:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-20 18:06 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-20 18:06 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-20 18:06 - 2016-03-29 08:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-20 18:06 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-20 18:06 - 2016-03-29 08:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-20 18:06 - 2016-03-29 07:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-20 18:06 - 2016-03-29 07:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-20 18:05 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-20 18:05 - 2016-04-02 05:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-20 18:05 - 2016-04-02 05:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-20 18:05 - 2016-04-02 05:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-20 18:05 - 2016-04-02 05:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-20 18:05 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-20 18:05 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-20 18:05 - 2016-03-29 11:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-20 18:05 - 2016-03-29 10:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-20 18:05 - 2016-03-29 09:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-20 18:05 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-20 18:05 - 2016-03-29 09:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-20 18:05 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-20 18:05 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-20 18:05 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-20 18:05 - 2016-03-29 08:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-20 18:05 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-20 18:05 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-20 18:05 - 2016-03-29 08:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-20 18:05 - 2016-03-29 08:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-20 18:05 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-20 18:05 - 2016-03-29 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-20 18:05 - 2016-03-29 07:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-20 18:05 - 2016-03-29 07:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-20 18:05 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-20 18:05 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-20 18:05 - 2016-03-29 07:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-20 18:05 - 2016-03-29 07:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-20 18:04 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-20 18:04 - 2016-04-02 06:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-20 18:04 - 2016-04-02 05:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-20 18:04 - 2016-04-02 05:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-20 18:04 - 2016-04-02 05:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-20 18:04 - 2016-04-02 05:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-20 18:04 - 2016-04-02 05:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-20 18:04 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-20 18:04 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-20 18:04 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-20 18:04 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-20 18:04 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-20 18:04 - 2016-03-29 11:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-20 18:04 - 2016-03-29 11:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-20 18:04 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-20 18:04 - 2016-03-29 10:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-20 18:04 - 2016-03-29 10:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-20 18:04 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-20 18:04 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-20 18:04 - 2016-03-29 09:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-20 18:04 - 2016-03-29 09:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-20 18:04 - 2016-03-29 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-20 18:04 - 2016-03-29 09:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-20 18:04 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-20 18:04 - 2016-03-29 09:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-20 18:04 - 2016-03-29 09:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-20 18:04 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-20 18:04 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-20 18:04 - 2016-03-29 09:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-20 18:04 - 2016-03-29 09:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-20 18:04 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-20 18:04 - 2016-03-29 09:14 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-04-20 18:04 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-20 18:04 - 2016-03-29 09:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-20 18:04 - 2016-03-29 09:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-20 18:04 - 2016-03-29 09:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-20 18:04 - 2016-03-29 09:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-20 18:04 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-20 18:04 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-20 18:04 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-20 18:04 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-20 18:04 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-20 18:04 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-20 18:04 - 2016-03-29 08:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-20 18:04 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-20 18:04 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-20 18:04 - 2016-03-29 08:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-20 18:04 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-20 18:04 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-20 18:04 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-20 18:04 - 2016-03-29 08:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-20 18:04 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-20 18:04 - 2016-03-29 08:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-20 18:04 - 2016-03-29 08:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-20 18:04 - 2016-03-29 08:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-20 18:04 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-20 18:04 - 2016-03-29 08:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-20 18:04 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-20 18:04 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-20 18:04 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-20 18:04 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-20 18:04 - 2016-03-29 08:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-20 18:04 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-20 18:04 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-20 18:04 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-20 18:04 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-20 18:03 - 2016-04-02 05:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-20 18:03 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-20 18:03 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-20 18:03 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-20 18:03 - 2016-03-29 11:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-20 18:03 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-20 18:03 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-20 18:03 - 2016-03-29 10:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-20 18:03 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-20 18:03 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-20 18:03 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-20 18:03 - 2016-03-29 09:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-20 18:03 - 2016-03-29 09:51 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-04-20 18:03 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-20 18:03 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-20 18:03 - 2016-03-29 09:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-20 18:03 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-20 18:03 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-20 18:03 - 2016-03-29 09:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-20 18:03 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-20 18:03 - 2016-03-29 09:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-20 18:03 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-20 18:03 - 2016-03-29 09:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-20 18:03 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-20 18:03 - 2016-03-29 09:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-20 18:03 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-20 18:03 - 2016-03-29 08:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-20 18:03 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-20 18:03 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-20 18:03 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-20 18:03 - 2016-03-29 08:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-20 18:03 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-20 18:03 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-20 18:03 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-20 18:03 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-20 18:03 - 2016-03-29 08:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-20 18:03 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-20 18:03 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-20 18:03 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-20 18:03 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-20 18:03 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-20 18:02 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-20 18:02 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-20 18:02 - 2016-04-02 05:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-20 18:02 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-20 18:02 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-20 18:02 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-20 18:02 - 2016-03-29 11:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-20 18:02 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-20 18:02 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-20 18:02 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-20 18:02 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-20 18:02 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-20 18:02 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-20 18:02 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-20 18:02 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-20 18:02 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-20 18:02 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-20 18:02 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-20 18:02 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-20 18:02 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-20 18:02 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-20 18:02 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-20 18:02 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-20 18:02 - 2016-03-29 09:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-20 18:02 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-20 18:02 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-20 18:02 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-20 18:02 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-20 18:02 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-20 18:02 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-20 18:02 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-20 18:02 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-20 18:02 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-20 18:02 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-20 18:02 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-20 18:02 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-20 18:02 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-20 18:02 - 2016-03-29 08:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-20 18:02 - 2016-03-29 08:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-20 18:02 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-20 18:02 - 2016-03-29 08:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-20 18:02 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-20 18:02 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-20 18:01 - 2016-04-02 05:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-20 18:01 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-20 18:01 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-20 18:01 - 2016-04-02 05:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-20 18:01 - 2016-04-02 05:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-20 18:01 - 2016-04-02 05:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-20 18:01 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-20 18:01 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-20 18:01 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-20 18:01 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-20 18:01 - 2016-03-29 09:54 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-04-20 18:01 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-20 18:01 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-20 18:01 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-20 18:01 - 2016-03-29 09:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-20 18:01 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-20 18:01 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-20 18:01 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-20 18:01 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-20 18:01 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-20 18:01 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-20 18:01 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-20 18:01 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-20 18:01 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-20 18:01 - 2016-03-29 08:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-20 18:01 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-20 18:01 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-20 18:01 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-20 18:01 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-20 18:01 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-20 18:01 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-20 18:01 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-20 18:01 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-20 18:01 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-20 18:00 - 2016-04-02 05:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-20 18:00 - 2016-03-29 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-20 18:00 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-20 18:00 - 2016-03-29 10:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-20 18:00 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-20 18:00 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-20 18:00 - 2016-03-29 10:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-20 18:00 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-20 18:00 - 2016-03-29 09:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-20 18:00 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-20 18:00 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-20 18:00 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-20 18:00 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-20 18:00 - 2016-03-29 09:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-20 18:00 - 2016-03-29 09:49 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-04-20 18:00 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-20 18:00 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-20 18:00 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-20 18:00 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-20 18:00 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-20 18:00 - 2016-03-29 08:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-20 18:00 - 2016-03-29 08:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-20 18:00 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-20 17:59 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-20 17:59 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-20 17:59 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-20 17:59 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-20 17:59 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-20 17:59 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-20 17:59 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-20 17:59 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-20 17:59 - 2016-03-29 08:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-20 17:57 - 2016-03-29 09:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-20 17:56 - 2016-03-29 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-20 17:56 - 2016-03-29 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-20 17:56 - 2016-03-29 09:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-20 17:56 - 2016-03-29 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-20 17:56 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-20 17:55 - 2016-03-29 09:14 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-04-20 17:54 - 2016-03-29 09:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-20 17:49 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-20 16:31 - 2016-04-20 16:31 - 00055041 ___RT C:\Users\PC\Documents\Projektplan_Berliner Stadtmission.xlsx
2016-03-30 13:13 - 2016-04-22 11:12 - 00000000 ___RD C:\Users\PC\Desktop\Musikabspielpro
2016-03-30 13:08 - 2016-04-22 11:12 - 00000000 ____D C:\Users\PC\Desktop\Wartung
2016-03-30 13:07 - 2016-03-30 13:09 - 00000000 ____D C:\Users\PC\Desktop\Bilderbearbeitung
2016-03-28 17:22 - 2016-03-28 17:22 - 141270216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MRT.exe
2016-03-28 17:21 - 2016-03-28 17:22 - 29011992 _____ (Microsoft Corporation) C:\Users\PC\Downloads\FileFormatConverters4 (2).exe
2016-03-28 16:58 - 2016-03-28 17:21 - 54887136 _____ (Microsoft Corporation) C:\Users\PC\Downloads\Windows-KB890830-V5.34.exe
2016-03-28 16:58 - 2016-03-28 17:06 - 373578968 _____ (Microsoft Corporation) C:\Users\PC\Downloads\office2007sp3-kb2526086-fullfile-de-de.exe
2016-03-28 16:58 - 2016-03-28 17:01 - 39074536 _____ (Microsoft Corporation) C:\Users\PC\Downloads\FileFormatConverters.exe
2016-03-28 16:41 - 2016-03-28 16:41 - 00000000 ____D C:\Program Files (x86)\MSECache
2016-03-28 16:37 - 2016-03-28 16:38 - 29011992 _____ (Microsoft Corporation) C:\Users\PC\Downloads\FileFormatConverters4 (1).exe
2016-03-28 16:37 - 2016-03-28 16:37 - 29011992 _____ (Microsoft Corporation) C:\Users\PC\Downloads\FileFormatConverters4.exe
2016-03-27 12:28 - 2016-03-27 12:37 - 02869760 _____ C:\Users\PC\Downloads\lottozahlen_archiv (1).xls
2016-03-27 10:54 - 2016-03-27 10:55 - 00987728 _____ (Google Inc.) C:\Users\PC\Downloads\ChromeSetup.exe
2016-03-26 08:57 - 2016-03-26 08:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hex-Editor MX
2016-03-26 08:56 - 2016-03-26 08:57 - 00000000 ____D C:\Program Files (x86)\Hex-Editor MX
2016-03-26 08:55 - 2016-03-26 08:55 - 00860736 _____ C:\Users\PC\Downloads\hexedit602.zip
2016-03-25 20:30 - 2016-03-25 20:30 - 00000000 ____D C:\Users\PC\AppData\Roaming\dlg
2016-03-25 20:26 - 2016-03-25 21:10 - 00000000 ____D C:\Program Files\fe1920a152aa161f127ed1ed733a8acb
2016-03-25 20:26 - 2016-03-25 21:09 - 00000000 ____D C:\Users\PC\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-03-25 20:26 - 2016-03-25 20:26 - 00000000 ____D C:\extensions
2016-03-25 20:25 - 2016-03-25 20:26 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-03-25 19:59 - 2016-03-25 19:59 - 00015428 _____ C:\Users\PC\RefEdit.exd
2016-03-25 19:59 - 2016-03-25 19:59 - 00011776 _____ C:\Users\PC\Downloads\Winkel.xls

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-22 23:17 - 2015-12-02 17:07 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d12d13239242a7.job
2016-04-22 22:49 - 2015-12-02 20:52 - 02086168 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-22 22:49 - 2015-10-30 20:35 - 00889250 _____ C:\WINDOWS\system32\perfh007.dat
2016-04-22 22:49 - 2015-10-30 20:35 - 00197298 _____ C:\WINDOWS\system32\perfc007.dat
2016-04-22 22:49 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-22 22:42 - 2015-12-02 17:07 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d12d13235539a1.job
2016-04-22 22:41 - 2015-12-02 21:12 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-22 22:41 - 2015-10-25 23:20 - 00000332 _____ C:\WINDOWS\Tasks\HPCeeScheduleForPC.job
2016-04-22 22:29 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-04-22 21:36 - 2016-03-04 04:35 - 00004144 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B6C246B2-FD71-44F9-BCE6-EB4B4C5BE06A}
2016-04-22 20:58 - 2015-11-16 16:32 - 00000000 ____D C:\Users\PC\AppData\Roaming\Skype
2016-04-22 20:57 - 2015-12-04 20:04 - 00000000 ____D C:\Users\PC\AppData\Roaming\MediaMonkey
2016-04-22 19:19 - 2015-11-08 15:46 - 00000000 ____D C:\KeePass2.29
2016-04-22 13:17 - 2015-10-25 23:20 - 00003212 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForPC
2016-04-22 12:45 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-22 11:20 - 2015-12-02 21:35 - 00000000 ___RD C:\Users\PC\OneDrive
2016-04-22 09:57 - 2010-11-21 05:27 - 00453288 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-22 09:16 - 2015-12-08 13:52 - 00000000 ____D C:\Users\PC\AppData\Roaming\XnView
2016-04-22 04:01 - 2015-12-02 20:53 - 00000000 ____D C:\Users\PC
2016-04-21 15:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-21 13:24 - 2015-08-05 13:05 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-21 12:38 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-21 12:29 - 2015-12-02 20:39 - 00463504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-20 19:46 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-20 19:46 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-20 19:46 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-20 19:46 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-20 19:33 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-20 19:30 - 2015-08-12 21:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-20 19:24 - 2015-08-12 21:00 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-20 18:43 - 2015-11-16 16:32 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-20 18:43 - 2015-11-16 16:31 - 00000000 ____D C:\ProgramData\Skype
2016-04-20 18:35 - 2015-12-02 21:27 - 00000000 ____D C:\Users\PC\AppData\Local\Packages
2016-04-06 20:32 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-06 20:32 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-30 13:16 - 2016-03-05 06:36 - 00000000 ____D C:\Program Files (x86)\Lux3
2016-03-30 09:42 - 2016-03-08 23:00 - 00000000 ____D C:\ProgramData\eJay
2016-03-30 09:35 - 2016-03-08 16:04 - 00000000 ____D C:\Program Files (x86)\MAGIX
2016-03-30 09:35 - 2016-03-08 16:03 - 00000000 ____D C:\ProgramData\MAGIX
2016-03-28 17:02 - 2015-11-24 14:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-03-25 21:11 - 2015-12-02 21:27 - 00000000 ____D C:\Users\DefaultAppPool
2016-03-25 21:11 - 2015-12-02 20:53 - 00000000 ____D C:\Users\Gast
2016-03-25 21:11 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-03-25 21:11 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\servicing
2016-03-25 21:10 - 2016-03-06 13:10 - 00000000 ____D C:\Users\PC\Projects Series
2016-03-25 21:10 - 2016-03-06 13:10 - 00000000 ____D C:\Users\PC\PhotoBuzzer Projects 1
2016-03-25 21:10 - 2016-03-06 09:45 - 00000000 ____D C:\Users\PC\AppData\Local\Abelssoft
2016-03-25 21:09 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-03-25 21:09 - 2009-07-14 05:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-03-25 21:00 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\registration
2016-03-25 17:57 - 2016-01-28 19:39 - 00143272 _____ C:\Users\PC\AppData\Roaming\GDIPFONTCACHEV1.DAT

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-01-05 13:56 - 2016-01-05 13:56 - 0000037 ___SH () C:\Users\PC\AppData\Local\70149b02515b3bb20dd492.47983420
2015-12-04 23:05 - 2015-12-04 23:05 - 0004608 _____ () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Einige Dateien in TEMP:
====================
C:\Users\PC\AppData\Local\Temp\libeay32.dll
C:\Users\PC\AppData\Local\Temp\msvcr120.dll
C:\Users\PC\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-20 17:49

==================== Ende von FRST.txt ============================
hier Teil2
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-04-2016
durchgeführt von PC (2016-04-22 23:19:53)
Gestartet von C:\Users\PC\Downloads
Windows 10 Home Version 1511 (X64) (2015-12-02 19:27:34)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-261562712-3610274027-2406615811-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-261562712-3610274027-2406615811-503 - Limited - Disabled)
Gast (S-1-5-21-261562712-3610274027-2406615811-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-261562712-3610274027-2406615811-1003 - Limited - Enabled)
PC (S-1-5-21-261562712-3610274027-2406615811-1000 - Administrator - Enabled) => C:\Users\PC

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
AllDup 3.4.24 (HKLM-x32\...\AllDup_is1) (Version: 3.4.24 - Michael Thummerer Software Design)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
AntiBrowserSpy (HKLM-x32\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 169 - Abelssoft)
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo WinOptimizer 2016 (HKLM-x32\...\{4209F371-38F5-0B47-1C5B-A4A8456950A3}_is1) (Version: 12.00.40 - Ashampoo GmbH & Co. KG)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
COMPUTER BILD-App-Starter  (HKLM-x32\...\COMPUTER BILD-App-Starter) (Version:  - )
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
DC Toolkit Pro 2 Architekt (HKLM-x32\...\DC Toolkit Pro 2 Architekt_is1) (Version: 2.0.0 - Franzis Verlag)
DC Toolkit Pro 2 Ingenieur (HKLM-x32\...\DC Toolkit Pro 2 Ingenieur_is1) (Version: 2.0.0 - Franzis Verlag)
DC Toolkit Pro 2 Tischler (HKLM-x32\...\DC Toolkit Pro 2 Tischler_is1) (Version: 2.0.0 - Franzis Verlag)
DesignCAD 3D Max 23 (HKLM-x32\...\{01835371-C7CE-4307-A9F9-2DC37DA5293D}) (Version: 23.0.0 - IMSIDesign)
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version:  - )
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.173.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.2.8.17 - Hewlett-Packard Company)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Kyodai Mahjongg 2006 v1.42 (HKLM-x32\...\Kyodai Mahjongg 2006_is1) (Version:  - Rene-Gilles Deberdt)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LAV Filters 0.64 (HKLM-x32\...\lavfilters_is1) (Version: 0.64 - Hendrik Leppkes)
Mahjongg - Ancient Mayas (HKLM-x32\...\{BDA4BA81-D380-4596-95D3-5D8FA612FDA1}_is1) (Version:  - cerasus.media GmbH)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft Office XP Professional mit FrontPage (HKLM-x32\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.01 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
O&O DiskImage Professional (HKLM\...\{10C83530-840D-4AA3-994A-A9B9559B56C5}) (Version: 9.10.102 - O&O Software GmbH)
Photo BUZZER (64-Bit) (HKLM\...\EMOTION_PROJECTS_1_2_CDF5610E_is1) (Version: 1.14 - Franzis Verlag GmbH)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.8.8-r109999-release - Plays.tv, LLC)
Q-Dir (HKLM-x32\...\Q-Dir) (Version:  - )
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.0.3-r110001-release - Raptr, Inc)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.54.309.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6652 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29005 - Realtek Semiconductor Corp.)
Serif DrawPlus X6 (HKLM\...\{8A8AB2D3-53DE-4A65-8D35-68A09AA1AD7A}) (Version: 13.0.3.26 - Serif (Europe) Ltd)
Serif PhotoPlus X7 (HKLM\...\{7B7344AA-B8E3-4A86-B499-517B7E2F6CB3}) (Version: 17.0.3.023 - Serif (Europe) Ltd)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Soda PDF 3D Reader (HKLM-x32\...\{025C48E1-4695-4F49-906E-EBABCD54EA51}) (Version: 5.0.30.11889 - LULU Software Limited)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.19-0 - Bitnami)
XnView 2.34 (HKLM-x32\...\XnView_is1) (Version: 2.34 - Gougelet Pierre-e)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-261562712-3610274027-2406615811-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\PC\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02CF7A3F-AAD8-4E61-B716-7DBF67C62160} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {083DC944-E27B-4EF0-BE3A-6A8B9CBFC6A6} - System32\Tasks\{DA10FA2B-437F-4571-A584-D0387598B2E1} => pcalua.exe -a E:\sp57434.exe -d E:\
Task: {09229287-FF30-48DB-9DE5-91E55E89E074} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {0AB690DA-867C-4EDB-AA55-892133CDB826} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {1325C51C-5CC3-4DF3-B7C9-5B57E5123167} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {1606EAEC-B83E-4107-9867-F338B4922033} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {1A2EBA06-C61F-4C4C-95E3-CA9BFE43FCBE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {1BBA0ECC-16DF-4F48-ACE3-DBC900C1FF77} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {1C9B5F6C-EF78-49FE-A751-3ADD6F983855} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {2489FFE5-74F6-4214-AA7B-3F91D7861FC6} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {25F5691A-40A5-4C51-A023-5868C329C30B} - System32\Tasks\GoogleUpdateTaskMachineUA1d12d13239242a7 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-05] (Google Inc.)
Task: {27DF7894-4511-41CB-A2B5-5782D30905AA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2EAC86C0-E1D1-4E10-B0BF-B6B3CEBDCA28} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {326554BD-203C-4386-B368-8D2C3C9B0C19} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {3776E8F3-C578-4CFA-AA31-4ED66052B967} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {3BA80EFA-741E-4339-B123-E5E776BB75DE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {3CA58688-DC7F-40F8-A2CA-8C14FDDA1AB9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {429E8375-B79A-4594-BFE9-645B12E10D9F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-04-05] (HP Inc.)
Task: {4FB532F7-2023-406C-9928-0CE390D4F55D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-03-11] (Hewlett-Packard)
Task: {50876B6C-6ACA-4C96-AA98-CA8E6AE29AAD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {6047C20E-9A0E-4C77-A366-153386332B3F} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {610E1FB8-3626-490B-BF08-4B5F06FB16DD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {68B7518E-247D-4C6F-8B0F-5858D8752CBB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {6CEF1D55-4A8B-4FBA-A552-B579A87318E6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {6E6CB22B-9331-4420-800D-2BBFC0CE0DBC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {719553D7-525B-4057-B2DB-3413BF402FFF} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {7D4878E8-64E5-4602-8C07-E80A167323F8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {87DC8B2C-7C3D-4FB3-B5B2-9B7D0BBD1DA1} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {9131E4CD-A123-4A88-9D6F-41526BC40D8D} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {93E24D23-CE2B-456E-B406-7271860E1614} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {953ABA95-B44E-414C-B88E-14E05D59256A} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {9CD31E09-A1DB-4E96-8389-1F4D2214B707} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {9E41352D-BBCB-451F-BAAB-8E2C8D36A7A1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {A098E5AB-228A-4706-9DEF-9A4DA79C69D2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {A28CA1CA-59F5-4C86-BBDB-4B37A77BD2D3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {A63BC3DC-2DCD-49A1-96A3-52D760470BAD} - System32\Tasks\{1A69F63C-CDDF-4D93-B81E-E410515DEF76} => pcalua.exe -a E:\sp58586.exe -d E:\
Task: {AE4C289D-67A5-45C9-8CA5-992352EA3637} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-04-05] (HP Inc.)
Task: {B48D4983-B0E5-4D4E-A235-BEB39593EF3C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {B9DC49B2-E0E9-499F-B205-75282CE82DFA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {BC242B0C-D8EE-444F-985C-9D04D42918DB} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {C05F19EE-BC80-40A9-9EF7-E06F2B1D967A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {C3E1F0B3-F893-47FB-8A59-1C5075643228} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {C5C6C097-7861-4D38-B078-00A867236A95} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {CBE30283-25FE-45A5-8F6A-B216CD13B9D5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-20] (Microsoft Corporation)
Task: {DAD51C36-66AE-4E6F-ACAB-BBBFBDA1A872} - System32\Tasks\{9B919B26-39B8-4BE5-B803-87BF06F53AF9} => pcalua.exe -a "C:\Program Files (x86)\The Truth About Ada\uninst.exe"
Task: {DD98E0DC-9376-483C-B0C8-18C77B221676} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-05] (Google Inc.)
Task: {E6FEA7C8-0681-4A6B-A843-71A7DBA55CFB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {E9EC0A49-42C0-4AD7-AC8D-58A442344C81} - System32\Tasks\HPCeeScheduleForPC => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {EAE19955-D12A-498C-A8DB-4ECD1198B3CD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {EFD56A51-2461-43A1-9367-1AD7EF20178F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-05] (Google Inc.)
Task: {F1E47111-E947-45B1-B913-1D0BEA81AB80} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {F20956C5-4E2C-4C27-9CF2-9E3CA9110198} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F7C65971-6182-48B7-8113-5FDDE08CB97C} - System32\Tasks\GoogleUpdateTaskMachineCore1d12d13235539a1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-05] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d12d13235539a1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d12d13239242a7.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForPC.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-08-21 23:09 - 2015-08-21 23:09 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-04-22 08:21 - 2014-08-06 03:04 - 01441792 _____ () C:\Program Files\Everything\Everything.exe
2016-04-20 18:06 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-20 18:06 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-08-28 02:01 - 2015-08-28 02:01 - 00345336 _____ () C:\Program Files\OO Software\DiskImage\oodishrs.dll
2015-08-28 02:01 - 2015-08-28 02:01 - 00326904 _____ () C:\Program Files\OO Software\DiskImage\oodiagrs.dll
2015-08-28 02:01 - 2015-08-28 02:01 - 00069880 _____ () C:\Program Files\OO Software\DiskImage\oodiagpsx64.dll
2016-04-20 18:31 - 2016-04-20 18:32 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-04-20 18:03 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-18 17:58 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-20 17:49 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-20 18:04 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-20 18:03 - 2016-04-02 05:00 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-04-20 18:05 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-20 18:05 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-08-28 02:01 - 2015-08-28 02:01 - 00553720 _____ () C:\Program Files\OO Software\DiskImage\ooditrrs.dll
2016-03-06 09:45 - 2016-01-08 14:31 - 00816640 _____ () C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe
2016-03-29 11:51 - 2016-03-29 11:52 - 00016896 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-03-29 11:51 - 2016-03-29 11:52 - 17535488 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-03-04 12:11 - 2016-03-04 12:12 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-04-21 13:24 - 2016-04-06 04:12 - 02140824 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-21 13:24 - 2016-04-06 04:12 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 22:57 - 2015-12-07 22:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2016-04-20 18:31 - 2016-04-20 18:32 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-20 18:31 - 2016-04-20 18:32 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:8D09CB9B [338]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-261562712-3610274027-2406615811-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{07EFE3DE-0215-44F1-AE6F-5523FFC1F865}C:\program files (x86)\kyodai mahjongg 2006\kmj.exe] => (Block) C:\program files (x86)\kyodai mahjongg 2006\kmj.exe
FirewallRules: [TCP Query User{816AD850-E45A-458C-80C9-2A97385C33B4}C:\program files (x86)\kyodai mahjongg 2006\kmj.exe] => (Block) C:\program files (x86)\kyodai mahjongg 2006\kmj.exe
FirewallRules: [{621E8B2D-022D-46EA-B996-EAF7D48603C0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{184844D8-AA89-4531-91BD-293A9C52A133}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{37161028-A725-44BF-9C4E-0C75651C77A8}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [{73D83782-5CC4-4BE2-84FB-458D9DC6507E}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{849DE0BB-B464-4764-BD9D-78F05127D667}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{891BF47F-5287-448F-B2F6-BACC43D63C68}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [{C98CAAC0-1777-4D2D-9287-F90C1F1396B0}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{B23AC914-A616-4BD9-AB3F-FF7DCED7AB83}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{17D3F124-A5FA-4D97-97A2-4127C32E65B1}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{37CA90D8-31AC-4037-8833-E5DC7C4F7D6E}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{1D0086A4-00D4-447A-A68C-09E3421CE248}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{6B385AA1-3D7D-437D-8D44-3027E96A8565}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [TCP Query User{5633C939-A601-40CB-96F0-ECC59F8F63B3}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{C9410077-61F7-415B-BDF8-CC4294E0B438}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{C22D28AA-8C68-40EA-AFA4-90D9391D5031}] => (Allow) LPort=80
FirewallRules: [{174F6F07-C798-4548-8D51-FF9C864BCAD6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

30-03-2016 13:11:06 Removed inSSIDer 3
20-04-2016 19:21:20 Windows Update
20-04-2016 19:23:08 Windows Update
22-04-2016 11:16:03 Removed inSSIDer 3

==================== Fehlerhafte Geräte im Gerätemanager =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/22/2016 10:47:29 PM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/22/2016 10:29:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: ESENT.dll, Version: 10.0.10586.212, Zeitstempel: 0x56fa1686
Ausnahmecode: 0xc0000602
Fehleroffset: 0x000000000022885f
ID des fehlerhaften Prozesses: 0x8b0
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (04/22/2016 10:29:36 PM) (Source: ESENT) (EventID: 908) (User: )
Description: svchost (2224) Der Prozess wird aufgrund eines nicht behebbaren Fehlers beendet: PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1054(tm.cxx:1630): dllentry.cxx(103) (ESENT[10.0.10586.0] RETAIL RTM MBCS)

Error: (04/22/2016 06:22:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm EXCEL.EXE, Version 10.0.2614.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1074

Startzeit: 01d19ca9be05b999

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE

Berichts-ID: 75f41ed9-08a6-11e6-b716-20689d1e57b6

Vollständiger Name des fehlerhaften Pakets:

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (04/22/2016 01:17:45 PM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/22/2016 12:57:10 PM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/22/2016 12:49:08 PM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/22/2016 11:16:21 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (04/22/2016 06:57:05 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/22/2016 06:56:19 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 11) (User: PC-PC)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy1018


Systemfehler:
=============
Error: (04/22/2016 11:19:33 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {B91D5831-B1BD-4608-8198-D72E155020F7}

Error: (04/22/2016 10:42:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Soda PDF 3D Reader Service" wurde mit folgendem Fehler beendet:
%%2147500037

Error: (04/22/2016 10:42:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (04/22/2016 10:29:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "StateRepository-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/22/2016 10:29:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_1b481" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/22/2016 10:29:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _1b481" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/22/2016 10:29:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_1b481" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/22/2016 10:29:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_1b481" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/22/2016 02:07:00 PM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (04/22/2016 12:52:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Soda PDF 3D Reader Service" wurde mit folgendem Fehler beendet:
%%2147500037


CodeIntegrity:
===================================
  Date: 2016-04-22 23:17:32.172
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-22 23:17:32.107
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-22 23:17:32.041
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-22 23:17:31.880
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-22 23:17:31.829
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-22 23:17:31.746
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-22 15:53:59.063
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-22 15:53:59.004
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-22 15:53:55.074
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-22 15:53:54.953
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: AMD E1-1200 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 50%
Installierter physikalischer RAM: 3682.27 MB
Verfügbarer physikalischer RAM: 1823.57 MB
Summe virtueller Speicher: 7394.27 MB
Verfügbarer virtueller Speicher: 5353.43 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:465.07 GB) (Free:381.85 GB) NTFS
Drive d: (Assimil) (CDROM) (Total:0.13 GB) (Free:0 GB) CDFS
Drive e: (windows 10-Daten) (Fixed) (Total:58.59 GB) (Free:58.45 GB) NTFS
Drive f: (Elements) (Fixed) (Total:872.89 GB) (Free:462.34 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1FB83FB5)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: CA8D065F)
Partition 1: (Not Active) - (Size=872.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=58.6 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Monstera 22.04.2016 23:06
und hier Teil 3.1
[CODE23:27:57.0971 0x1e2c TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
23:27:57.0979 0x1e2c UEFI system
23:28:08.0607 0x1e2c ============================================================
23:28:08.0607 0x1e2c Current date / time: 2016/04/22 23:28:08.0607
23:28:08.0607 0x1e2c SystemInfo:
23:28:08.0622 0x1e2c
23:28:08.0622 0x1e2c OS Version: 10.0.10586 ServicePack: 0.0
23:28:08.0622 0x1e2c Product type: Workstation
23:28:08.0622 0x1e2c ComputerName: PC-PC
23:28:08.0622 0x1e2c UserName: PC
23:28:08.0622 0x1e2c Windows directory: C:\WINDOWS
23:28:08.0622 0x1e2c System windows directory: C:\WINDOWS
23:28:08.0622 0x1e2c Running under WOW64
23:28:08.0622 0x1e2c Processor architecture: Intel x64
23:28:08.0622 0x1e2c Number of processors: 2
23:28:08.0622 0x1e2c Page size: 0x1000
23:28:08.0622 0x1e2c Boot type: Normal boot
23:28:08.0622 0x1e2c ============================================================
23:28:08.0906 0x1e2c KLMD registered as C:\WINDOWS\system32\drivers\43680280.sys
23:28:11.0182 0x1e2c System UUID: {7799F892-583E-DB2E-BCDF-39D8C9B1A6D6}
23:28:12.0671 0x1e2c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:28:12.0718 0x1e2c Drive \Device\Harddisk1\DR1 - Size: 0xE8DED00000 ( 931.48 Gb ), SectorSize: 0x200, Cylinders: 0x1DAFD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:28:12.0718 0x1e2c Drive \Device\Harddisk1\DR1 - Size: 0xE8DED00000 ( 931.48 Gb ), SectorSize: 0x200, Cylinders: 0x1DAFD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:28:12.0734 0x1e2c ============================================================
23:28:12.0734 0x1e2c \Device\Harddisk0\DR0:
23:28:12.0734 0x1e2c GPT partitions:
23:28:12.0734 0x1e2c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {90B1E62B-92E5-4DE3-B197-03F1C83F8C82}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
23:28:12.0734 0x1e2c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {5C349ACA-CDA2-435B-BA62-CDA6C3702C7C}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
23:28:12.0734 0x1e2c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {2D1A72D7-E47F-4184-8F4D-69A070F223C0}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x3A223E7E
23:28:12.0734 0x1e2c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {044F7BEB-0DAA-4746-B3EB-E93053B24917}, Name: , StartLBA 0x3A296800, BlocksNum 0xEF800
23:28:12.0734 0x1e2c MBR partitions:
23:28:12.0734 0x1e2c \Device\Harddisk1\DR1:
23:28:12.0734 0x1e2c MBR partitions:
23:28:12.0734 0x1e2c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6D1C6000
23:28:12.0734 0x1e2c \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x6D1C6800, BlocksNum 0x752F000
23:28:12.0734 0x1e2c \Device\Harddisk1\DR1:
23:28:12.0734 0x1e2c MBR partitions:
23:28:12.0734 0x1e2c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6D1C6000
23:28:12.0734 0x1e2c \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x6D1C6800, BlocksNum 0x752F000
23:28:12.0734 0x1e2c ============================================================
23:28:12.0765 0x1e2c C: <-> \Device\Harddisk0\DR0\Partition3
23:28:12.0834 0x1e2c E: <-> \Device\Harddisk1\DR1\Partition2
23:28:12.0888 0x1e2c F: <-> \Device\Harddisk1\DR1\Partition1
23:28:12.0888 0x1e2c ============================================================
23:28:12.0888 0x1e2c Initialize success
23:28:12.0888 0x1e2c ============================================================
23:28:19.0982 0x04a0 ============================================================
23:28:19.0982 0x04a0 Scan started
23:28:19.0982 0x04a0 Mode: Manual;
23:28:19.0982 0x04a0 ============================================================
23:28:19.0982 0x04a0 KSN ping started
23:28:22.0400 0x04a0 KSN ping finished: true
23:28:25.0694 0x04a0 ================ Scan system memory ========================
23:28:25.0695 0x04a0 System memory - ok
23:28:25.0697 0x04a0 ================ Scan services =============================
23:28:25.0957 0x04a0 [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
23:28:25.0961 0x04a0 1394ohci - ok
23:28:26.0008 0x04a0 [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
23:28:26.0008 0x04a0 3ware - ok
23:28:26.0077 0x04a0 [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
23:28:26.0108 0x04a0 ACPI - ok
23:28:26.0157 0x04a0 [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
23:28:26.0161 0x04a0 acpiex - ok
23:28:26.0177 0x04a0 [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
23:28:26.0177 0x04a0 acpipagr - ok
23:28:26.0223 0x04a0 [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
23:28:26.0223 0x04a0 AcpiPmi - ok
23:28:26.0239 0x04a0 [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
23:28:26.0239 0x04a0 acpitime - ok
23:28:26.0339 0x04a0 [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
23:28:26.0339 0x04a0 Adobe LM Service - ok
23:28:26.0461 0x04a0 [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
23:28:26.0523 0x04a0 ADP80XX - ok
23:28:26.0639 0x04a0 [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
23:28:26.0657 0x04a0 AERTFilters - ok
23:28:26.0739 0x04a0 [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD C:\WINDOWS\system32\drivers\afd.sys
23:28:26.0760 0x04a0 AFD - ok
23:28:26.0807 0x04a0 [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
23:28:26.0807 0x04a0 agp440 - ok
23:28:26.0860 0x04a0 [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
23:28:26.0876 0x04a0 ahcache - ok
23:28:26.0923 0x04a0 [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
23:28:26.0923 0x04a0 AJRouter - ok
23:28:26.0960 0x04a0 [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG C:\WINDOWS\System32\alg.exe
23:28:26.0976 0x04a0 ALG - ok
23:28:27.0038 0x04a0 [ 17DBF2825FFA6D66B1B3C55665721884, AE6369796BB1D586F76AF90F68CD34242F7FD586E8C2183474D154F384881511 ] AMD FUEL Service C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
23:28:27.0057 0x04a0 AMD FUEL Service - ok
23:28:27.0076 0x04a0 [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
23:28:27.0076 0x04a0 AmdK8 - ok
23:28:27.0123 0x04a0 [ B28145E732EDEBBEDABC311DBA56D52A, 43745C17A3AC2A7A6FB0DBF1A2158C6B365198581E8E3B1F7E7E9EE9763A2735 ] amdkmafd C:\WINDOWS\system32\drivers\amdkmafd.sys
23:28:27.0123 0x04a0 amdkmafd - ok
23:28:27.0160 0x04a0 amdkmdag - ok
23:28:27.0223 0x04a0 [ AD96CC96B6A0CEE8910A13679426C970, 18005892C57CF8F3B2F09C3DDEC10612EC9B1C14BB057196AAE209D2703FF06E ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
23:28:27.0260 0x04a0 amdkmdap - ok
23:28:27.0305 0x04a0 [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
23:28:27.0313 0x04a0 AmdPPM - ok
23:28:27.0382 0x04a0 [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
23:28:27.0388 0x04a0 amdsata - ok
23:28:27.0429 0x04a0 [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
23:28:27.0446 0x04a0 amdsbs - ok
23:28:27.0481 0x04a0 [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
23:28:27.0483 0x04a0 amdxata - ok
23:28:27.0531 0x04a0 [ A1434F35B7B171CB697D74D33F7D029F, 97688D8C388066D02036DEF388AD7D8BE55DB268185CECE88128195D87422496 ] amd_sata C:\WINDOWS\system32\drivers\amd_sata.sys
23:28:27.0536 0x04a0 amd_sata - ok
23:28:27.0560 0x04a0 [ E9B5A82FA268BB2D1B012030D5F4E096, 9EBE4DD2B86EE62D5E47ED85FC6271FE66A5A564227C7C8B7A576FD54A2CFACB ] amd_xata C:\WINDOWS\system32\drivers\amd_xata.sys
23:28:27.0560 0x04a0 amd_xata - ok
23:28:27.0596 0x04a0 [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
23:28:27.0600 0x04a0 AODDriver4.1 - ok
23:28:27.0676 0x04a0 [ ADFFD587A8CBDCEB0566521ACEF707DB, 17CF539B17FAAF4CC4306B6D2BBD36D80C93FB49A614293D7351A92445C6C1D0 ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
23:28:27.0681 0x04a0 AppHostSvc - ok
23:28:27.0720 0x04a0 [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID C:\WINDOWS\system32\drivers\appid.sys
23:28:27.0720 0x04a0 AppID - ok
23:28:27.0761 0x04a0 [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
23:28:27.0761 0x04a0 AppIDSvc - ok
23:28:27.0792 0x04a0 [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo C:\WINDOWS\System32\appinfo.dll
23:28:27.0808 0x04a0 Appinfo - ok
23:28:27.0858 0x04a0 [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
23:28:27.0877 0x04a0 AppReadiness - ok
23:28:28.0039 0x04a0 [ 0F3C165B71F8140F50A1DB5DE3E6D695, 7AD0F130088B3A964739C3194CF09E79B6B5D761B064071B9AC11D9B65F5D523 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
23:28:28.0139 0x04a0 AppXSvc - ok
23:28:28.0176 0x04a0 [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
23:28:28.0192 0x04a0 arcsas - ok
23:28:28.0339 0x04a0 [ 00B0FDD484914F388B5441285FDE24CB, 90AA8A12BB235BFC3A924F0E23BCEE8742817E3BC5A85E49D8AF8B52E8158ECB ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:28:28.0355 0x04a0 aspnet_state - ok
23:28:28.0392 0x04a0 [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
23:28:28.0392 0x04a0 AsyncMac - ok
23:28:28.0408 0x04a0 [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
23:28:28.0424 0x04a0 atapi - ok
23:28:28.0732 0x04a0 [ 3009647315A75D0BB08A6BFF8310FA70, FDBF7BE751C23EA40B6861D4EAD27007C81CA0A5AECBDAF9B6E4A39EC6F13625 ] athr C:\WINDOWS\System32\drivers\athw10x.sys
23:28:28.0932 0x04a0 athr - ok
23:28:29.0001 0x04a0 [ F06A4C6E131FD7D6E253FC0B6844298C, 431FEFB929D984C2573E186C65CE35385808FDB9795C776870AF39305E9465FA ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
23:28:29.0001 0x04a0 AtiHDAudioService - ok
23:28:29.0048 0x04a0 [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
23:28:29.0063 0x04a0 AudioEndpointBuilder - ok
23:28:29.0163 0x04a0 [ 2A2C0983B6FE62F02E7183335B1F5C20, 07845269FE72894D31D3FC927EECE26333AE9A2149A995DA4AE007276B05C647 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
23:28:29.0216 0x04a0 Audiosrv - ok
23:28:29.0279 0x04a0 [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
23:28:29.0279 0x04a0 AxInstSV - ok
23:28:29.0348 0x04a0 [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
23:28:29.0379 0x04a0 b06bdrv - ok
23:28:29.0416 0x04a0 [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
23:28:29.0432 0x04a0 BasicDisplay - ok
23:28:29.0448 0x04a0 [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
23:28:29.0448 0x04a0 BasicRender - ok
23:28:29.0479 0x04a0 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys
23:28:29.0479 0x04a0 bcmfn - ok
23:28:29.0500 0x04a0 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
23:28:29.0516 0x04a0 bcmfn2 - ok
23:28:29.0563 0x04a0 [ F374C27099807E99A156953F8416D34A, D267B8CD837290F9FC6B4FFD2DB8F54867D808FB155698FC7713BCAB3AE475B5 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
23:28:29.0579 0x04a0 BDESVC - ok
23:28:29.0616 0x04a0 [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
23:28:29.0632 0x04a0 Beep - ok
23:28:29.0716 0x04a0 [ 37F5E2385CB4D10AB42186974B9C241A, D38FA2B8CE19AC32056060F04B04D031F1621C07528DEDCCD5A8C01AB0A35995 ] BFE C:\WINDOWS\System32\bfe.dll
23:28:29.0747 0x04a0 BFE - ok
23:28:29.0863 0x04a0 [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS C:\WINDOWS\System32\qmgr.dll
23:28:29.0916 0x04a0 BITS - ok
23:28:29.0947 0x04a0 [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
23:28:29.0963 0x04a0 bowser - ok
23:28:30.0031 0x04a0 [ 492FB85E61768950CDD27C87AED6E8FA, 1BFF11D899581E406D1AB5F2C66C9D816161ECF4B81AAACCCA3663875E86C0A5 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
23:28:30.0063 0x04a0 BrokerInfrastructure - ok
23:28:30.0116 0x04a0 [ A617BE5E429A035A1CA8217C1B16F0BB, 197EE6C6EB22FF8A626540886F5A2163CC4CB177504C5423856F54BF01EB0FF1 ] Browser C:\WINDOWS\System32\browser.dll
23:28:30.0131 0x04a0 Browser - ok
23:28:30.0200 0x04a0 [ 39518DA803C2BCE04FCA2083879F077E, 244CCE64CAE1C8666BA25B07996997F57E6665D7E27FF15205C643D46A3A1D8F ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys
23:28:30.0231 0x04a0 BtFilter - ok
23:28:30.0278 0x04a0 [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
23:28:30.0278 0x04a0 BthAvrcpTg - ok
23:28:30.0331 0x04a0 [ FD74F7C4D04496FC46D2BB8464FA2CA4, 24F3750187D4A4CD3DB1451E358E36AC5169C83E794B6DFEF4E3D16BA2AC3951 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
23:28:30.0331 0x04a0 BthEnum - ok
23:28:30.0363 0x04a0 [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
23:28:30.0363 0x04a0 BthHFEnum - ok
23:28:30.0378 0x04a0 [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
23:28:30.0395 0x04a0 bthhfhid - ok
23:28:30.0431 0x04a0 [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
23:28:30.0447 0x04a0 BthHFSrv - ok
23:28:30.0500 0x04a0 [ 3B3BF88BB54CB9A18DE1EF07292B5A3D, 7B9C1E7E07435B976E4AE89425F10541E1DEB153172A375CBC2D03A4D7B7F3D2 ] BthLEEnum C:\WINDOWS\System32\drivers\BthLEEnum.sys
23:28:30.0516 0x04a0 BthLEEnum - ok
23:28:30.0568 0x04a0 [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
23:28:30.0574 0x04a0 BTHMODEM - ok
23:28:30.0612 0x04a0 [ 09C3DB1B137B269A822F941D867A6BB6, CC99FBD76DA19D951864D4967EA9F3C048811E9BB7BBB67B724FC82A50B14516 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
23:28:30.0620 0x04a0 BthPan - ok
23:28:30.0752 0x04a0 [ 2A0EF9AF5FD3FCCC25E17C47198D6E25, 4B548DD7235EF5EEC36AC443F9F44A042332BA01CB38B3D2E804618F2DC31813 ] BTHPORT C:\WINDOWS\System32\drivers\BTHport.sys
23:28:30.0816 0x04a0 BTHPORT - ok
23:28:30.0861 0x04a0 [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv C:\WINDOWS\system32\bthserv.dll
23:28:30.0867 0x04a0 bthserv - ok
23:28:30.0904 0x04a0 [ B13CB5CCEE91ACA77C985B8E0D53A7D4, 1DB76A52E30B3DCC0FAF8579A7D5A24AD010ACA7613FB00B541FDDED7BE3F08E ] BTHUSB C:\WINDOWS\System32\drivers\BTHUSB.sys
23:28:30.0909 0x04a0 BTHUSB - ok
23:28:30.0941 0x04a0 [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
23:28:30.0944 0x04a0 buttonconverter - ok
23:28:30.0984 0x04a0 [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
23:28:30.0991 0x04a0 CapImg - ok
23:28:31.0019 0x04a0 [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
23:28:31.0019 0x04a0 cdfs - ok
23:28:31.0082 0x04a0 [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
23:28:31.0101 0x04a0 CDPSvc - ok
23:28:31.0132 0x04a0 [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
23:28:31.0148 0x04a0 cdrom - ok
23:28:31.0189 0x04a0 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc C:\WINDOWS\System32\certprop.dll
23:28:31.0202 0x04a0 CertPropSvc - ok
23:28:31.0245 0x04a0 [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass C:\WINDOWS\System32\drivers\circlass.sys
23:28:31.0249 0x04a0 circlass - ok
23:28:31.0315 0x04a0 [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
23:28:31.0351 0x04a0 CLFS - ok
23:28:31.0425 0x04a0 [ F7526C133AC265F283012E9CD751F873, 6AABDD92FD880F49F63C1CC478C3D8291AF670802CEC58B32730E7675D858D88 ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
23:28:31.0457 0x04a0 ClipSVC - ok
23:28:31.0516 0x04a0 [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
23:28:31.0521 0x04a0 CmBatt - ok
23:28:31.0602 0x04a0 [ 3B866F8CB10719A5AF9E410B1B149714, B0A32B526290ED8E1DD93C70AB49DD417B82CA23D6B815163131247091D61DBA ] CNG C:\WINDOWS\system32\Drivers\cng.sys
23:28:31.0630 0x04a0 CNG - ok
23:28:31.0662 0x04a0 [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
23:28:31.0662 0x04a0 cnghwassist - ok
23:28:31.0748 0x04a0 [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
23:28:31.0748 0x04a0 CompositeBus - ok
23:28:31.0764 0x04a0 COMSysApp - ok
23:28:31.0817 0x04a0 [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
23:28:31.0817 0x04a0 condrv - ok
23:28:31.0901 0x04a0 [ DE6DF2C34718EADCFF8776E597F2104D, 35D03E95853CEAC69F674FB09C819A4698EBEDFD8AC0474F0ADF02741492401E ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
23:28:31.0948 0x04a0 CoreMessagingRegistrar - ok
23:28:32.0026 0x04a0 [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
23:28:32.0037 0x04a0 CryptSvc - ok
23:28:32.0078 0x04a0 [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam C:\WINDOWS\system32\drivers\dam.sys
23:28:32.0083 0x04a0 dam - ok
23:28:32.0359 0x04a0 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
23:28:32.0438 0x04a0 DcomLaunch - ok
23:28:32.0562 0x04a0 [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
23:28:32.0591 0x04a0 DcpSvc - ok
23:28:32.0655 0x04a0 [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
23:28:32.0686 0x04a0 defragsvc - ok
23:28:32.0743 0x04a0 [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
23:28:32.0775 0x04a0 DeviceAssociationService - ok
23:28:32.0845 0x04a0 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
23:28:32.0884 0x04a0 DeviceInstall - ok
23:28:32.0929 0x04a0 [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
23:28:32.0934 0x04a0 DevQueryBroker - ok
23:28:32.0992 0x04a0 [ 935823F79CBEDB91637B63D37E3A5A36, BE9A46F1CA631B9252C71758901D55456DC3C143053003D9FA7D67811A1E5026 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
23:28:33.0004 0x04a0 Dfsc - ok
23:28:33.0069 0x04a0 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
23:28:33.0077 0x04a0 dg_ssudbus - ok
23:28:33.0142 0x04a0 [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
23:28:33.0174 0x04a0 Dhcp - ok
23:28:33.0319 0x04a0 [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
23:28:33.0327 0x04a0 diagnosticshub.standardcollector.service - ok
23:28:33.0488 0x04a0 [ 15D174719872A30F2FDD6B5B1B8BA5D9, B0E6FF6FC47B731C204F110D4B768231906B144B31F602ECE8EAC24D70BA880D ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
23:28:33.0560 0x04a0 DiagTrack - ok
23:28:33.0652 0x04a0 [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk C:\WINDOWS\system32\drivers\disk.sys
23:28:33.0663 0x04a0 disk - ok
23:28:33.0739 0x04a0 [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
23:28:33.0770 0x04a0 DmEnrollmentSvc - ok
23:28:33.0806 0x04a0 [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
23:28:33.0810 0x04a0 dmvsc - ok
23:28:33.0857 0x04a0 [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
23:28:33.0864 0x04a0 dmwappushservice - ok
23:28:33.0928 0x04a0 [ 5839A317C25F70979433E0905DFABB1B, 7F1CD50C77A33A10259D8A208A355BE7ECAFEA69F810AD908EF8878A792741AF ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
23:28:33.0950 0x04a0 Dnscache - ok
23:28:34.0016 0x04a0 [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc C:\WINDOWS\System32\dot3svc.dll
23:28:34.0038 0x04a0 dot3svc - ok
23:28:34.0088 0x04a0 [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS C:\WINDOWS\system32\dps.dll
23:28:34.0101 0x04a0 DPS - ok
23:28:34.0165 0x04a0 [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud C:\WINDOWS\System32\drivers\drmkaud.sys
23:28:34.0168 0x04a0 drmkaud - ok
23:28:34.0243 0x04a0 [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
23:28:34.0259 0x04a0 DsmSvc - ok
23:28:34.0308 0x04a0 [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc C:\WINDOWS\System32\DsSvc.dll
23:28:34.0323 0x04a0 DsSvc - ok
23:28:34.0516 0x04a0 [ F45665E77D11F3C1552EDBEAD1559DC8, C7C4B493CB36A1A35B8CA33C044BA0ED273CDA80E36F48BFF7CE3A0356246838 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
23:28:34.0643 0x04a0 DXGKrnl - ok
23:28:34.0704 0x04a0 [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost C:\WINDOWS\System32\eapsvc.dll
23:28:34.0704 0x04a0 Eaphost - ok
23:28:34.0933 0x04a0 [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
23:28:35.0105 0x04a0 ebdrv - ok
23:28:35.0166 0x04a0 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS C:\WINDOWS\System32\lsass.exe
23:28:35.0181 0x04a0 EFS - ok
23:28:35.0231 0x04a0 [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
23:28:35.0234 0x04a0 EhStorClass - ok
23:28:35.0250 0x04a0 [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
23:28:35.0266 0x04a0 EhStorTcgDrv - ok
23:28:35.0334 0x04a0 [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
23:28:35.0342 0x04a0 embeddedmode - ok
23:28:35.0370 0x04a0 [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
23:28:35.0402 0x04a0 EntAppSvc - ok
23:28:35.0433 0x04a0 [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
23:28:35.0435 0x04a0 ErrDev - ok
23:28:35.0529 0x04a0 [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem C:\WINDOWS\system32\es.dll
23:28:35.0581 0x04a0 EventSystem - ok
23:28:35.0742 0x04a0 [ FE18DDEA98D90DBF850AFCA0158ABEC8, 8EC0099B560CC23DA6D26A71A202667D1A7C4BC37CE0F9F3458EA40440541D06 ] Everything C:\Program Files\Everything\Everything.exe
23:28:35.0803 0x04a0 Everything - ok
23:28:35.0855 0x04a0 [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
23:28:35.0871 0x04a0 exfat - ok
23:28:35.0918 0x04a0 [ 03DE0EC072C5EBD5B018CAD83F1E522A, 9D0B30A2870FBA20B95017CE3A4205F2DD53FE169A0D16715E962D83DE040FB3 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
23:28:35.0933 0x04a0 fastfat - ok
23:28:36.0018 0x04a0 [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax C:\WINDOWS\system32\fxssvc.exe
23:28:36.0055 0x04a0 Fax - ok
23:28:36.0086 0x04a0 [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
23:28:36.0086 0x04a0 fdc - ok
23:28:36.0118 0x04a0 [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
23:28:36.0118 0x04a0 fdPHost - ok
23:28:36.0152 0x04a0 [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub C:\WINDOWS\system32\fdrespub.dll
23:28:36.0155 0x04a0 FDResPub - ok
23:28:36.0186 0x04a0 [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc C:\WINDOWS\system32\fhsvc.dll
23:28:36.0202 0x04a0 fhsvc - ok
23:28:36.0233 0x04a0 [ 8F12AB59336143B680F71B217B495AD2, A28F62F065C68CC1A7EEF0CA52F83C3284B001565D8E154BF8568DE4A525104E ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
23:28:36.0253 0x04a0 FileCrypt - ok
23:28:36.0286 0x04a0 [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
23:28:36.0286 0x04a0 FileInfo - ok
23:28:36.0317 0x04a0 [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
23:28:36.0317 0x04a0 Filetrace - ok
23:28:36.0355 0x04a0 [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
23:28:36.0355 0x04a0 flpydisk - ok
23:28:36.0402 0x04a0 [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
23:28:36.0417 0x04a0 FltMgr - ok
23:28:36.0569 0x04a0 [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache C:\WINDOWS\system32\FntCache.dll
23:28:36.0655 0x04a0 FontCache - ok
23:28:36.0768 0x04a0 [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:28:36.0771 0x04a0 FontCache3.0.0.0 - ok
23:28:36.0817 0x04a0 [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
23:28:36.0822 0x04a0 FsDepends - ok
23:28:36.0855 0x04a0 [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:28:36.0860 0x04a0 Fs_Rec - ok
23:28:36.0921 0x04a0 [ 421497634C86EF4B8F86D0EBC076728F, E0D1449555D8849364E00AA747DBC820EF914A9F5B796E35070072FCBC532ADE ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
23:28:36.0955 0x04a0 fvevol - ok
23:28:36.0986 0x04a0 [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
23:28:36.0986 0x04a0 gagp30kx - ok
23:28:37.0033 0x04a0 [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
23:28:37.0033 0x04a0 gencounter - ok
23:28:37.0059 0x04a0 [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
23:28:37.0061 0x04a0 genericusbfn - ok
23:28:37.0120 0x04a0 [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
23:28:37.0138 0x04a0 GPIOClx0101 - ok
23:28:37.0258 0x04a0 [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
23:28:37.0325 0x04a0 gpsvc - ok
23:28:37.0351 0x04a0 [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
23:28:37.0353 0x04a0 GpuEnergyDrv - ok
23:28:37.0402 0x04a0 [ 7814A8ED32D5186BA651008AFFB55080, 1116694AD45DC53B987910DFD16909B69DEF754034E4C535AEE6340229CE5697 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:28:37.0402 0x04a0 gupdate - ok
23:28:37.0433 0x04a0 [ 7814A8ED32D5186BA651008AFFB55080, 1116694AD45DC53B987910DFD16909B69DEF754034E4C535AEE6340229CE5697 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:28:37.0433 0x04a0 gupdatem - ok
23:28:37.0471 0x04a0 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:28:37.0486 0x04a0 gusvc - ok
23:28:37.0533 0x04a0 [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
23:28:37.0533 0x04a0 HDAudBus - ok
23:28:37.0555 0x04a0 [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
23:28:37.0570 0x04a0 HidBatt - ok
23:28:37.0617 0x04a0 [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
23:28:37.0617 0x04a0 HidBth - ok
23:28:37.0633 0x04a0 [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
23:28:37.0650 0x04a0 hidi2c - ok
23:28:37.0670 0x04a0 [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
23:28:37.0670 0x04a0 hidinterrupt - ok
23:28:37.0686 0x04a0 [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
23:28:37.0702 0x04a0 HidIr - ok
23:28:37.0733 0x04a0 [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv C:\WINDOWS\system32\hidserv.dll
23:28:37.0751 0x04a0 hidserv - ok
23:28:37.0786 0x04a0 [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
23:28:37.0786 0x04a0 HidUsb - ok
23:28:37.0855 0x04a0 [ 2FEF4D90C0CAED258C93CFF72A8FFD71, 56473D90E9FE52849067D080FD88B29C0BBE76E5266657E2ABD6366B7A4E9474 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
23:28:37.0870 0x04a0 HomeGroupListener - ok
23:28:37.0933 0x04a0 [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
23:28:37.0970 0x04a0 HomeGroupProvider - ok
23:28:38.0125 0x04a0 [ 7B7DE6B3DC30F3246958F42C67A6F7BB, 4B66B90CFEC2231B905B21DECC4EC7C6500E546F080A452EF67E724EDF37ADD9 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
23:28:38.0175 0x04a0 hpqwmiex - ok
23:28:38.0238 0x04a0 [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
23:28:38.0238 0x04a0 HpSAMD - ok
23:28:38.0291 0x04a0 [ 2C884CBC1CC8804B771C845CD683BA84, 4BDCD012AB9D2ED0A2831BB01F77DB47B83565527C4964CA7BE6FC66917AC265 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
23:28:38.0291 0x04a0 HPSupportSolutionsFrameworkService - ok
23:28:38.0457 0x04a0 [ 63C3F74DC398A1C1A77E39DFB9C312CA, 283A13899838B4313BFBC406E832042696C549640A1AB11E23C0B9E499289836 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
23:28:38.0506 0x04a0 HTTP - ok
23:28:38.0556 0x04a0 [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
23:28:38.0559 0x04a0 hwpolicy - ok
23:28:38.0591 0x04a0 [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
23:28:38.0591 0x04a0 hyperkbd - ok
23:28:38.0622 0x04a0 [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
23:28:38.0637 0x04a0 i8042prt - ok
23:28:38.0659 0x04a0 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
23:28:38.0659 0x04a0 iai2c - ok
23:28:38.0706 0x04a0 [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
23:28:38.0706 0x04a0 iaLPSS2i_I2C - ok
23:28:38.0738 0x04a0 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
23:28:38.0738 0x04a0 iaLPSSi_GPIO - ok
23:28:38.0791 0x04a0 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
23:28:38.0791 0x04a0 iaLPSSi_I2C - ok
23:28:38.0859 0x04a0 [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
23:28:38.0906 0x04a0 iaStorAV - ok
23:28:38.0959 0x04a0 [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
23:28:38.0975 0x04a0 iaStorV - ok
23:28:39.0022 0x04a0 [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
23:28:39.0059 0x04a0 ibbus - ok
23:28:39.0109 0x04a0 [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc C:\WINDOWS\System32\tetheringservice.dll
23:28:39.0123 0x04a0 icssvc - ok
23:28:39.0142 0x04a0 IEEtwCollectorService - ok
23:28:39.0267 0x04a0 [ 95A03F67830FDCB950E70261128D540D, D052CB703500E2871CF51E015E444F2A99FA9A7579AC422104F0E411F6107BD0 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
23:28:39.0304 0x04a0 IKEEXT - ok
23:28:39.0629 0x04a0 [ 1B55E32AAF6DA714587D226A399C77FE, 2B1CEB276EAA6BE8B2D8C55474FB672C5D7441B3B17B01A43DECF8C68239FB1B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
23:28:39.0817 0x04a0 IntcAzAudAddService - ok
23:28:39.0886 0x04a0 [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide C:\WINDOWS\system32\drivers\intelide.sys
23:28:39.0886 0x04a0 intelide - ok
23:28:39.0917 0x04a0 [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
23:28:39.0917 0x04a0 intelpep - ok
23:28:39.0954 0x04a0 [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
23:28:39.0970 0x04a0 intelppm - ok
23:28:40.0001 0x04a0 [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos C:\WINDOWS\system32\drivers\ioqos.sys
23:28:40.0001 0x04a0 IoQos - ok
23:28:40.0017 0x04a0 [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:28:40.0034 0x04a0 IpFilterDriver - ok
23:28:40.0117 0x04a0 [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
23:28:40.0170 0x04a0 iphlpsvc - ok
23:28:40.0201 0x04a0 [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
23:28:40.0201 0x04a0 IPMIDRV - ok
23:28:40.0254 0x04a0 [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
23:28:40.0254 0x04a0 IPNAT - ok
23:28:40.0285 0x04a0 [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
23:28:40.0285 0x04a0 IRENUM - ok
23:28:40.0338 0x04a0 [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
23:28:40.0338 0x04a0 isapnp - ok
23:28:40.0370 0x04a0 [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
23:28:40.0385 0x04a0 iScsiPrt - ok
23:28:40.0417 0x04a0 [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
23:28:40.0417 0x04a0 kbdclass - ok
23:28:40.0454 0x04a0 [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
23:28:40.0454 0x04a0 kbdhid - ok
23:28:40.0470 0x04a0 [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
23:28:40.0485 0x04a0 kdnic - ok
23:28:40.0501 0x04a0 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso C:\WINDOWS\system32\lsass.exe
23:28:40.0517 0x04a0 KeyIso - ok
23:28:40.0538 0x04a0 [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
23:28:40.0538 0x04a0 KSecDD - ok
23:28:40.0601 0x04a0 [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
23:28:40.0601 0x04a0 KSecPkg - ok
23:28:40.0654 0x04a0 [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
23:28:40.0654 0x04a0 ksthunk - ok
23:28:40.0717 0x04a0 [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
23:28:40.0738 0x04a0 KtmRm - ok
23:28:40.0785 0x04a0 [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
23:28:40.0801 0x04a0 LanmanServer - ok
23:28:40.0838 0x04a0 [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
23:28:40.0870 0x04a0 LanmanWorkstation - ok
23:28:40.0901 0x04a0 [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
23:28:40.0901 0x04a0 lfsvc - ok
23:28:40.0917 0x04a0 [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
23:28:40.0935 0x04a0 LicenseManager - ok
23:28:40.0970 0x04a0 [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
23:28:40.0970 0x04a0 lltdio - ok
23:28:41.0016 0x04a0 [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
23:28:41.0038 0x04a0 lltdsvc - ok
23:28:41.0070 0x04a0 [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
23:28:41.0085 0x04a0 lmhosts - ok
23:28:41.0135 0x04a0 [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
23:28:41.0138 0x04a0 LSI_SAS - ok
23:28:41.0154 0x04a0 [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
23:28:41.0170 0x04a0 LSI_SAS2i - ok
23:28:41.0201 0x04a0 [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
23:28:41.0201 0x04a0 LSI_SAS3i - ok
23:28:41.0216 0x04a0 [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
23:28:41.0237 0x04a0 LSI_SSS - ok
23:28:41.0301 0x04a0 [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM C:\WINDOWS\System32\lsm.dll
23:28:41.0338 0x04a0 LSM - ok
23:28:41.0370 0x04a0 [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv C:\WINDOWS\system32\drivers\luafv.sys
23:28:41.0385 0x04a0 luafv - ok
23:28:41.0417 0x04a0 [ 9BC40C5A140B5F380042E391CC95993F, 4FFE8A6A473530CE171AC47C7E8D51B8C29BDC209E7129F66B06F8D40F07DAED ] MapsBroker C:\WINDOWS\System32\moshost.dll
23:28:41.0435 0x04a0 MapsBroker - ok
23:28:41.0470 0x04a0 [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
23:28:41.0470 0x04a0 megasas - ok
23:28:41.0538 0x04a0 [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr C:\WINDOWS\system32\drivers\megasr.sys
23:28:41.0554 0x04a0 megasr - ok
23:28:41.0616 0x04a0 [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
23:28:41.0616 0x04a0 MessagingService - ok
23:28:41.0753 0x04a0 [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
23:28:41.0800 0x04a0 mlx4_bus - ok
23:28:41.0838 0x04a0 [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
23:28:41.0838 0x04a0 MMCSS - ok
23:28:41.0869 0x04a0 [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem C:\WINDOWS\system32\drivers\modem.sys
23:28:41.0869 0x04a0 Modem - ok
23:28:41.0900 0x04a0 [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor C:\WINDOWS\System32\drivers\monitor.sys
23:28:41.0900 0x04a0 monitor - ok
23:28:41.0954 0x04a0 [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
23:28:41.0954 0x04a0 mouclass - ok
23:28:41.0969 0x04a0 [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
23:28:41.0985 0x04a0 mouhid - ok
23:28:42.0000 0x04a0 [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
23:28:42.0016 0x04a0 mountmgr - ok
23:28:42.0038 0x04a0 [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
23:28:42.0038 0x04a0 mpsdrv - ok
23:28:42.0135 0x04a0 [ 553F19DC6F3F73545CB17FCD7A8AE37B, 49ABB625EB9C2981254EEA1FE7858DF630BA2D65653CC91CD4FEEACF69C5392F ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
23:28:42.0169 0x04a0 MpsSvc - ok
23:28:42.0216 0x04a0 [ 2B9A1FF2450BAF7A795941BE471F16EF, DD213BACDAE4E3C4F89BFE54BCE77B2F66D12AA85949147AE8A31049876CAA3E ] MQAC C:\WINDOWS\system32\drivers\mqac.sys
23:28:42.0238 0x04a0 MQAC - ok
23:28:42.0269 0x04a0 [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
23:28:42.0284 0x04a0 MRxDAV - ok
23:28:42.0338 0x04a0 [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:28:42.0369 0x04a0 mrxsmb - ok
23:28:42.0432 0x04a0 [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
23:28:42.0438 0x04a0 mrxsmb10 - ok
23:28:42.0485 0x04a0 [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
23:28:42.0500 0x04a0 mrxsmb20 - ok
23:28:42.0537 0x04a0 [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
23:28:42.0538 0x04a0 MsBridge - ok
23:28:42.0585 0x04a0 [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
23:28:42.0585 0x04a0 MSDTC - ok
23:28:42.0616 0x04a0 [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
23:28:42.0633 0x04a0 Msfs - ok
23:28:42.0669 0x04a0 [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
23:28:42.0669 0x04a0 msgpiowin32 - ok
23:28:42.0700 0x04a0 [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
23:28:42.0700 0x04a0 mshidkmdf - ok
23:28:42.0716 0x04a0 [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
23:28:42.0733 0x04a0 mshidumdf - ok
23:28:42.0753 0x04a0 [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
23:28:42.0753 0x04a0 msisadrv - ok
23:28:42.0800 0x04a0 [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
23:28:42.0800 0x04a0 MSiSCSI - ok
23:28:42.0816 0x04a0 msiserver - ok
23:28:42.0853 0x04a0 [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
23:28:42.0853 0x04a0 MSKSSRV - ok
23:28:42.0900 0x04a0 [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
23:28:42.0900 0x04a0 MsLldp - ok
23:28:42.0938 0x04a0 [ 30130E99810283026C5FA2F57A4BB488, 3CF97CC2F63A7CDEA19C8B2DD73EED161309A7C334FF80567C18423F2DA34249 ] MSMQ C:\WINDOWS\system32\mqsvc.exe
23:28:42.0953 0x04a0 MSMQ - ok
23:28:42.0969 0x04a0 [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
23:28:42.0969 0x04a0 MSPCLOCK - ok
23:28:42.0985 0x04a0 [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
23:28:43.0000 0x04a0 MSPQM - ok
23:28:43.0053 0x04a0 [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
23:28:43.0069 0x04a0 MsRPC - ok
23:28:43.0100 0x04a0 [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
23:28:43.0100 0x04a0 mssmbios - ok
23:28:43.0116 0x04a0 [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
23:28:43.0132 0x04a0 MSTEE - ok
23:28:43.0153 0x04a0 [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
23:28:43.0153 0x04a0 MTConfig - ok
23:28:43.0185 0x04a0 [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
23:28:43.0185 0x04a0 Mup - ok
23:28:43.0216 0x04a0 [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
23:28:43.0233 0x04a0 mvumis - ok
23:28:43.0300 0x04a0 [ AA4CD20708B7E0412A5316D7E2875103, 4E60A0865B7656735F3AB34AF5FE48304138F47DE961D4D16661617D711DEBC0 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
23:28:43.0337 0x04a0 NativeWifiP - ok
23:28:43.0400 0x04a0 [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
23:28:43.0416 0x04a0 NcaSvc - ok
23:28:43.0453 0x04a0 [ 24146738C422814EEB2A98FF1FC5C6E1, 3C70C6768681CE63DED339822EFB36194037B987D92456B9E955061A3A3C63BC ] NcbService C:\WINDOWS\System32\ncbservice.dll
23:28:43.0469 0x04a0 NcbService - ok
23:28:43.0500 0x04a0 [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
23:28:43.0515 0x04a0 NcdAutoSetup - ok
23:28:43.0553 0x04a0 [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
23:28:43.0568 0x04a0 ndfltr - ok
23:28:43.0668 0x04a0 [ E582DA849A58524E645545FB68B6625D, B74E2CF078F6C575EFC4A2E4293D03FE6BA933307D656E0E57FFA17EF324948D ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
23:28:43.0737 0x04a0 NDIS - ok
23:28:43.0753 0x04a0 [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
23:28:43.0768 0x04a0 NdisCap - ok
23:28:43.0800 0x04a0 [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
23:28:43.0800 0x04a0 NdisImPlatform - ok
23:28:43.0834 0x04a0 [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:28:43.0836 0x04a0 NdisTapi - ok
23:28:43.0868 0x04a0 [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
23:28:43.0868 0x04a0 Ndisuio - ok
23:28:43.0900 0x04a0 [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
23:28:43.0900 0x04a0 NdisVirtualBus - ok
23:28:43.0937 0x04a0 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
23:28:43.0937 0x04a0 NdisWan - ok
23:28:43.0968 0x04a0 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:28:43.0968 0x04a0 ndiswanlegacy - ok
23:28:43.0984 0x04a0 [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
23:28:43.0999 0x04a0 ndproxy - ok
23:28:44.0068 0x04a0 [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
23:28:44.0084 0x04a0 Ndu - ok
23:28:44.0139 0x04a0 [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
23:28:44.0139 0x04a0 NetBIOS - ok
23:28:44.0186 0x04a0 [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
23:28:44.0201 0x04a0 NetBT - ok
23:28:44.0217 0x04a0 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon C:\WINDOWS\system32\lsass.exe
23:28:44.0233 0x04a0 Netlogon - ok
23:28:44.0271 0x04a0 [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman C:\WINDOWS\System32\netman.dll
23:28:44.0302 0x04a0 Netman - ok
23:28:44.0355 0x04a0 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:28:44.0386 0x04a0 NetMsmqActivator - ok
23:28:44.0402 0x04a0 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:28:44.0417 0x04a0 NetPipeActivator - ok
23:28:44.0502 0x04a0 [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
23:28:44.0534 0x04a0 netprofm - ok
23:28:44.0587 0x04a0 [ C5DEEC4F7ED591D1E322899ADC4EE45F, CA3BE40FA1216F77C6D5B9FD518378DB9561163BFDC90C8CB1C2C2EA4112B263 ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
23:28:44.0602 0x04a0 NetSetupSvc - ok
23:28:44.0639 0x04a0 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:28:44.0639 0x04a0 NetTcpActivator - ok
23:28:44.0655 0x04a0 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:28:44.0671 0x04a0 NetTcpPortSharing - ok
23:28:44.0718 0x04a0 [ 91B32D7036700BEED5343E1F6A7122CC, 8123CA398A79F0E69126F962AA29C2464FAB50182E961CB6A6ADB6CEA09A6732 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
23:28:44.0739 0x04a0 NgcCtnrSvc - ok
23:28:44.0802 0x04a0 [ C64B693DF26EB7BFF25F9BAD8B54D571, 12363E81B329D048E0148739AA542958F7CAF6FF3404BB001AF51850EF84338D ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
23:28:44.0839 0x04a0 NgcSvc - ok
23:28:44.0886 0x04a0 [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
23:28:44.0918 0x04a0 NlaSvc - ok
23:28:44.0955 0x04a0 [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
23:28:44.0971 0x04a0 Npfs - ok
23:28:45.0002 0x04a0 [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
23:28:45.0002 0x04a0 npsvctrig - ok
23:28:45.0034 0x04a0 [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi C:\WINDOWS\system32\nsisvc.dll
23:28:45.0039 0x04a0 nsi - ok
23:28:45.0055 0x04a0 [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
23:28:45.0055 0x04a0 nsiproxy - ok
23:28:45.0239 0x04a0 [ 19BD8A88AAC580592668B070AC0727D9, 60DB84895C40E6412BEB2D0E4D7F05891446B9DE992D70579CC90BA3FB27FC01 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
23:28:45.0370 0x04a0 NTFS - ok
23:28:45.0402 0x04a0 [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null C:\WINDOWS\system32\drivers\Null.sys
23:28:45.0417 0x04a0 Null - ok
23:28:45.0439 0x04a0 [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
23:28:45.0455 0x04a0 nvraid - ok
23:28:45.0470 0x04a0 [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
23:28:45.0486 0x04a0 nvstor - ok
23:28:45.0502 0x04a0 [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
23:28:45.0517 0x04a0 nv_agp - ok
23:28:45.0570 0x04a0 [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
23:28:45.0586 0x04a0 OneSyncSvc - ok
23:28:46.0156 0x04a0 [ 15DBED67D72057BDCD24097654DA5406, CE3C9D4D6177331341A039772688E7263E4A7CCEE85BB0AEF00779EBB23958B1 ] OO DiskImage C:\Program Files\OO Software\DiskImage\oodiag.exe
23:28:46.0526 0x04a0 OO DiskImage - ok
23:28:46.0590 0x04a0 [ C7E08B48206F455B5310D65D7C8CB13D, A97BD308118426CAE4A1A82E85D79784756C432C36BFE02FFBD024CB7B053DED ] oodisr C:\WINDOWS\system32\DRIVERS\oodisr.sys
23:28:46.0590 0x04a0 oodisr - ok
23:28:46.0606 0x04a0 [ 73D909163F39E393412A1F0A215BD8F9, 751F69FC1447BE727C12F9C25AB6C5F723E3D33A0482EE7F9661DE14B3A57715 ] oodisrh C:\WINDOWS\system32\DRIVERS\oodisrh.sys
23:28:46.0606 0x04a0 oodisrh - ok
23:28:46.0655 0x04a0 [ 985A8117829ABEA8BFD83805150DFA4B, 8D3BB089B903B87E29F856A02A46719449FE846DF9E4E0EE23716F9795A5AE78 ] oodivd C:\WINDOWS\system32\DRIVERS\oodivd.sys
23:28:46.0659 0x04a0 oodivd - ok
23:28:46.0675 0x04a0 [ EF5A29EB82449817D6C671BA6EA3D489, 91AB3ECC9AF58489313F98D32D45C15CDCED29E107AC8C1EBB90DA93C2CF9495 ] oodivdh C:\WINDOWS\system32\DRIVERS\oodivdh.sys
23:28:46.0675 0x04a0 oodivdh - ok
23:28:46.0754 0x04a0 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
23:28:46.0775 0x04a0 p2pimsvc - ok
23:28:46.0837 0x04a0 [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc C:\WINDOWS\system32\p2psvc.dll
23:28:46.0859 0x04a0 p2psvc - ok
23:28:46.0937 0x04a0 [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport C:\WINDOWS\System32\drivers\parport.sys
23:28:46.0958 0x04a0 Parport - ok
23:28:46.0975 0x04a0 [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
23:28:46.0990 0x04a0 partmgr - ok
23:28:47.0074 0x04a0 [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
23:28:47.0106 0x04a0 PcaSvc - ok
23:28:47.0137 0x04a0 [ 1D4E995955BDAE781C46CB97AE1CFB58, FF7475F19782CA253AA839DDB86E5AC20C5785D5CC1DD57D9FECBE4F5A5C0BFB ] pci C:\WINDOWS\system32\drivers\pci.sys
23:28:47.0159 0x04a0 pci - ok
23:28:47.0206 0x04a0 [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
23:28:47.0206 0x04a0 pciide - ok
23:28:47.0222 0x04a0 [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
23:28:47.0237 0x04a0 pcmcia - ok
23:28:47.0275 0x04a0 [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
23:28:47.0275 0x04a0 pcw - ok
23:28:47.0290 0x04a0 [ 48F3A3222CF340FE31535CB6D49C6D6F, 5F8904871219FA6C1BD74747583855B0FBCE42F340A3BE10270D8D3F02766E9D ] pdc C:\WINDOWS\system32\drivers\pdc.sys
23:28:47.0306 0x04a0 pdc - ok
23:28:47.0375 0x04a0 [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
23:28:47.0422 0x04a0 PEAUTH - ok
23:28:47.0437 0x04a0 [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
23:28:47.0437 0x04a0 percsas2i - ok
23:28:47.0459 0x04a0 [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
23:28:47.0459 0x04a0 percsas3i - ok
23:28:47.0574 0x04a0 [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
23:28:47.0574 0x04a0 PerfHost - ok
23:28:47.0674 0x04a0 [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
23:28:47.0721 0x04a0 PhoneSvc - ok
23:28:47.0759 0x04a0 [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
23:28:47.0774 0x04a0 PimIndexMaintenanceSvc - ok
23:28:47.0974 0x04a0 [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla C:\WINDOWS\system32\pla.dll
23:28:48.0058 0x04a0 pla - ok
23:28:48.0174 0x04a0 [ D1756AD36C8BC48728466E11FD7307B8, A229F406EFA65887E36F392329DBD9C377BEC70D6613EFE22A06FD402DCD9F4A ] PlaysService C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
23:28:48.0174 0x04a0 PlaysService - ok
23:28:48.0236 0x04a0 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
23:28:48.0236 0x04a0 PlugPlay - ok
23:28:48.0274 0x04a0 [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
23:28:48.0290 0x04a0 PNRPAutoReg - ok
23:28:48.0337 0x04a0 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
23:28:48.0359 0x04a0 PNRPsvc - ok
23:28:48.0421 0x04a0 [ 5A91C28F99043215121499257468C4BD, 816D2AEBA29B8A050747E01CE11EB12A05C1CDDF91835C44BBB6A7B9D348B15A ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
23:28:48.0455 0x04a0 PolicyAgent - ok
23:28:48.0490 0x04a0 [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power C:\WINDOWS\system32\umpo.dll
23:28:48.0490 0x04a0 Power - ok
23:28:48.0537 0x04a0 [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
23:28:48.0537 0x04a0 PptpMiniport - ok
23:28:48.0821 0x04a0 [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
23:28:49.0065 0x04a0 PrintNotify - ok
23:28:49.0143 0x04a0 [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor C:\WINDOWS\System32\drivers\processr.sys
23:28:49.0149 0x04a0 Processor - ok
23:28:49.0196 0x04a0 [ 7E0078F1EFEB6F8F47CF85C1D73C7EBC, 831BC3CE72F29AD259DEE7121D6F785CE0A8462CFB69DD7FB1F3BDAF16CDBF3E ] ProfSvc C:\WINDOWS\system32\profsvc.dll
23:28:49.0227 0x04a0 ProfSvc - ok
23:28:49.0264 0x04a0 [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched C:\WINDOWS\system32\drivers\pacer.sys
23:28:49.0280 0x04a0 Psched - ok
23:28:49.0349 0x04a0 [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE C:\WINDOWS\system32\qwave.dll
23:28:49.0364 0x04a0 QWAVE - ok
23:28:49.0380 0x04a0 [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
23:28:49.0396 0x04a0 QWAVEdrv - ok
23:28:49.0427 0x04a0 [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:28:49.0427 0x04a0 RasAcd - ok
23:28:49.0470 0x04a0 [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
23:28:49.0470 0x04a0 RasAgileVpn - ok
23:28:49.0501 0x04a0 [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto C:\WINDOWS\System32\rasauto.dll
23:28:49.0517 0x04a0 RasAuto - ok
23:28:49.0548 0x04a0 [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
23:28:49.0548 0x04a0 Rasl2tp - ok][/CODE]

Monstera 22.04.2016 23:08
und hier Teil 3.2
Code:
23:28:49.0627 0x04a0  [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan          C:\WINDOWS\System32\rasmans.dll
23:28:49.0664 0x04a0  RasMan - ok
23:28:49.0695 0x04a0  [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:28:49.0711 0x04a0  RasPppoe - ok
23:28:49.0727 0x04a0  [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp        C:\WINDOWS\System32\drivers\rassstp.sys
23:28:49.0745 0x04a0  RasSstp - ok
23:28:49.0780 0x04a0  [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss          C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:28:49.0811 0x04a0  rdbss - ok
23:28:49.0827 0x04a0  [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
23:28:49.0827 0x04a0  rdpbus - ok
23:28:49.0874 0x04a0  [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR          C:\WINDOWS\system32\drivers\rdpdr.sys
23:28:49.0887 0x04a0  RDPDR - ok
23:28:49.0932 0x04a0  [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
23:28:49.0937 0x04a0  RdpVideoMiniport - ok
23:28:50.0005 0x04a0  [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
23:28:50.0019 0x04a0  rdyboost - ok
23:28:50.0095 0x04a0  [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
23:28:50.0164 0x04a0  ReFSv1 - ok
23:28:50.0226 0x04a0  [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
23:28:50.0264 0x04a0  RemoteAccess - ok
23:28:50.0311 0x04a0  [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
23:28:50.0326 0x04a0  RemoteRegistry - ok
23:28:50.0442 0x04a0  [ 518A992A6700A86A47F79388F91737C0, 29B5D48F1E360714F9BCB26939AD49ED07F6D9C82E0DB5C9C6AF5B0BBFF04341 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
23:28:50.0495 0x04a0  RetailDemo - ok
23:28:50.0548 0x04a0  [ AEEF76F938188EBF27DF70C1806877F2, 08560C5DE13EBC46EE77F369E92B89350135D5E01A2AF61AA2EA46BEC41EEDD6 ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
23:28:50.0548 0x04a0  RFCOMM - ok
23:28:50.0595 0x04a0  [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
23:28:50.0610 0x04a0  RpcEptMapper - ok
23:28:50.0647 0x04a0  [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator      C:\WINDOWS\system32\locator.exe
23:28:50.0647 0x04a0  RpcLocator - ok
23:28:50.0726 0x04a0  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs          C:\WINDOWS\system32\rpcss.dll
23:28:50.0779 0x04a0  RpcSs - ok
23:28:50.0844 0x04a0  [ C8173EAA7EDAC1DB9063139A5FD57BF4, 0BF33C42C03A870D95E2556AC37D0ADC42C848C57E7B087A4058829065A855AD ] RSP2STOR        C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys
23:28:50.0848 0x04a0  RSP2STOR - ok
23:28:50.0895 0x04a0  [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
23:28:50.0895 0x04a0  rspndr - ok
23:28:50.0958 0x04a0  [ FBEFF38DE03450E03E6CD9E8E37A8C74, C1C0876785DB4366D67792A3AFA219FC933FC1894AF93D07B0016BBCC81A5886 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
23:28:50.0990 0x04a0  rt640x64 - ok
23:28:51.0005 0x04a0  [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap          C:\WINDOWS\System32\drivers\vms3cap.sys
23:28:51.0005 0x04a0  s3cap - ok
23:28:51.0037 0x04a0  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs          C:\WINDOWS\system32\lsass.exe
23:28:51.0043 0x04a0  SamSs - ok
23:28:51.0079 0x04a0  [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
23:28:51.0079 0x04a0  sbp2port - ok
23:28:51.0144 0x04a0  [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
23:28:51.0148 0x04a0  SCardSvr - ok
23:28:51.0195 0x04a0  [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
23:28:51.0210 0x04a0  ScDeviceEnum - ok
23:28:51.0248 0x04a0  [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
23:28:51.0248 0x04a0  scfilter - ok
23:28:51.0342 0x04a0  [ EA195B8BC11C1CDB313CFD456EFFA0E9, EEDF349C59ED0645B04040707906BB4496527243858C2A6BE46BE7029B4A7F37 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
23:28:51.0395 0x04a0  Schedule - ok
23:28:51.0445 0x04a0  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc    C:\WINDOWS\System32\certprop.dll
23:28:51.0448 0x04a0  SCPolicySvc - ok
23:28:51.0495 0x04a0  [ B24408471C1BCB17FC44F5B47EA8DEA3, 1CFE07C793F2A3D883E9071B8703C01A7619C8C0A02AAEBAA1130F36654AFD4F ] sdbus          C:\WINDOWS\System32\drivers\sdbus.sys
23:28:51.0510 0x04a0  sdbus - ok
23:28:51.0564 0x04a0  [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
23:28:51.0579 0x04a0  SDRSVC - ok
23:28:51.0610 0x04a0  [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
23:28:51.0610 0x04a0  sdstor - ok
23:28:51.0664 0x04a0  [ EBD07BD20B5E0E92A398566EF8720F79, 8A88C861D4113B9938C32CBD28FD3D7F1C3133E700E23E17F5DFD7B26CCDA04A ] seclogon        C:\WINDOWS\system32\seclogon.dll
23:28:51.0664 0x04a0  seclogon - ok
23:28:51.0710 0x04a0  [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS            C:\WINDOWS\System32\sens.dll
23:28:51.0710 0x04a0  SENS - ok
23:28:51.0848 0x04a0  [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
23:28:51.0910 0x04a0  SensorDataService - ok
23:28:51.0979 0x04a0  [ 45D26646E3AD737E5DE3DB91CCCE7DBA, B05AB32700998C8347BC5797B18EB97F303FCB2302BED852348F2703DEDE72F9 ] SensorService  C:\WINDOWS\system32\SensorService.dll
23:28:51.0995 0x04a0  SensorService - ok
23:28:52.0026 0x04a0  [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
23:28:52.0048 0x04a0  SensrSvc - ok
23:28:52.0095 0x04a0  [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx          C:\WINDOWS\system32\drivers\SerCx.sys
23:28:52.0095 0x04a0  SerCx - ok
23:28:52.0148 0x04a0  [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
23:28:52.0148 0x04a0  SerCx2 - ok
23:28:52.0180 0x04a0  [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum        C:\WINDOWS\System32\drivers\serenum.sys
23:28:52.0180 0x04a0  Serenum - ok
23:28:52.0227 0x04a0  [ 249A563C48DFD9E42A37587653E003BB, D022FAE2B7AC9D99B9F230A4DF0B045891588162587E1F468B5E05C8DA98AA9A ] Serial          C:\WINDOWS\System32\drivers\serial.sys
23:28:52.0244 0x04a0  Serial - ok
23:28:52.0280 0x04a0  [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
23:28:52.0280 0x04a0  sermouse - ok
23:28:52.0380 0x04a0  [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
23:28:52.0395 0x04a0  SessionEnv - ok
23:28:52.0448 0x04a0  [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy        C:\WINDOWS\System32\drivers\sfloppy.sys
23:28:52.0448 0x04a0  sfloppy - ok
23:28:52.0511 0x04a0  [ F8083C536BEDE61AFB4069D8A8C16DA7, 13AADAD7B5582911B8ABBE0CF7132CC517F7413A361CCF8ED502F803D061FFA3 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
23:28:52.0547 0x04a0  SharedAccess - ok
23:28:52.0595 0x04a0  [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:28:52.0646 0x04a0  ShellHWDetection - ok
23:28:52.0680 0x04a0  [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
23:28:52.0680 0x04a0  SiSRaid2 - ok
23:28:52.0711 0x04a0  [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
23:28:52.0711 0x04a0  SiSRaid4 - ok
23:28:52.0795 0x04a0  [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate    C:\Program Files (x86)\Skype\Updater\Updater.exe
23:28:52.0811 0x04a0  SkypeUpdate - ok
23:28:52.0879 0x04a0  [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost        C:\WINDOWS\System32\smphost.dll
23:28:52.0879 0x04a0  smphost - ok
23:28:52.0948 0x04a0  [ F07301C282AA222C33F8C28B4F545275, 2938943A3A62B33C8296DF3B57897D32293F5395A5E2A01C76B0160A98C12520 ] SmsRouter      C:\WINDOWS\system32\SmsRouterSvc.dll
23:28:52.0979 0x04a0  SmsRouter - ok
23:28:53.0043 0x04a0  [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
23:28:53.0048 0x04a0  SNMPTRAP - ok
23:28:53.0148 0x04a0  [ 9452D158D5947086D0077177EF44A54E, 06DC3B7D89213AE4EE2454EA7475B107DB5C3A279D577195D22785C878B06527 ] Soda PDF 3D Reader Helper Service C:\Program Files (x86)\Soda PDF 3D Reader\HelperService.exe
23:28:53.0210 0x04a0  Soda PDF 3D Reader Helper Service - ok
23:28:53.0263 0x04a0  [ A02ED0304D5A679224D7D1BDE1BE91ED, 4BE563CDFB6FFF4D949459A977DF1ABA6F31FA89CEC5F8ECF923AEB0E7C10FC6 ] Soda PDF 3D Reader Service C:\Program Files (x86)\Soda PDF 3D Reader\ConversionService.exe
23:28:53.0310 0x04a0  Soda PDF 3D Reader Service - ok
23:28:53.0379 0x04a0  [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport      C:\WINDOWS\system32\drivers\spaceport.sys
23:28:53.0410 0x04a0  spaceport - ok
23:28:53.0426 0x04a0  [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx          C:\WINDOWS\system32\drivers\SpbCx.sys
23:28:53.0445 0x04a0  SpbCx - ok
23:28:53.0510 0x04a0  [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler        C:\WINDOWS\System32\spoolsv.exe
23:28:53.0563 0x04a0  Spooler - ok
23:28:53.0694 0x1e30  Object required for P2P: [ 2619DC483579DB9FE804044C1ADFFD1A ] dam
23:28:53.0997 0x04a0  [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
23:28:54.0320 0x04a0  sppsvc - ok
23:28:54.0377 0x04a0  [ ACC1709EC7FE6EB8999DBC91C50C2B34, 83ABF51751A264291C53A32B86239A607361E56CB045CD2CBE6E41DBB8A01F54 ] srv            C:\WINDOWS\system32\DRIVERS\srv.sys
23:28:54.0408 0x04a0  srv - ok
23:28:54.0455 0x04a0  [ AFBCFC946FAE7483E27BD316D03F94A5, CC9478EA717E85C38304957E923997821DFE2A995D7C8DF98C15267D952BEFBE ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
23:28:54.0493 0x04a0  srv2 - ok
23:28:54.0555 0x04a0  [ 107C1EBE79710E4A759449BD6604245A, 963D693F4E61EDC7B3AA9006CC274D56E577CE0035A61DDB2A6DE72116D5C52B ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
23:28:54.0577 0x04a0  srvnet - ok
23:28:54.0640 0x04a0  [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV        C:\WINDOWS\System32\ssdpsrv.dll
23:28:54.0656 0x04a0  SSDPSRV - ok
23:28:54.0709 0x04a0  [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc        C:\WINDOWS\system32\sstpsvc.dll
23:28:54.0724 0x04a0  SstpSvc - ok
23:28:54.0793 0x04a0  [ 9B74226E10CD57E965F87014841016F9, 95C76049DBBF3B31A9B01CFD0EDAAC47DE9A1F096B61D05C47FB85E1AFC07288 ] ssudmdm        C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
23:28:54.0809 0x04a0  ssudmdm - ok
23:28:55.0009 0x04a0  [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
23:28:55.0140 0x04a0  StateRepository - ok
23:28:55.0209 0x04a0  [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
23:28:55.0209 0x04a0  stexstor - ok
23:28:55.0293 0x04a0  [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
23:28:55.0325 0x04a0  stisvc - ok
23:28:55.0356 0x04a0  [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
23:28:55.0377 0x04a0  storahci - ok
23:28:55.0409 0x04a0  [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt        C:\WINDOWS\system32\drivers\vmstorfl.sys
23:28:55.0409 0x04a0  storflt - ok
23:28:55.0440 0x04a0  [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
23:28:55.0440 0x04a0  stornvme - ok
23:28:55.0478 0x04a0  [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
23:28:55.0478 0x04a0  storqosflt - ok
23:28:55.0556 0x04a0  [ E5C3042B68D4EA89B3C52E150E553DA0, 83428E8EFC584778745F6B30F6F8FD96A645AD33F39AA955E97F9A0D458847B1 ] StorSvc        C:\WINDOWS\system32\storsvc.dll
23:28:55.0593 0x04a0  StorSvc - ok
23:28:55.0625 0x04a0  [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs        C:\WINDOWS\system32\drivers\storufs.sys
23:28:55.0625 0x04a0  storufs - ok
23:28:55.0640 0x04a0  [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc        C:\WINDOWS\system32\drivers\storvsc.sys
23:28:55.0656 0x04a0  storvsc - ok
23:28:55.0693 0x04a0  [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc          C:\WINDOWS\system32\svsvc.dll
23:28:55.0693 0x04a0  svsvc - ok
23:28:55.0725 0x04a0  [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
23:28:55.0725 0x04a0  swenum - ok
23:28:55.0778 0x04a0  [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv          C:\WINDOWS\System32\swprv.dll
23:28:55.0809 0x04a0  swprv - ok
23:28:55.0840 0x04a0  [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
23:28:55.0856 0x04a0  Synth3dVsc - ok
23:28:55.0909 0x04a0  [ 3F45C3FE208CA5E68832B65C597A35A6, EACE9AAFC01C2BA52F4DA129AEF7BFA3CF7F10146E4F4330CD344BFC39DC959C ] SynTP          C:\WINDOWS\system32\DRIVERS\SynTP.sys
23:28:55.0925 0x04a0  SynTP - ok
23:28:56.0040 0x04a0  [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain        C:\WINDOWS\system32\sysmain.dll
23:28:56.0093 0x04a0  SysMain - ok
23:28:56.0156 0x04a0  [ AF2C8D7C1D4DCFD5C31501F009DF42B7, 3DDF9353F014EE99B031BBC969620CA07647FBB8D78EB4697C8D633021B46B11 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
23:28:56.0178 0x04a0  SystemEventsBroker - ok
23:28:56.0224 0x04a0  [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
23:28:56.0240 0x04a0  TabletInputService - ok
23:28:56.0277 0x04a0  [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv        C:\WINDOWS\System32\tapisrv.dll
23:28:56.0293 0x04a0  TapiSrv - ok
23:28:56.0324 0x1e30  Object send P2P result: true
23:28:56.0356 0x1e30  Object required for P2P: [ 9A2A2F3C69B9A30B6E78536F6D258BAD ] iai2c
23:28:56.0474 0x04a0  [ 083A727D784009F9CCFB120C7841B7AF, 14242ECC3EB17154AD856A2C5229324BA6914291F4E2CD93E6AE251A31130448 ] Tcpip          C:\WINDOWS\system32\drivers\tcpip.sys
23:28:56.0589 0x04a0  Tcpip - ok
23:28:56.0806 0x04a0  [ 083A727D784009F9CCFB120C7841B7AF, 14242ECC3EB17154AD856A2C5229324BA6914291F4E2CD93E6AE251A31130448 ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
23:28:56.0924 0x04a0  Tcpip6 - ok
23:28:56.0958 0x04a0  [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
23:28:56.0958 0x04a0  tcpipreg - ok
23:28:57.0020 0x04a0  [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx            C:\WINDOWS\system32\DRIVERS\tdx.sys
23:28:57.0020 0x04a0  tdx - ok
23:28:57.0074 0x04a0  [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
23:28:57.0074 0x04a0  terminpt - ok
23:28:57.0174 0x04a0  [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService    C:\WINDOWS\System32\termsrv.dll
23:28:57.0236 0x04a0  TermService - ok
23:28:57.0258 0x04a0  [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes          C:\WINDOWS\system32\themeservice.dll
23:28:57.0258 0x04a0  Themes - ok
23:28:57.0320 0x04a0  [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
23:28:57.0336 0x04a0  TieringEngineService - ok
23:28:57.0405 0x04a0  [ 62300878366762EABAC7834543964A6E, 84E3DE6C93B31CBA71BA90669EB52C3122774E0EF803390EE8A483164D2CFE18 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
23:28:57.0436 0x04a0  tiledatamodelsvc - ok
23:28:57.0473 0x04a0  [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
23:28:57.0489 0x04a0  TimeBroker - ok
23:28:57.0536 0x04a0  [ 169B0A246067457FEF8A18EED7EED9D5, BF5AC0CB29E1E456253B881CD0608B578D7343E9DFE1738A14598D1DFFE1AB66 ] TPM            C:\WINDOWS\System32\drivers\tpm.sys
23:28:57.0558 0x04a0  TPM - ok
23:28:57.0605 0x04a0  [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks          C:\WINDOWS\System32\trkwks.dll
23:28:57.0605 0x04a0  TrkWks - ok
23:28:57.0674 0x04a0  [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
23:28:57.0690 0x04a0  TrustedInstaller - ok
23:28:57.0721 0x04a0  [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
23:28:57.0721 0x04a0  tsusbflt - ok
23:28:57.0755 0x04a0  [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD        C:\WINDOWS\System32\drivers\TsUsbGD.sys
23:28:57.0758 0x04a0  TsUsbGD - ok
23:28:57.0805 0x04a0  [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
23:28:57.0805 0x04a0  tunnel - ok
23:28:57.0858 0x04a0  [ 56C238ACFE4CB020D3E38508249039EA, 172868080F07D98175229A02410FE751B5958ED5A3D567D4AE5736F4025DF432 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
23:28:57.0874 0x04a0  tzautoupdate - ok
23:28:57.0890 0x04a0  [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
23:28:57.0890 0x04a0  uagp35 - ok
23:28:57.0937 0x04a0  [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
23:28:57.0937 0x04a0  UASPStor - ok
23:28:57.0974 0x04a0  [ 3995CC3DEDED258768B8EBC2F4C0DC73, 130E99EF13EB494B8BB6A8E037DD8D59C195190EA3C27CA9E3A695AF4349DC7C ] UcmCx0101      C:\WINDOWS\system32\Drivers\UcmCx.sys
23:28:57.0974 0x04a0  UcmCx0101 - ok
23:28:58.0005 0x04a0  [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi        C:\WINDOWS\System32\drivers\UcmUcsi.sys
23:28:58.0005 0x04a0  UcmUcsi - ok
23:28:58.0037 0x04a0  [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
23:28:58.0058 0x04a0  Ucx01000 - ok
23:28:58.0074 0x04a0  [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx          C:\WINDOWS\system32\drivers\udecx.sys
23:28:58.0074 0x04a0  UdeCx - ok
23:28:58.0137 0x04a0  [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
23:28:58.0158 0x04a0  udfs - ok
23:28:58.0174 0x04a0  [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
23:28:58.0190 0x04a0  UEFI - ok
23:28:58.0236 0x04a0  [ 28B8E1C6CBCF9FFE2FABFF3160C26ADF, 1C90E6C4E17C9B5555151943970BB6CC196E7EFC6665D9B9DCBB1EC51C70C715 ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
23:28:58.0255 0x04a0  Ufx01000 - ok
23:28:58.0274 0x04a0  [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea    C:\WINDOWS\System32\drivers\UfxChipidea.sys
23:28:58.0274 0x04a0  UfxChipidea - ok
23:28:58.0321 0x04a0  [ DB630FC660443D63EBAB2C830C298EFE, 7698772FF9C988DF752DF3FAF1B154E923EBA425B92F288ABB6EF0805ABD3296 ] ufxsynopsys    C:\WINDOWS\System32\drivers\ufxsynopsys.sys
23:28:58.0336 0x04a0  ufxsynopsys - ok
23:28:58.0389 0x04a0  [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect      C:\WINDOWS\system32\UI0Detect.exe
23:28:58.0389 0x04a0  UI0Detect - ok
23:28:58.0421 0x04a0  [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
23:28:58.0421 0x04a0  uliagpkx - ok
23:28:58.0458 0x04a0  [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus          C:\WINDOWS\System32\drivers\umbus.sys
23:28:58.0458 0x04a0  umbus - ok
23:28:58.0474 0x04a0  [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
23:28:58.0490 0x04a0  UmPass - ok
23:28:58.0521 0x04a0  [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
23:28:58.0553 0x04a0  UmRdpService - ok
23:28:58.0658 0x04a0  [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc    C:\WINDOWS\System32\unistore.dll
23:28:58.0720 0x04a0  UnistoreSvc - ok
23:28:58.0820 0x04a0  [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost        C:\WINDOWS\System32\upnphost.dll
23:28:58.0855 0x04a0  upnphost - ok
23:28:58.0858 0x1e30  Object send P2P result: true
23:28:58.0858 0x1e30  Object required for P2P: [ 59A20F5AD9F4AE54098154359519408E ] iaLPSS2i_I2C
23:28:58.0889 0x04a0  [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea    C:\WINDOWS\System32\drivers\urschipidea.sys
23:28:58.0889 0x04a0  UrsChipidea - ok
23:28:58.0921 0x04a0  [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
23:28:58.0921 0x04a0  UrsCx01000 - ok
23:28:58.0936 0x04a0  [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys    C:\WINDOWS\System32\drivers\urssynopsys.sys
23:28:58.0954 0x04a0  UrsSynopsys - ok
23:28:58.0973 0x04a0  [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp        C:\WINDOWS\System32\drivers\usbccgp.sys
23:28:58.0989 0x04a0  usbccgp - ok
23:28:59.0021 0x04a0  [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
23:28:59.0021 0x04a0  usbcir - ok
23:28:59.0073 0x04a0  [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci        C:\WINDOWS\System32\drivers\usbehci.sys
23:28:59.0073 0x04a0  usbehci - ok
23:28:59.0120 0x04a0  [ 33A58C5630200E17B51C8D73DD64181B, 75707B7E5CE686119CA430944477C9A6DBD5AA4211FDDECFF0986EACA65975B3 ] usbfilter      C:\WINDOWS\system32\DRIVERS\usbfilter.sys
23:28:59.0120 0x04a0  usbfilter - ok
23:28:59.0189 0x04a0  [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
23:28:59.0220 0x04a0  usbhub - ok
23:28:59.0273 0x04a0  [ B7E1CAA9429E4C3E7E01CB35B97E1536, 11A6431C27821F247202AC9F18441FEA26544630461522C129F1671257C527BA ] USBHUB3        C:\WINDOWS\System32\drivers\UsbHub3.sys
23:28:59.0305 0x04a0  USBHUB3 - ok
23:28:59.0357 0x04a0  [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci        C:\WINDOWS\System32\drivers\usbohci.sys
23:28:59.0358 0x04a0  usbohci - ok
23:28:59.0374 0x04a0  [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
23:28:59.0374 0x04a0  usbprint - ok
23:28:59.0421 0x04a0  [ F259A45D6B555B14CC8365AA6BC8DC20, 28A588656449307F6E9C999BE5D73E34A2542A5771F4B504D9D36B9F93F32303 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
23:28:59.0421 0x04a0  usbser - ok
23:28:59.0458 0x04a0  [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR        C:\WINDOWS\System32\drivers\USBSTOR.SYS
23:28:59.0458 0x04a0  USBSTOR - ok
23:28:59.0505 0x04a0  [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci        C:\WINDOWS\System32\drivers\usbuhci.sys
23:28:59.0505 0x04a0  usbuhci - ok
23:28:59.0558 0x04a0  [ 4B13B61CBB9CC3CB373C60B930D648F5, C79D10A1BF2B6BF141DD37A90BCCA0E1F2AF31B5028BB21537A8EE6EED630F5B ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
23:28:59.0574 0x04a0  usbvideo - ok
23:28:59.0636 0x04a0  [ 9E9D58F5E1702955B2F4D62996F80E8E, 6C21C250B9D98346D0D5CB7D6C11AB120A1D195C28313BDB0CE532663F0114E2 ] USBXHCI        C:\WINDOWS\System32\drivers\USBXHCI.SYS
23:28:59.0659 0x04a0  USBXHCI - ok
23:28:59.0790 0x04a0  [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc    C:\WINDOWS\System32\userdataservice.dll
23:28:59.0868 0x04a0  UserDataSvc - ok
23:28:59.0994 0x04a0  [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager    C:\WINDOWS\System32\usermgr.dll
23:29:00.0044 0x04a0  UserManager - ok
23:29:00.0100 0x04a0  [ 05F4CB5991D897E4253BF61FA5E828F8, 25B5B6751B4455491E9A050DF5C12F788B5677F70FB4844E0BF851090AC1F74C ] UsoSvc          C:\WINDOWS\system32\usocore.dll
23:29:00.0131 0x04a0  UsoSvc - ok
23:29:00.0147 0x04a0  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
23:29:00.0166 0x04a0  VaultSvc - ok
23:29:00.0200 0x04a0  [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
23:29:00.0200 0x04a0  vdrvroot - ok
23:29:00.0284 0x04a0  [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds            C:\WINDOWS\System32\vds.exe
23:29:00.0315 0x04a0  vds - ok
23:29:00.0363 0x04a0  [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt    C:\WINDOWS\system32\drivers\VerifierExt.sys
23:29:00.0368 0x04a0  VerifierExt - ok
23:29:00.0431 0x04a0  [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp          C:\WINDOWS\System32\drivers\vhdmp.sys
23:29:00.0468 0x04a0  vhdmp - ok
23:29:00.0500 0x04a0  [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf            C:\WINDOWS\System32\drivers\vhf.sys
23:29:00.0500 0x04a0  vhf - ok
23:29:00.0531 0x04a0  [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus          C:\WINDOWS\system32\drivers\vmbus.sys
23:29:00.0531 0x04a0  vmbus - ok
23:29:00.0547 0x04a0  [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
23:29:00.0562 0x04a0  VMBusHID - ok
23:29:00.0615 0x04a0  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
23:29:00.0646 0x04a0  vmicguestinterface - ok
23:29:00.0699 0x04a0  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat  C:\WINDOWS\System32\ICSvc.dll
23:29:00.0731 0x04a0  vmicheartbeat - ok
23:29:00.0784 0x04a0  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
23:29:00.0799 0x04a0  vmickvpexchange - ok
23:29:00.0863 0x04a0  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv        C:\WINDOWS\System32\ICSvc.dll
23:29:00.0884 0x04a0  vmicrdv - ok
23:29:00.0931 0x04a0  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
23:29:00.0968 0x04a0  vmicshutdown - ok
23:29:01.0015 0x04a0  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
23:29:01.0031 0x04a0  vmictimesync - ok
23:29:01.0084 0x04a0  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession  C:\WINDOWS\System32\ICSvc.dll
23:29:01.0115 0x04a0  vmicvmsession - ok
23:29:01.0168 0x04a0  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss        C:\WINDOWS\System32\ICSvc.dll
23:29:01.0199 0x04a0  vmicvss - ok
23:29:01.0231 0x04a0  [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
23:29:01.0246 0x04a0  volmgr - ok
23:29:01.0283 0x04a0  [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx        C:\WINDOWS\system32\drivers\volmgrx.sys
23:29:01.0315 0x04a0  volmgrx - ok
23:29:01.0330 0x1e30  Object send P2P result: true
23:29:01.0346 0x1e30  Object required for P2P: [ 807A6636828E5F43C10A01474B8907EE ] MSDTC
23:29:01.0363 0x04a0  [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap        C:\WINDOWS\system32\drivers\volsnap.sys
23:29:01.0383 0x04a0  volsnap - ok
23:29:01.0399 0x04a0  [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
23:29:01.0415 0x04a0  vpci - ok
23:29:01.0446 0x04a0  [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid        C:\WINDOWS\system32\drivers\vsmraid.sys
23:29:01.0446 0x04a0  vsmraid - ok
23:29:01.0583 0x04a0  [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS            C:\WINDOWS\system32\vssvc.exe
23:29:01.0646 0x04a0  VSS - ok
23:29:01.0683 0x04a0  [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
23:29:01.0714 0x04a0  VSTXRAID - ok
23:29:01.0746 0x04a0  [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
23:29:01.0746 0x04a0  vwifibus - ok
23:29:01.0767 0x04a0  [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
23:29:01.0767 0x04a0  vwififlt - ok
23:29:01.0799 0x04a0  [ 3BE5AAC930447FD18D4A8255A2FEC95C, A517357188FE4A5BD98A3CDB2165ACCE96CCE4BE2B90DDBEAF70B6DDF393F506 ] vwifimp        C:\WINDOWS\System32\drivers\vwifimp.sys
23:29:01.0799 0x04a0  vwifimp - ok
23:29:01.0868 0x04a0  [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time        C:\WINDOWS\system32\w32time.dll
23:29:01.0899 0x04a0  W32Time - ok
23:29:01.0984 0x04a0  [ CDA9A00B16808D7A5BBB66287B89EE21, B25F98F26B0153E5DD5C744539CB6ACAFAA13E0F7B5D140C1844158B79BC9006 ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
23:29:02.0000 0x04a0  w3logsvc - ok
23:29:02.0084 0x04a0  [ 1430B095A4DF52C04BDBC31C861C9324, B686C97D13CE966D44A7695BE78A4501F96CF8E69B24AFFE6C8E643132BB8861 ] W3SVC          C:\WINDOWS\system32\inetsrv\iisw3adm.dll
23:29:02.0116 0x04a0  W3SVC - ok
23:29:02.0147 0x04a0  [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
23:29:02.0147 0x04a0  WacomPen - ok
23:29:02.0200 0x04a0  [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService  C:\WINDOWS\system32\WalletService.dll
23:29:02.0231 0x04a0  WalletService - ok
23:29:02.0266 0x04a0  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:29:02.0269 0x04a0  wanarp - ok
23:29:02.0285 0x04a0  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:29:02.0285 0x04a0  wanarpv6 - ok
23:29:02.0347 0x04a0  [ 1430B095A4DF52C04BDBC31C861C9324, B686C97D13CE966D44A7695BE78A4501F96CF8E69B24AFFE6C8E643132BB8861 ] WAS            C:\WINDOWS\system32\inetsrv\iisw3adm.dll
23:29:02.0369 0x04a0  WAS - ok
23:29:02.0500 0x04a0  [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine        C:\WINDOWS\system32\wbengine.exe
23:29:02.0584 0x04a0  wbengine - ok
23:29:02.0668 0x04a0  [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
23:29:02.0700 0x04a0  WbioSrvc - ok
23:29:02.0769 0x04a0  [ E9A0D466F6D8EC349DB526146618BCB6, CFD6F3F979E4366A68FBEC3BE90A42BF3D65403A987E80741A720C0622871F32 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
23:29:02.0800 0x04a0  Wcmsvc - ok
23:29:02.0868 0x04a0  [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc        C:\WINDOWS\System32\wcncsvc.dll
23:29:02.0900 0x04a0  wcncsvc - ok
23:29:02.0915 0x04a0  [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
23:29:02.0931 0x04a0  WcsPlugInService - ok
23:29:02.0968 0x04a0  [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
23:29:02.0968 0x04a0  WdBoot - ok
23:29:03.0068 0x04a0  [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
23:29:03.0100 0x04a0  Wdf01000 - ok
23:29:03.0147 0x04a0  [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
23:29:03.0165 0x04a0  WdFilter - ok
23:29:03.0215 0x04a0  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
23:29:03.0215 0x04a0  WdiServiceHost - ok
23:29:03.0231 0x04a0  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost  C:\WINDOWS\system32\wdi.dll
23:29:03.0246 0x04a0  WdiSystemHost - ok
23:29:03.0331 0x04a0  [ 2BC2E99623119521EEF7910A11D0FDE0, 3F3E48A79534F0F65F961D9B170D534562E04901B630127B16DF02E6D42F2BBF ] wdiwifi        C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
23:29:03.0367 0x04a0  wdiwifi - ok
23:29:03.0415 0x04a0  [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
23:29:03.0415 0x04a0  WdNisDrv - ok
23:29:03.0462 0x04a0  WdNisSvc - ok
23:29:03.0515 0x04a0  [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient      C:\WINDOWS\System32\webclnt.dll
23:29:03.0531 0x04a0  WebClient - ok
23:29:03.0568 0x04a0  [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
23:29:03.0584 0x04a0  Wecsvc - ok
23:29:03.0615 0x04a0  [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
23:29:03.0615 0x04a0  WEPHOSTSVC - ok
23:29:03.0646 0x04a0  [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport  C:\WINDOWS\System32\wercplsupport.dll
23:29:03.0667 0x04a0  wercplsupport - ok
23:29:03.0699 0x04a0  [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
23:29:03.0715 0x04a0  WerSvc - ok
23:29:03.0730 0x04a0  [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS        C:\WINDOWS\system32\drivers\wfplwfs.sys
23:29:03.0746 0x04a0  WFPLWFS - ok
23:29:03.0768 0x04a0  [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
23:29:03.0783 0x04a0  WiaRpc - ok
23:29:03.0783 0x1e30  Object send P2P result: true
23:29:03.0799 0x1e30  Object required for P2P: [ 15DBED67D72057BDCD24097654DA5406 ] OO DiskImage
23:29:03.0830 0x04a0  [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
23:29:03.0830 0x04a0  WIMMount - ok
23:29:03.0846 0x04a0  WinDefend - ok
23:29:03.0899 0x04a0  [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
23:29:03.0915 0x04a0  WindowsTrustedRT - ok
23:29:03.0946 0x04a0  [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
23:29:03.0963 0x04a0  WindowsTrustedRTProxy - ok
23:29:04.0046 0x04a0  [ FFD04E8263FC9CDB89BAD8C27C337223, 7021161D354F1536DA261D001524B92301466631DCFA161A7C6355AAC86BBE40 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
23:29:04.0099 0x04a0  WinHttpAutoProxySvc - ok
23:29:04.0146 0x04a0  [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
23:29:04.0146 0x04a0  WinMad - ok
23:29:04.0246 0x04a0  [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt        C:\WINDOWS\system32\wbem\WMIsvc.dll
23:29:04.0266 0x04a0  Winmgmt - ok
23:29:04.0483 0x04a0  [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM          C:\WINDOWS\system32\WsmSvc.dll
23:29:04.0627 0x04a0  WinRM - ok
23:29:04.0690 0x04a0  [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
23:29:04.0690 0x04a0  WINUSB - ok
23:29:04.0728 0x04a0  [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
23:29:04.0728 0x04a0  WinVerbs - ok
23:29:04.0759 0x04a0  [ D8F041E03B5D68BC98457F55A18F4997, 55B817FB2CC914224FC897C0B1D76930FB454902F40F10595350BCBA6FB41F7E ] WirelessButtonDriver64 C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys
23:29:04.0759 0x04a0  WirelessButtonDriver64 - ok
23:29:04.0927 0x04a0  [ 453740989239803FE363FF8B40EA2E08, 25499705627C38D3431B3C336E0CF3BF55ABB0C461B88DA6D3767CAAE1E2B893 ] WlanSvc        C:\WINDOWS\System32\wlansvc.dll
23:29:05.0043 0x04a0  WlanSvc - ok
23:29:05.0190 0x04a0  [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc        C:\WINDOWS\system32\wlidsvc.dll
23:29:05.0305 0x04a0  wlidsvc - ok
23:29:05.0343 0x04a0  [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi        C:\WINDOWS\System32\drivers\wmiacpi.sys
23:29:05.0343 0x04a0  WmiAcpi - ok
23:29:05.0405 0x04a0  [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
23:29:05.0426 0x04a0  wmiApSrv - ok
23:29:05.0474 0x04a0  WMPNetworkSvc - ok
23:29:05.0527 0x04a0  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof            C:\WINDOWS\system32\drivers\Wof.sys
23:29:05.0527 0x04a0  Wof - ok
23:29:05.0705 0x04a0  [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
23:29:05.0816 0x04a0  workfolderssvc - ok
23:29:05.0857 0x04a0  [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr        C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
23:29:05.0873 0x04a0  wpcfltr - ok
23:29:05.0904 0x04a0  [ D282ECA35ADAC7A93D6B4943E775010B, A76A9698A95646FA63AC18DFFA02B744D7C6043934CBF6C37832ED2E6B21F570 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
23:29:05.0919 0x04a0  WPDBusEnum - ok
23:29:05.0935 0x04a0  [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr      C:\WINDOWS\system32\drivers\WpdUpFltr.sys
23:29:05.0935 0x04a0  WpdUpFltr - ok
23:29:05.0972 0x04a0  [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService      C:\WINDOWS\system32\WpnService.dll
23:29:05.0988 0x04a0  WpnService - ok
23:29:06.0004 0x04a0  [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl        C:\WINDOWS\system32\drivers\ws2ifsl.sys
23:29:06.0019 0x04a0  ws2ifsl - ok
23:29:06.0057 0x04a0  [ 9C17CF2D05F8DA5AC66880B6BEE64E7D, 8930079A1AFA97657BE567038EE57C988D3DE9A6C24EA46160E2974837082535 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
23:29:06.0072 0x04a0  wscsvc - ok
23:29:06.0104 0x04a0  [ F517CB0182B1DA5C0E0FC6B548FF60CC, F09CA4172D611487F157973C808627F04B0CF0A71CE19D49280BFBEA4AE6027B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
23:29:06.0104 0x04a0  WSDPrintDevice - ok
23:29:06.0157 0x04a0  [ 3A3294E2E5CBFC51999180C06051DDE9, 2EEE0A5BEBB366E4C12245E8175685CF2173E260B482A8EEB7F8255BA43C6CE3 ] WSDScan        C:\WINDOWS\system32\DRIVERS\WSDScan.sys
23:29:06.0157 0x04a0  WSDScan - ok
23:29:06.0172 0x04a0  WSearch - ok
23:29:06.0357 0x1e30  Object send P2P result: true
23:29:06.0419 0x04a0  [ 6E04BBE242E2889B37300C4DF5CE1126, FBDAEAC62C48A4FC5EF412AE47FF10590AE83E8871412F76F6F9BAE910542DFA ] WSService      C:\WINDOWS\System32\WSService.dll
23:29:06.0588 0x04a0  WSService - ok
23:29:06.0777 0x04a0  [ 3D0DE8170ECCEC20CBF205D79C535BA1, 9249A420B9024AB3B18D7E4DAC20E2080E0759C620F46D37D467DC25A77F2025 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
23:29:06.0893 0x04a0  wuauserv - ok
23:29:06.0964 0x04a0  [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
23:29:06.0964 0x04a0  WudfPf - ok
23:29:06.0996 0x04a0  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
23:29:07.0011 0x04a0  WUDFRd - ok
23:29:07.0065 0x04a0  [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc        C:\WINDOWS\System32\WUDFSvc.dll
23:29:07.0065 0x04a0  wudfsvc - ok
23:29:07.0096 0x04a0  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
23:29:07.0112 0x04a0  WUDFWpdFs - ok
23:29:07.0127 0x04a0  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
23:29:07.0143 0x04a0  WUDFWpdMtp - ok
23:29:07.0243 0x04a0  [ 7F7591CCC146EC7D9EB77C1277D605F4, 80D6D45BD3C3C7F79BFA98B864CBFA443245416ED64C0BC16E9E7C8C5E958AFB ] WwanSvc        C:\WINDOWS\System32\wwansvc.dll
23:29:07.0311 0x04a0  WwanSvc - ok
23:29:07.0412 0x04a0  [ 5DFAF8BE5A3CABAABF6795BC09EB7876, 1AFD0BC50EA5C2CCB2874E97FE5205175C80849BD6C9BDAF9FBC49174D478997 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
23:29:07.0464 0x04a0  XblAuthManager - ok
23:29:07.0564 0x04a0  [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave    C:\WINDOWS\System32\XblGameSave.dll
23:29:07.0627 0x04a0  XblGameSave - ok
23:29:07.0680 0x04a0  [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip        C:\WINDOWS\System32\drivers\xboxgip.sys
23:29:07.0695 0x04a0  xboxgip - ok
23:29:07.0796 0x04a0  [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc  C:\WINDOWS\system32\XboxNetApiSvc.dll
23:29:07.0861 0x04a0  XboxNetApiSvc - ok
23:29:07.0896 0x04a0  [ DA0807D87A62D076C29C4E30F1E84F46, CA3079350038091AEE04D4DA7C06865E9DB3095120AE61AAB575AA77E86A6223 ] xinputhid      C:\WINDOWS\System32\drivers\xinputhid.sys
23:29:07.0896 0x04a0  xinputhid - ok
23:29:07.0896 0x04a0  ================ Scan global ===============================
23:29:07.0962 0x04a0  [ 82E25186617BA6C15010F0D47C705705, 5BF9E38918E6EAE86448137E2D120B80318AA1143CDDF539A2BFBEE227646816 ] C:\WINDOWS\system32\basesrv.dll
23:29:07.0996 0x04a0  [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\WINDOWS\system32\winsrv.dll
23:29:08.0043 0x04a0  [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
23:29:08.0096 0x04a0  [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\WINDOWS\system32\services.exe
23:29:08.0127 0x04a0  [ Global ] - ok
23:29:08.0127 0x04a0  ================ Scan MBR ==================================
23:29:08.0143 0x04a0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
23:29:08.0196 0x04a0  \Device\Harddisk0\DR0 - ok
23:29:08.0196 0x04a0  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
23:29:08.0227 0x04a0  \Device\Harddisk1\DR1 - ok
23:29:08.0243 0x04a0  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
23:29:08.0265 0x04a0  \Device\Harddisk1\DR1 - ok
23:29:08.0265 0x04a0  ================ Scan VBR ==================================
23:29:08.0296 0x04a0  [ BA5DEE289D5E77E31A449AC1B8EC069A ] \Device\Harddisk0\DR0\Partition1
23:29:08.0312 0x04a0  \Device\Harddisk0\DR0\Partition1 - ok
23:29:08.0327 0x04a0  [ D05ED8AA2F79CD81952BD8A0D2012F12 ] \Device\Harddisk0\DR0\Partition2
23:29:08.0327 0x04a0  \Device\Harddisk0\DR0\Partition2 - ok
23:29:08.0343 0x04a0  [ 35710DD8CDD975D1247F2F4FCEBE3F8B ] \Device\Harddisk0\DR0\Partition3
23:29:08.0361 0x04a0  \Device\Harddisk0\DR0\Partition3 - ok
23:29:08.0396 0x04a0  [ B245279672C6E0FAFF2CEC844D9F96B5 ] \Device\Harddisk0\DR0\Partition4
23:29:08.0411 0x04a0  \Device\Harddisk0\DR0\Partition4 - ok
23:29:08.0411 0x04a0  [ 1EAC87C7AC4A5779184065E83B35F19C ] \Device\Harddisk1\DR1\Partition1
23:29:08.0496 0x04a0  \Device\Harddisk1\DR1\Partition1 - ok
23:29:08.0496 0x04a0  [ 45B1DDFA2E8C5CE9D9CF35A76BE861D8 ] \Device\Harddisk1\DR1\Partition2
23:29:08.0542 0x04a0  \Device\Harddisk1\DR1\Partition2 - ok
23:29:08.0560 0x04a0  [ 1EAC87C7AC4A5779184065E83B35F19C ] \Device\Harddisk1\DR1\Partition1
23:29:08.0565 0x04a0  \Device\Harddisk1\DR1\Partition1 - ok
23:29:08.0580 0x04a0  [ 45B1DDFA2E8C5CE9D9CF35A76BE861D8 ] \Device\Harddisk1\DR1\Partition2
23:29:08.0596 0x04a0  \Device\Harddisk1\DR1\Partition2 - ok
23:29:08.0596 0x04a0  ================ Scan generic autorun ======================
23:29:09.0108 0x04a0  [ 5E33CC7624E93546C5CEC36EA690E6A1, D67C59EE75198D0D85FAD7686F24671D3C61D03F30D1FF93DD7ED1BC7675320F ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
23:29:09.0412 0x04a0  RTHDVCPL - ok
23:29:09.0427 0x04a0  SynTPEnh - ok
23:29:09.0864 0x04a0  [ 4D5631C9BB1128A575FFD6D050044A54, 16021FD864B7D005C4A2F061CA146DFE1579812568E83F6FB737C373DE2A8196 ] C:\Program Files\OO Software\DiskImage\ooditray.exe
23:29:10.0148 0x04a0  OODITRAY.EXE - ok
23:29:10.0332 0x04a0  [ FE18DDEA98D90DBF850AFCA0158ABEC8, 8EC0099B560CC23DA6D26A71A202667D1A7C4BC37CE0F9F3458EA40440541D06 ] C:\Program Files\Everything\Everything.exe
23:29:10.0401 0x04a0  Everything - ok
23:29:10.0521 0x04a0  [ EA4F9B19B3614349C79CC97DCA4C23A8, EC330F2E4F002FE450CDC1FC84AC0122C21C7912A483A99143450822004795E3 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
23:29:10.0568 0x04a0  StartCCC - ok
23:29:10.0621 0x04a0  [ 8DDA2B606279753601F9415DA503CA63, 2C9AD8218E150B6D50817991377ED3230A1672EFBD7AE29D0CD9E55E2418C800 ] C:\Program Files (x86)\QuickTime\QTTask.exe
23:29:10.0653 0x04a0  QuickTime Task - ok
23:29:10.0737 0x04a0  [ 163E43BC69AE78F468024EC2133C94A8, 782C79FA3A841FDC4F549A212E07C3B8397E1FBEE44833C0662FC7E43EA24997 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
23:29:10.0768 0x04a0  SunJavaUpdateSched - ok
23:29:10.0822 0x04a0  [ DB1F1F5F957A9A6FBB51A4CF8322C085, A618EDB132D4A19D159601D8F167472245A546D88B7C3E55FF79ED6A2EDE0690 ] C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe
23:29:10.0837 0x04a0  PlaysTV - ok
23:29:10.0869 0x04a0  [ 2D43D1A4913FDA91D2932BABE95BACD9, 9B9F6A0DA49D73971F4EABC04E34F466B4E8D6A34CFE7A518878E740DA92198C ] C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe
23:29:10.0869 0x04a0  Raptr - ok
23:29:11.0456 0x04a0  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
23:29:11.0907 0x04a0  OneDriveSetup - ok
23:29:12.0427 0x04a0  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
23:29:12.0796 0x04a0  OneDriveSetup - ok
23:29:13.0027 0x04a0  [ 61F488AC3053DEB2AADB6A34DEBC8876, B5C5E0325F0FB4A37E80F08273B7483630F676C6342519564798CE7D1F121CB7 ] C:\Users\PC\AppData\Local\Microsoft\OneDrive\OneDrive.exe
23:29:13.0078 0x04a0  OneDrive - ok
23:29:13.0180 0x04a0  [ C29061010881C9174CD45C24E33C56D2, D54BD088047CEE35CEDCDFC330321B84AA0583680C6814C8ECB91B8B75965E90 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
23:29:13.0227 0x04a0  F579D32520C4CBAF298862F1BEDBBDD0A557E2BB._service_run - ok
23:29:13.0276 0x04a0  Skype - ok
23:29:13.0376 0x04a0  [ B4817555F33628AC7313A634D723E535, E42740530040555881CA35125A1CA5DE40DE7A2EFD3E8F9E42ED7BE691FF97AB ] C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe
23:29:13.0411 0x04a0  AntiBrowserSpy - BrowserMask - ok
23:29:13.0895 0x04a0  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
23:29:14.0261 0x04a0  OneDriveSetup - ok
23:29:14.0361 0x04a0  [ CB396B37F21C205F00ACE39CF999295A, FD8CB2426D4B9F13480DD823F0479E75316F6486262E88E420398A2C7AB91F57 ] C:\Program Files (x86)\Windows Mail\wab.exe
23:29:14.0399 0x04a0  WAB Migrate - ok
23:29:14.0914 0x04a0  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
23:29:15.0275 0x04a0  OneDriveSetup - ok
23:29:15.0304 0x04a0  Waiting for KSN requests completion. In queue: 215
23:29:16.0317 0x04a0  Waiting for KSN requests completion. In queue: 215
23:29:17.0319 0x04a0  Waiting for KSN requests completion. In queue: 215
23:29:17.0834 0x1c3c  Object required for P2P: [ 7C58AFEC26E9F7730A8AA7FD40225937 ] sppsvc
23:29:18.0324 0x04a0  Waiting for KSN requests completion. In queue: 184
23:29:19.0328 0x04a0  Waiting for KSN requests completion. In queue: 184
23:29:20.0334 0x04a0  Waiting for KSN requests completion. In queue: 184
23:29:20.0372 0x1c3c  Object send P2P result: true
23:29:20.0387 0x1c3c  Object required for P2P: [ 34A3EB84B2A830E6F450B8F885AE4E6E ] SysMain
23:29:21.0344 0x04a0  Waiting for KSN requests completion. In queue: 162
23:29:22.0345 0x04a0  Waiting for KSN requests completion. In queue: 162
23:29:22.0847 0x1c3c  Object send P2P result: true
23:29:22.0878 0x1c3c  Object required for P2P: [ 4CF5A1E0C4FCA956ACD6C654E2A8610E ] VSS
23:29:23.0359 0x04a0  Waiting for KSN requests completion. In queue: 84
23:29:24.0359 0x04a0  Waiting for KSN requests completion. In queue: 84
23:29:25.0346 0x1c3c  Object send P2P result: true
23:29:25.0362 0x04a0  Waiting for KSN requests completion. In queue: 45
23:29:25.0377 0x1c3c  Object required for P2P: [ 4D5631C9BB1128A575FFD6D050044A54 ] C:\Program Files\OO Software\DiskImage\ooditray.exe
23:29:26.0377 0x04a0  Waiting for KSN requests completion. In queue: 14
23:29:27.0389 0x04a0  Waiting for KSN requests completion. In queue: 14
23:29:27.0905 0x1c3c  Object send P2P result: true
23:29:27.0905 0x1c3c  Object required for P2P: [ C29061010881C9174CD45C24E33C56D2 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
23:29:28.0401 0x04a0  Waiting for KSN requests completion. In queue: 3
23:29:29.0416 0x04a0  Waiting for KSN requests completion. In queue: 3
23:29:30.0404 0x1c3c  Object send P2P result: true
23:29:30.0404 0x1c3c  Object required for P2P: [ B4817555F33628AC7313A634D723E535 ] C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe
23:29:30.0420 0x04a0  Waiting for KSN requests completion. In queue: 2
23:29:31.0432 0x04a0  Waiting for KSN requests completion. In queue: 2
23:29:32.0438 0x04a0  Waiting for KSN requests completion. In queue: 2
23:29:32.0871 0x1c3c  Object send P2P result: true
23:29:33.0490 0x04a0  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x61100 ( enabled : updated )
23:29:33.0528 0x04a0  Win FW state via NFP2: enabled ( trusted )
23:29:35.0950 0x04a0  ============================================================
23:29:35.0950 0x04a0  Scan finished
23:29:35.0950 0x04a0  ============================================================
23:29:35.0987 0x1c50  Detected object count: 0
23:29:35.0987 0x1c50  Actual detected object count: 0
23:30:11.0032 0x1f5c  Deinitialize success
Gruß Monsterta

Monstera 22.04.2016 23:14
Sorry beim teil 3.1 ist wohl was schiefgelaufen noch ein Versuch
Code:
23:27:57.0971 0x1e2c  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
23:27:57.0979 0x1e2c  UEFI system
23:28:08.0607 0x1e2c  ============================================================
23:28:08.0607 0x1e2c  Current date / time: 2016/04/22 23:28:08.0607
23:28:08.0607 0x1e2c  SystemInfo:
23:28:08.0622 0x1e2c 
23:28:08.0622 0x1e2c  OS Version: 10.0.10586 ServicePack: 0.0
23:28:08.0622 0x1e2c  Product type: Workstation
23:28:08.0622 0x1e2c  ComputerName: PC-PC
23:28:08.0622 0x1e2c  UserName: PC
23:28:08.0622 0x1e2c  Windows directory: C:\WINDOWS
23:28:08.0622 0x1e2c  System windows directory: C:\WINDOWS
23:28:08.0622 0x1e2c  Running under WOW64
23:28:08.0622 0x1e2c  Processor architecture: Intel x64
23:28:08.0622 0x1e2c  Number of processors: 2
23:28:08.0622 0x1e2c  Page size: 0x1000
23:28:08.0622 0x1e2c  Boot type: Normal boot
23:28:08.0622 0x1e2c  ============================================================
23:28:08.0906 0x1e2c  KLMD registered as C:\WINDOWS\system32\drivers\43680280.sys
23:28:11.0182 0x1e2c  System UUID: {7799F892-583E-DB2E-BCDF-39D8C9B1A6D6}
23:28:12.0671 0x1e2c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:28:12.0718 0x1e2c  Drive \Device\Harddisk1\DR1 - Size: 0xE8DED00000 ( 931.48 Gb ), SectorSize: 0x200, Cylinders: 0x1DAFD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:28:12.0718 0x1e2c  Drive \Device\Harddisk1\DR1 - Size: 0xE8DED00000 ( 931.48 Gb ), SectorSize: 0x200, Cylinders: 0x1DAFD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:28:12.0734 0x1e2c  ============================================================
23:28:12.0734 0x1e2c  \Device\Harddisk0\DR0:
23:28:12.0734 0x1e2c  GPT partitions:
23:28:12.0734 0x1e2c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {90B1E62B-92E5-4DE3-B197-03F1C83F8C82}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
23:28:12.0734 0x1e2c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {5C349ACA-CDA2-435B-BA62-CDA6C3702C7C}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
23:28:12.0734 0x1e2c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {2D1A72D7-E47F-4184-8F4D-69A070F223C0}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x3A223E7E
23:28:12.0734 0x1e2c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {044F7BEB-0DAA-4746-B3EB-E93053B24917}, Name: , StartLBA 0x3A296800, BlocksNum 0xEF800
23:28:12.0734 0x1e2c  MBR partitions:
23:28:12.0734 0x1e2c  \Device\Harddisk1\DR1:
23:28:12.0734 0x1e2c  MBR partitions:
23:28:12.0734 0x1e2c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6D1C6000
23:28:12.0734 0x1e2c  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x6D1C6800, BlocksNum 0x752F000
23:28:12.0734 0x1e2c  \Device\Harddisk1\DR1:
23:28:12.0734 0x1e2c  MBR partitions:
23:28:12.0734 0x1e2c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6D1C6000
23:28:12.0734 0x1e2c  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x6D1C6800, BlocksNum 0x752F000
23:28:12.0734 0x1e2c  ============================================================
23:28:12.0765 0x1e2c  C: <-> \Device\Harddisk0\DR0\Partition3
23:28:12.0834 0x1e2c  E: <-> \Device\Harddisk1\DR1\Partition2
23:28:12.0888 0x1e2c  F: <-> \Device\Harddisk1\DR1\Partition1
23:28:12.0888 0x1e2c  ============================================================
23:28:12.0888 0x1e2c  Initialize success
23:28:12.0888 0x1e2c  ============================================================
23:28:19.0982 0x04a0  ============================================================
23:28:19.0982 0x04a0  Scan started
23:28:19.0982 0x04a0  Mode: Manual;
23:28:19.0982 0x04a0  ============================================================
23:28:19.0982 0x04a0  KSN ping started
23:28:22.0400 0x04a0  KSN ping finished: true
23:28:25.0694 0x04a0  ================ Scan system memory ========================
23:28:25.0695 0x04a0  System memory - ok
23:28:25.0697 0x04a0  ================ Scan services =============================
23:28:25.0957 0x04a0  [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
23:28:25.0961 0x04a0  1394ohci - ok
23:28:26.0008 0x04a0  [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware          C:\WINDOWS\system32\drivers\3ware.sys
23:28:26.0008 0x04a0  3ware - ok
23:28:26.0077 0x04a0  [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
23:28:26.0108 0x04a0  ACPI - ok
23:28:26.0157 0x04a0  [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
23:28:26.0161 0x04a0  acpiex - ok
23:28:26.0177 0x04a0  [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
23:28:26.0177 0x04a0  acpipagr - ok
23:28:26.0223 0x04a0  [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi        C:\WINDOWS\System32\drivers\acpipmi.sys
23:28:26.0223 0x04a0  AcpiPmi - ok
23:28:26.0239 0x04a0  [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
23:28:26.0239 0x04a0  acpitime - ok
23:28:26.0339 0x04a0  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
23:28:26.0339 0x04a0  Adobe LM Service - ok
23:28:26.0461 0x04a0  [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX        C:\WINDOWS\system32\drivers\ADP80XX.SYS
23:28:26.0523 0x04a0  ADP80XX - ok
23:28:26.0639 0x04a0  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters    C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
23:28:26.0657 0x04a0  AERTFilters - ok
23:28:26.0739 0x04a0  [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD            C:\WINDOWS\system32\drivers\afd.sys
23:28:26.0760 0x04a0  AFD - ok
23:28:26.0807 0x04a0  [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
23:28:26.0807 0x04a0  agp440 - ok
23:28:26.0860 0x04a0  [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache        C:\WINDOWS\system32\DRIVERS\ahcache.sys
23:28:26.0876 0x04a0  ahcache - ok
23:28:26.0923 0x04a0  [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
23:28:26.0923 0x04a0  AJRouter - ok
23:28:26.0960 0x04a0  [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG            C:\WINDOWS\System32\alg.exe
23:28:26.0976 0x04a0  ALG - ok
23:28:27.0038 0x04a0  [ 17DBF2825FFA6D66B1B3C55665721884, AE6369796BB1D586F76AF90F68CD34242F7FD586E8C2183474D154F384881511 ] AMD FUEL Service C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
23:28:27.0057 0x04a0  AMD FUEL Service - ok
23:28:27.0076 0x04a0  [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8          C:\WINDOWS\System32\drivers\amdk8.sys
23:28:27.0076 0x04a0  AmdK8 - ok
23:28:27.0123 0x04a0  [ B28145E732EDEBBEDABC311DBA56D52A, 43745C17A3AC2A7A6FB0DBF1A2158C6B365198581E8E3B1F7E7E9EE9763A2735 ] amdkmafd        C:\WINDOWS\system32\drivers\amdkmafd.sys
23:28:27.0123 0x04a0  amdkmafd - ok
23:28:27.0160 0x04a0  amdkmdag - ok
23:28:27.0223 0x04a0  [ AD96CC96B6A0CEE8910A13679426C970, 18005892C57CF8F3B2F09C3DDEC10612EC9B1C14BB057196AAE209D2703FF06E ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
23:28:27.0260 0x04a0  amdkmdap - ok
23:28:27.0305 0x04a0  [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
23:28:27.0313 0x04a0  AmdPPM - ok
23:28:27.0382 0x04a0  [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata        C:\WINDOWS\system32\drivers\amdsata.sys
23:28:27.0388 0x04a0  amdsata - ok
23:28:27.0429 0x04a0  [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
23:28:27.0446 0x04a0  amdsbs - ok
23:28:27.0481 0x04a0  [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata        C:\WINDOWS\system32\drivers\amdxata.sys
23:28:27.0483 0x04a0  amdxata - ok
23:28:27.0531 0x04a0  [ A1434F35B7B171CB697D74D33F7D029F, 97688D8C388066D02036DEF388AD7D8BE55DB268185CECE88128195D87422496 ] amd_sata        C:\WINDOWS\system32\drivers\amd_sata.sys
23:28:27.0536 0x04a0  amd_sata - ok
23:28:27.0560 0x04a0  [ E9B5A82FA268BB2D1B012030D5F4E096, 9EBE4DD2B86EE62D5E47ED85FC6271FE66A5A564227C7C8B7A576FD54A2CFACB ] amd_xata        C:\WINDOWS\system32\drivers\amd_xata.sys
23:28:27.0560 0x04a0  amd_xata - ok
23:28:27.0596 0x04a0  [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.1    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
23:28:27.0600 0x04a0  AODDriver4.1 - ok
23:28:27.0676 0x04a0  [ ADFFD587A8CBDCEB0566521ACEF707DB, 17CF539B17FAAF4CC4306B6D2BBD36D80C93FB49A614293D7351A92445C6C1D0 ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
23:28:27.0681 0x04a0  AppHostSvc - ok
23:28:27.0720 0x04a0  [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID          C:\WINDOWS\system32\drivers\appid.sys
23:28:27.0720 0x04a0  AppID - ok
23:28:27.0761 0x04a0  [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
23:28:27.0761 0x04a0  AppIDSvc - ok
23:28:27.0792 0x04a0  [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo        C:\WINDOWS\System32\appinfo.dll
23:28:27.0808 0x04a0  Appinfo - ok
23:28:27.0858 0x04a0  [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
23:28:27.0877 0x04a0  AppReadiness - ok
23:28:28.0039 0x04a0  [ 0F3C165B71F8140F50A1DB5DE3E6D695, 7AD0F130088B3A964739C3194CF09E79B6B5D761B064071B9AC11D9B65F5D523 ] AppXSvc        C:\WINDOWS\system32\appxdeploymentserver.dll
23:28:28.0139 0x04a0  AppXSvc - ok
23:28:28.0176 0x04a0  [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
23:28:28.0192 0x04a0  arcsas - ok
23:28:28.0339 0x04a0  [ 00B0FDD484914F388B5441285FDE24CB, 90AA8A12BB235BFC3A924F0E23BCEE8742817E3BC5A85E49D8AF8B52E8158ECB ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:28:28.0355 0x04a0  aspnet_state - ok
23:28:28.0392 0x04a0  [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
23:28:28.0392 0x04a0  AsyncMac - ok
23:28:28.0408 0x04a0  [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi          C:\WINDOWS\system32\drivers\atapi.sys
23:28:28.0424 0x04a0  atapi - ok
23:28:28.0732 0x04a0  [ 3009647315A75D0BB08A6BFF8310FA70, FDBF7BE751C23EA40B6861D4EAD27007C81CA0A5AECBDAF9B6E4A39EC6F13625 ] athr            C:\WINDOWS\System32\drivers\athw10x.sys
23:28:28.0932 0x04a0  athr - ok
23:28:29.0001 0x04a0  [ F06A4C6E131FD7D6E253FC0B6844298C, 431FEFB929D984C2573E186C65CE35385808FDB9795C776870AF39305E9465FA ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
23:28:29.0001 0x04a0  AtiHDAudioService - ok
23:28:29.0048 0x04a0  [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
23:28:29.0063 0x04a0  AudioEndpointBuilder - ok
23:28:29.0163 0x04a0  [ 2A2C0983B6FE62F02E7183335B1F5C20, 07845269FE72894D31D3FC927EECE26333AE9A2149A995DA4AE007276B05C647 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
23:28:29.0216 0x04a0  Audiosrv - ok
23:28:29.0279 0x04a0  [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
23:28:29.0279 0x04a0  AxInstSV - ok
23:28:29.0348 0x04a0  [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv        C:\WINDOWS\system32\drivers\bxvbda.sys
23:28:29.0379 0x04a0  b06bdrv - ok
23:28:29.0416 0x04a0  [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
23:28:29.0432 0x04a0  BasicDisplay - ok
23:28:29.0448 0x04a0  [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender    C:\WINDOWS\System32\drivers\BasicRender.sys
23:28:29.0448 0x04a0  BasicRender - ok
23:28:29.0479 0x04a0  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn          C:\WINDOWS\System32\drivers\bcmfn.sys
23:28:29.0479 0x04a0  bcmfn - ok
23:28:29.0500 0x04a0  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
23:28:29.0516 0x04a0  bcmfn2 - ok
23:28:29.0563 0x04a0  [ F374C27099807E99A156953F8416D34A, D267B8CD837290F9FC6B4FFD2DB8F54867D808FB155698FC7713BCAB3AE475B5 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
23:28:29.0579 0x04a0  BDESVC - ok
23:28:29.0616 0x04a0  [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
23:28:29.0632 0x04a0  Beep - ok
23:28:29.0716 0x04a0  [ 37F5E2385CB4D10AB42186974B9C241A, D38FA2B8CE19AC32056060F04B04D031F1621C07528DEDCCD5A8C01AB0A35995 ] BFE            C:\WINDOWS\System32\bfe.dll
23:28:29.0747 0x04a0  BFE - ok
23:28:29.0863 0x04a0  [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS            C:\WINDOWS\System32\qmgr.dll
23:28:29.0916 0x04a0  BITS - ok
23:28:29.0947 0x04a0  [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
23:28:29.0963 0x04a0  bowser - ok
23:28:30.0031 0x04a0  [ 492FB85E61768950CDD27C87AED6E8FA, 1BFF11D899581E406D1AB5F2C66C9D816161ECF4B81AAACCCA3663875E86C0A5 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
23:28:30.0063 0x04a0  BrokerInfrastructure - ok
23:28:30.0116 0x04a0  [ A617BE5E429A035A1CA8217C1B16F0BB, 197EE6C6EB22FF8A626540886F5A2163CC4CB177504C5423856F54BF01EB0FF1 ] Browser        C:\WINDOWS\System32\browser.dll
23:28:30.0131 0x04a0  Browser - ok
23:28:30.0200 0x04a0  [ 39518DA803C2BCE04FCA2083879F077E, 244CCE64CAE1C8666BA25B07996997F57E6665D7E27FF15205C643D46A3A1D8F ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
23:28:30.0231 0x04a0  BtFilter - ok
23:28:30.0278 0x04a0  [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
23:28:30.0278 0x04a0  BthAvrcpTg - ok
23:28:30.0331 0x04a0  [ FD74F7C4D04496FC46D2BB8464FA2CA4, 24F3750187D4A4CD3DB1451E358E36AC5169C83E794B6DFEF4E3D16BA2AC3951 ] BthEnum        C:\WINDOWS\System32\drivers\BthEnum.sys
23:28:30.0331 0x04a0  BthEnum - ok
23:28:30.0363 0x04a0  [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum      C:\WINDOWS\System32\drivers\bthhfenum.sys
23:28:30.0363 0x04a0  BthHFEnum - ok
23:28:30.0378 0x04a0  [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
23:28:30.0395 0x04a0  bthhfhid - ok
23:28:30.0431 0x04a0  [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
23:28:30.0447 0x04a0  BthHFSrv - ok
23:28:30.0500 0x04a0  [ 3B3BF88BB54CB9A18DE1EF07292B5A3D, 7B9C1E7E07435B976E4AE89425F10541E1DEB153172A375CBC2D03A4D7B7F3D2 ] BthLEEnum      C:\WINDOWS\System32\drivers\BthLEEnum.sys
23:28:30.0516 0x04a0  BthLEEnum - ok
23:28:30.0568 0x04a0  [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
23:28:30.0574 0x04a0  BTHMODEM - ok
23:28:30.0612 0x04a0  [ 09C3DB1B137B269A822F941D867A6BB6, CC99FBD76DA19D951864D4967EA9F3C048811E9BB7BBB67B724FC82A50B14516 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
23:28:30.0620 0x04a0  BthPan - ok
23:28:30.0752 0x04a0  [ 2A0EF9AF5FD3FCCC25E17C47198D6E25, 4B548DD7235EF5EEC36AC443F9F44A042332BA01CB38B3D2E804618F2DC31813 ] BTHPORT        C:\WINDOWS\System32\drivers\BTHport.sys
23:28:30.0816 0x04a0  BTHPORT - ok
23:28:30.0861 0x04a0  [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv        C:\WINDOWS\system32\bthserv.dll
23:28:30.0867 0x04a0  bthserv - ok
23:28:30.0904 0x04a0  [ B13CB5CCEE91ACA77C985B8E0D53A7D4, 1DB76A52E30B3DCC0FAF8579A7D5A24AD010ACA7613FB00B541FDDED7BE3F08E ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
23:28:30.0909 0x04a0  BTHUSB - ok
23:28:30.0941 0x04a0  [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
23:28:30.0944 0x04a0  buttonconverter - ok
23:28:30.0984 0x04a0  [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
23:28:30.0991 0x04a0  CapImg - ok
23:28:31.0019 0x04a0  [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
23:28:31.0019 0x04a0  cdfs - ok
23:28:31.0082 0x04a0  [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
23:28:31.0101 0x04a0  CDPSvc - ok
23:28:31.0132 0x04a0  [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom          C:\WINDOWS\System32\drivers\cdrom.sys
23:28:31.0148 0x04a0  cdrom - ok
23:28:31.0189 0x04a0  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc    C:\WINDOWS\System32\certprop.dll
23:28:31.0202 0x04a0  CertPropSvc - ok
23:28:31.0245 0x04a0  [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
23:28:31.0249 0x04a0  circlass - ok
23:28:31.0315 0x04a0  [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
23:28:31.0351 0x04a0  CLFS - ok
23:28:31.0425 0x04a0  [ F7526C133AC265F283012E9CD751F873, 6AABDD92FD880F49F63C1CC478C3D8291AF670802CEC58B32730E7675D858D88 ] ClipSVC        C:\WINDOWS\System32\ClipSVC.dll
23:28:31.0457 0x04a0  ClipSVC - ok
23:28:31.0516 0x04a0  [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
23:28:31.0521 0x04a0  CmBatt - ok
23:28:31.0602 0x04a0  [ 3B866F8CB10719A5AF9E410B1B149714, B0A32B526290ED8E1DD93C70AB49DD417B82CA23D6B815163131247091D61DBA ] CNG            C:\WINDOWS\system32\Drivers\cng.sys
23:28:31.0630 0x04a0  CNG - ok
23:28:31.0662 0x04a0  [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist    C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
23:28:31.0662 0x04a0  cnghwassist - ok
23:28:31.0748 0x04a0  [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
23:28:31.0748 0x04a0  CompositeBus - ok
23:28:31.0764 0x04a0  COMSysApp - ok
23:28:31.0817 0x04a0  [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
23:28:31.0817 0x04a0  condrv - ok
23:28:31.0901 0x04a0  [ DE6DF2C34718EADCFF8776E597F2104D, 35D03E95853CEAC69F674FB09C819A4698EBEDFD8AC0474F0ADF02741492401E ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
23:28:31.0948 0x04a0  CoreMessagingRegistrar - ok
23:28:32.0026 0x04a0  [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
23:28:32.0037 0x04a0  CryptSvc - ok
23:28:32.0078 0x04a0  [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam            C:\WINDOWS\system32\drivers\dam.sys
23:28:32.0083 0x04a0  dam - ok
23:28:32.0359 0x04a0  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
23:28:32.0438 0x04a0  DcomLaunch - ok
23:28:32.0562 0x04a0  [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
23:28:32.0591 0x04a0  DcpSvc - ok
23:28:32.0655 0x04a0  [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc      C:\WINDOWS\System32\defragsvc.dll
23:28:32.0686 0x04a0  defragsvc - ok
23:28:32.0743 0x04a0  [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
23:28:32.0775 0x04a0  DeviceAssociationService - ok
23:28:32.0845 0x04a0  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall  C:\WINDOWS\system32\umpnpmgr.dll
23:28:32.0884 0x04a0  DeviceInstall - ok
23:28:32.0929 0x04a0  [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
23:28:32.0934 0x04a0  DevQueryBroker - ok
23:28:32.0992 0x04a0  [ 935823F79CBEDB91637B63D37E3A5A36, BE9A46F1CA631B9252C71758901D55456DC3C143053003D9FA7D67811A1E5026 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
23:28:33.0004 0x04a0  Dfsc - ok
23:28:33.0069 0x04a0  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
23:28:33.0077 0x04a0  dg_ssudbus - ok
23:28:33.0142 0x04a0  [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
23:28:33.0174 0x04a0  Dhcp - ok
23:28:33.0319 0x04a0  [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
23:28:33.0327 0x04a0  diagnosticshub.standardcollector.service - ok
23:28:33.0488 0x04a0  [ 15D174719872A30F2FDD6B5B1B8BA5D9, B0E6FF6FC47B731C204F110D4B768231906B144B31F602ECE8EAC24D70BA880D ] DiagTrack      C:\WINDOWS\system32\diagtrack.dll
23:28:33.0560 0x04a0  DiagTrack - ok
23:28:33.0652 0x04a0  [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk            C:\WINDOWS\system32\drivers\disk.sys
23:28:33.0663 0x04a0  disk - ok
23:28:33.0739 0x04a0  [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
23:28:33.0770 0x04a0  DmEnrollmentSvc - ok
23:28:33.0806 0x04a0  [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc          C:\WINDOWS\System32\drivers\dmvsc.sys
23:28:33.0810 0x04a0  dmvsc - ok
23:28:33.0857 0x04a0  [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
23:28:33.0864 0x04a0  dmwappushservice - ok
23:28:33.0928 0x04a0  [ 5839A317C25F70979433E0905DFABB1B, 7F1CD50C77A33A10259D8A208A355BE7ECAFEA69F810AD908EF8878A792741AF ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
23:28:33.0950 0x04a0  Dnscache - ok
23:28:34.0016 0x04a0  [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc        C:\WINDOWS\System32\dot3svc.dll
23:28:34.0038 0x04a0  dot3svc - ok
23:28:34.0088 0x04a0  [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS            C:\WINDOWS\system32\dps.dll
23:28:34.0101 0x04a0  DPS - ok
23:28:34.0165 0x04a0  [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud        C:\WINDOWS\System32\drivers\drmkaud.sys
23:28:34.0168 0x04a0  drmkaud - ok
23:28:34.0243 0x04a0  [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
23:28:34.0259 0x04a0  DsmSvc - ok
23:28:34.0308 0x04a0  [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc          C:\WINDOWS\System32\DsSvc.dll
23:28:34.0323 0x04a0  DsSvc - ok
23:28:34.0516 0x04a0  [ F45665E77D11F3C1552EDBEAD1559DC8, C7C4B493CB36A1A35B8CA33C044BA0ED273CDA80E36F48BFF7CE3A0356246838 ] DXGKrnl        C:\WINDOWS\System32\drivers\dxgkrnl.sys
23:28:34.0643 0x04a0  DXGKrnl - ok
23:28:34.0704 0x04a0  [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost        C:\WINDOWS\System32\eapsvc.dll
23:28:34.0704 0x04a0  Eaphost - ok
23:28:34.0933 0x04a0  [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv          C:\WINDOWS\system32\drivers\evbda.sys
23:28:35.0105 0x04a0  ebdrv - ok
23:28:35.0166 0x04a0  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS            C:\WINDOWS\System32\lsass.exe
23:28:35.0181 0x04a0  EFS - ok
23:28:35.0231 0x04a0  [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass    C:\WINDOWS\system32\drivers\EhStorClass.sys
23:28:35.0234 0x04a0  EhStorClass - ok
23:28:35.0250 0x04a0  [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
23:28:35.0266 0x04a0  EhStorTcgDrv - ok
23:28:35.0334 0x04a0  [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
23:28:35.0342 0x04a0  embeddedmode - ok
23:28:35.0370 0x04a0  [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc      C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
23:28:35.0402 0x04a0  EntAppSvc - ok
23:28:35.0433 0x04a0  [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
23:28:35.0435 0x04a0  ErrDev - ok
23:28:35.0529 0x04a0  [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem    C:\WINDOWS\system32\es.dll
23:28:35.0581 0x04a0  EventSystem - ok
23:28:35.0742 0x04a0  [ FE18DDEA98D90DBF850AFCA0158ABEC8, 8EC0099B560CC23DA6D26A71A202667D1A7C4BC37CE0F9F3458EA40440541D06 ] Everything      C:\Program Files\Everything\Everything.exe
23:28:35.0803 0x04a0  Everything - ok
23:28:35.0855 0x04a0  [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat          C:\WINDOWS\system32\drivers\exfat.sys
23:28:35.0871 0x04a0  exfat - ok
23:28:35.0918 0x04a0  [ 03DE0EC072C5EBD5B018CAD83F1E522A, 9D0B30A2870FBA20B95017CE3A4205F2DD53FE169A0D16715E962D83DE040FB3 ] fastfat        C:\WINDOWS\system32\drivers\fastfat.sys
23:28:35.0933 0x04a0  fastfat - ok
23:28:36.0018 0x04a0  [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax            C:\WINDOWS\system32\fxssvc.exe
23:28:36.0055 0x04a0  Fax - ok
23:28:36.0086 0x04a0  [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc            C:\WINDOWS\System32\drivers\fdc.sys
23:28:36.0086 0x04a0  fdc - ok
23:28:36.0118 0x04a0  [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost        C:\WINDOWS\system32\fdPHost.dll
23:28:36.0118 0x04a0  fdPHost - ok
23:28:36.0152 0x04a0  [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
23:28:36.0155 0x04a0  FDResPub - ok
23:28:36.0186 0x04a0  [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc          C:\WINDOWS\system32\fhsvc.dll
23:28:36.0202 0x04a0  fhsvc - ok
23:28:36.0233 0x04a0  [ 8F12AB59336143B680F71B217B495AD2, A28F62F065C68CC1A7EEF0CA52F83C3284B001565D8E154BF8568DE4A525104E ] FileCrypt      C:\WINDOWS\system32\drivers\filecrypt.sys
23:28:36.0253 0x04a0  FileCrypt - ok
23:28:36.0286 0x04a0  [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
23:28:36.0286 0x04a0  FileInfo - ok
23:28:36.0317 0x04a0  [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace      C:\WINDOWS\system32\drivers\filetrace.sys
23:28:36.0317 0x04a0  Filetrace - ok
23:28:36.0355 0x04a0  [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
23:28:36.0355 0x04a0  flpydisk - ok
23:28:36.0402 0x04a0  [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
23:28:36.0417 0x04a0  FltMgr - ok
23:28:36.0569 0x04a0  [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache      C:\WINDOWS\system32\FntCache.dll
23:28:36.0655 0x04a0  FontCache - ok
23:28:36.0768 0x04a0  [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:28:36.0771 0x04a0  FontCache3.0.0.0 - ok
23:28:36.0817 0x04a0  [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends      C:\WINDOWS\system32\drivers\FsDepends.sys
23:28:36.0822 0x04a0  FsDepends - ok
23:28:36.0855 0x04a0  [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:28:36.0860 0x04a0  Fs_Rec - ok
23:28:36.0921 0x04a0  [ 421497634C86EF4B8F86D0EBC076728F, E0D1449555D8849364E00AA747DBC820EF914A9F5B796E35070072FCBC532ADE ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
23:28:36.0955 0x04a0  fvevol - ok
23:28:36.0986 0x04a0  [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
23:28:36.0986 0x04a0  gagp30kx - ok
23:28:37.0033 0x04a0  [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
23:28:37.0033 0x04a0  gencounter - ok
23:28:37.0059 0x04a0  [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
23:28:37.0061 0x04a0  genericusbfn - ok
23:28:37.0120 0x04a0  [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101    C:\WINDOWS\system32\Drivers\msgpioclx.sys
23:28:37.0138 0x04a0  GPIOClx0101 - ok
23:28:37.0258 0x04a0  [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc          C:\WINDOWS\System32\gpsvc.dll
23:28:37.0325 0x04a0  gpsvc - ok
23:28:37.0351 0x04a0  [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
23:28:37.0353 0x04a0  GpuEnergyDrv - ok
23:28:37.0402 0x04a0  [ 7814A8ED32D5186BA651008AFFB55080, 1116694AD45DC53B987910DFD16909B69DEF754034E4C535AEE6340229CE5697 ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:28:37.0402 0x04a0  gupdate - ok
23:28:37.0433 0x04a0  [ 7814A8ED32D5186BA651008AFFB55080, 1116694AD45DC53B987910DFD16909B69DEF754034E4C535AEE6340229CE5697 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:28:37.0433 0x04a0  gupdatem - ok
23:28:37.0471 0x04a0  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc          C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:28:37.0486 0x04a0  gusvc - ok
23:28:37.0533 0x04a0  [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
23:28:37.0533 0x04a0  HDAudBus - ok
23:28:37.0555 0x04a0  [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt        C:\WINDOWS\System32\drivers\HidBatt.sys
23:28:37.0570 0x04a0  HidBatt - ok
23:28:37.0617 0x04a0  [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
23:28:37.0617 0x04a0  HidBth - ok
23:28:37.0633 0x04a0  [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
23:28:37.0650 0x04a0  hidi2c - ok
23:28:37.0670 0x04a0  [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
23:28:37.0670 0x04a0  hidinterrupt - ok
23:28:37.0686 0x04a0  [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr          C:\WINDOWS\System32\drivers\hidir.sys
23:28:37.0702 0x04a0  HidIr - ok
23:28:37.0733 0x04a0  [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv        C:\WINDOWS\system32\hidserv.dll
23:28:37.0751 0x04a0  hidserv - ok
23:28:37.0786 0x04a0  [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
23:28:37.0786 0x04a0  HidUsb - ok
23:28:37.0855 0x04a0  [ 2FEF4D90C0CAED258C93CFF72A8FFD71, 56473D90E9FE52849067D080FD88B29C0BBE76E5266657E2ABD6366B7A4E9474 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
23:28:37.0870 0x04a0  HomeGroupListener - ok
23:28:37.0933 0x04a0  [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
23:28:37.0970 0x04a0  HomeGroupProvider - ok
23:28:38.0125 0x04a0  [ 7B7DE6B3DC30F3246958F42C67A6F7BB, 4B66B90CFEC2231B905B21DECC4EC7C6500E546F080A452EF67E724EDF37ADD9 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
23:28:38.0175 0x04a0  hpqwmiex - ok
23:28:38.0238 0x04a0  [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
23:28:38.0238 0x04a0  HpSAMD - ok
23:28:38.0291 0x04a0  [ 2C884CBC1CC8804B771C845CD683BA84, 4BDCD012AB9D2ED0A2831BB01F77DB47B83565527C4964CA7BE6FC66917AC265 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
23:28:38.0291 0x04a0  HPSupportSolutionsFrameworkService - ok
23:28:38.0457 0x04a0  [ 63C3F74DC398A1C1A77E39DFB9C312CA, 283A13899838B4313BFBC406E832042696C549640A1AB11E23C0B9E499289836 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
23:28:38.0506 0x04a0  HTTP - ok
23:28:38.0556 0x04a0  [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
23:28:38.0559 0x04a0  hwpolicy - ok
23:28:38.0591 0x04a0  [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
23:28:38.0591 0x04a0  hyperkbd - ok
23:28:38.0622 0x04a0  [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
23:28:38.0637 0x04a0  i8042prt - ok
23:28:38.0659 0x04a0  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c          C:\WINDOWS\System32\drivers\iai2c.sys
23:28:38.0659 0x04a0  iai2c - ok
23:28:38.0706 0x04a0  [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
23:28:38.0706 0x04a0  iaLPSS2i_I2C - ok
23:28:38.0738 0x04a0  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
23:28:38.0738 0x04a0  iaLPSSi_GPIO - ok
23:28:38.0791 0x04a0  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C    C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
23:28:38.0791 0x04a0  iaLPSSi_I2C - ok
23:28:38.0859 0x04a0  [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
23:28:38.0906 0x04a0  iaStorAV - ok
23:28:38.0959 0x04a0  [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV        C:\WINDOWS\system32\drivers\iaStorV.sys
23:28:38.0975 0x04a0  iaStorV - ok
23:28:39.0022 0x04a0  [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus          C:\WINDOWS\System32\drivers\ibbus.sys
23:28:39.0059 0x04a0  ibbus - ok
23:28:39.0109 0x04a0  [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
23:28:39.0123 0x04a0  icssvc - ok
23:28:39.0142 0x04a0  IEEtwCollectorService - ok
23:28:39.0267 0x04a0  [ 95A03F67830FDCB950E70261128D540D, D052CB703500E2871CF51E015E444F2A99FA9A7579AC422104F0E411F6107BD0 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
23:28:39.0304 0x04a0  IKEEXT - ok
23:28:39.0629 0x04a0  [ 1B55E32AAF6DA714587D226A399C77FE, 2B1CEB276EAA6BE8B2D8C55474FB672C5D7441B3B17B01A43DECF8C68239FB1B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
23:28:39.0817 0x04a0  IntcAzAudAddService - ok
23:28:39.0886 0x04a0  [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
23:28:39.0886 0x04a0  intelide - ok
23:28:39.0917 0x04a0  [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
23:28:39.0917 0x04a0  intelpep - ok
23:28:39.0954 0x04a0  [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
23:28:39.0970 0x04a0  intelppm - ok
23:28:40.0001 0x04a0  [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos          C:\WINDOWS\system32\drivers\ioqos.sys
23:28:40.0001 0x04a0  IoQos - ok
23:28:40.0017 0x04a0  [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:28:40.0034 0x04a0  IpFilterDriver - ok
23:28:40.0117 0x04a0  [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
23:28:40.0170 0x04a0  iphlpsvc - ok
23:28:40.0201 0x04a0  [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV        C:\WINDOWS\System32\drivers\IPMIDrv.sys
23:28:40.0201 0x04a0  IPMIDRV - ok
23:28:40.0254 0x04a0  [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT          C:\WINDOWS\system32\drivers\ipnat.sys
23:28:40.0254 0x04a0  IPNAT - ok
23:28:40.0285 0x04a0  [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
23:28:40.0285 0x04a0  IRENUM - ok
23:28:40.0338 0x04a0  [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
23:28:40.0338 0x04a0  isapnp - ok
23:28:40.0370 0x04a0  [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
23:28:40.0385 0x04a0  iScsiPrt - ok
23:28:40.0417 0x04a0  [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
23:28:40.0417 0x04a0  kbdclass - ok
23:28:40.0454 0x04a0  [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
23:28:40.0454 0x04a0  kbdhid - ok
23:28:40.0470 0x04a0  [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic          C:\WINDOWS\System32\drivers\kdnic.sys
23:28:40.0485 0x04a0  kdnic - ok
23:28:40.0501 0x04a0  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso          C:\WINDOWS\system32\lsass.exe
23:28:40.0517 0x04a0  KeyIso - ok
23:28:40.0538 0x04a0  [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
23:28:40.0538 0x04a0  KSecDD - ok
23:28:40.0601 0x04a0  [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg        C:\WINDOWS\system32\Drivers\ksecpkg.sys
23:28:40.0601 0x04a0  KSecPkg - ok
23:28:40.0654 0x04a0  [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk        C:\WINDOWS\system32\drivers\ksthunk.sys
23:28:40.0654 0x04a0  ksthunk - ok
23:28:40.0717 0x04a0  [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm          C:\WINDOWS\system32\msdtckrm.dll
23:28:40.0738 0x04a0  KtmRm - ok
23:28:40.0785 0x04a0  [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
23:28:40.0801 0x04a0  LanmanServer - ok
23:28:40.0838 0x04a0  [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
23:28:40.0870 0x04a0  LanmanWorkstation - ok
23:28:40.0901 0x04a0  [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc          C:\WINDOWS\System32\lfsvc.dll
23:28:40.0901 0x04a0  lfsvc - ok
23:28:40.0917 0x04a0  [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
23:28:40.0935 0x04a0  LicenseManager - ok
23:28:40.0970 0x04a0  [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
23:28:40.0970 0x04a0  lltdio - ok
23:28:41.0016 0x04a0  [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc        C:\WINDOWS\System32\lltdsvc.dll
23:28:41.0038 0x04a0  lltdsvc - ok
23:28:41.0070 0x04a0  [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts        C:\WINDOWS\System32\lmhsvc.dll
23:28:41.0085 0x04a0  lmhosts - ok
23:28:41.0135 0x04a0  [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS        C:\WINDOWS\system32\drivers\lsi_sas.sys
23:28:41.0138 0x04a0  LSI_SAS - ok
23:28:41.0154 0x04a0  [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i      C:\WINDOWS\system32\drivers\lsi_sas2i.sys
23:28:41.0170 0x04a0  LSI_SAS2i - ok
23:28:41.0201 0x04a0  [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i      C:\WINDOWS\system32\drivers\lsi_sas3i.sys
23:28:41.0201 0x04a0  LSI_SAS3i - ok
23:28:41.0216 0x04a0  [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS        C:\WINDOWS\system32\drivers\lsi_sss.sys
23:28:41.0237 0x04a0  LSI_SSS - ok
23:28:41.0301 0x04a0  [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM            C:\WINDOWS\System32\lsm.dll
23:28:41.0338 0x04a0  LSM - ok
23:28:41.0370 0x04a0  [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv          C:\WINDOWS\system32\drivers\luafv.sys
23:28:41.0385 0x04a0  luafv - ok
23:28:41.0417 0x04a0  [ 9BC40C5A140B5F380042E391CC95993F, 4FFE8A6A473530CE171AC47C7E8D51B8C29BDC209E7129F66B06F8D40F07DAED ] MapsBroker      C:\WINDOWS\System32\moshost.dll
23:28:41.0435 0x04a0  MapsBroker - ok
23:28:41.0470 0x04a0  [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas        C:\WINDOWS\system32\drivers\megasas.sys
23:28:41.0470 0x04a0  megasas - ok
23:28:41.0538 0x04a0  [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
23:28:41.0554 0x04a0  megasr - ok
23:28:41.0616 0x04a0  [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
23:28:41.0616 0x04a0  MessagingService - ok
23:28:41.0753 0x04a0  [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
23:28:41.0800 0x04a0  mlx4_bus - ok
23:28:41.0838 0x04a0  [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS          C:\WINDOWS\system32\drivers\mmcss.sys
23:28:41.0838 0x04a0  MMCSS - ok
23:28:41.0869 0x04a0  [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem          C:\WINDOWS\system32\drivers\modem.sys
23:28:41.0869 0x04a0  Modem - ok
23:28:41.0900 0x04a0  [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor        C:\WINDOWS\System32\drivers\monitor.sys
23:28:41.0900 0x04a0  monitor - ok
23:28:41.0954 0x04a0  [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
23:28:41.0954 0x04a0  mouclass - ok
23:28:41.0969 0x04a0  [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
23:28:41.0985 0x04a0  mouhid - ok
23:28:42.0000 0x04a0  [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
23:28:42.0016 0x04a0  mountmgr - ok
23:28:42.0038 0x04a0  [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
23:28:42.0038 0x04a0  mpsdrv - ok
23:28:42.0135 0x04a0  [ 553F19DC6F3F73545CB17FCD7A8AE37B, 49ABB625EB9C2981254EEA1FE7858DF630BA2D65653CC91CD4FEEACF69C5392F ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
23:28:42.0169 0x04a0  MpsSvc - ok
23:28:42.0216 0x04a0  [ 2B9A1FF2450BAF7A795941BE471F16EF, DD213BACDAE4E3C4F89BFE54BCE77B2F66D12AA85949147AE8A31049876CAA3E ] MQAC            C:\WINDOWS\system32\drivers\mqac.sys
23:28:42.0238 0x04a0  MQAC - ok
23:28:42.0269 0x04a0  [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
23:28:42.0284 0x04a0  MRxDAV - ok
23:28:42.0338 0x04a0  [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:28:42.0369 0x04a0  mrxsmb - ok
23:28:42.0432 0x04a0  [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
23:28:42.0438 0x04a0  mrxsmb10 - ok
23:28:42.0485 0x04a0  [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
23:28:42.0500 0x04a0  mrxsmb20 - ok
23:28:42.0537 0x04a0  [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
23:28:42.0538 0x04a0  MsBridge - ok
23:28:42.0585 0x04a0  [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC          C:\WINDOWS\System32\msdtc.exe
23:28:42.0585 0x04a0  MSDTC - ok
23:28:42.0616 0x04a0  [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
23:28:42.0633 0x04a0  Msfs - ok
23:28:42.0669 0x04a0  [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32    C:\WINDOWS\System32\drivers\msgpiowin32.sys
23:28:42.0669 0x04a0  msgpiowin32 - ok
23:28:42.0700 0x04a0  [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf      C:\WINDOWS\System32\drivers\mshidkmdf.sys
23:28:42.0700 0x04a0  mshidkmdf - ok
23:28:42.0716 0x04a0  [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf      C:\WINDOWS\System32\drivers\mshidumdf.sys
23:28:42.0733 0x04a0  mshidumdf - ok
23:28:42.0753 0x04a0  [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
23:28:42.0753 0x04a0  msisadrv - ok
23:28:42.0800 0x04a0  [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI        C:\WINDOWS\system32\iscsiexe.dll
23:28:42.0800 0x04a0  MSiSCSI - ok
23:28:42.0816 0x04a0  msiserver - ok
23:28:42.0853 0x04a0  [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV        C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
23:28:42.0853 0x04a0  MSKSSRV - ok
23:28:42.0900 0x04a0  [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
23:28:42.0900 0x04a0  MsLldp - ok
23:28:42.0938 0x04a0  [ 30130E99810283026C5FA2F57A4BB488, 3CF97CC2F63A7CDEA19C8B2DD73EED161309A7C334FF80567C18423F2DA34249 ] MSMQ            C:\WINDOWS\system32\mqsvc.exe
23:28:42.0953 0x04a0  MSMQ - ok
23:28:42.0969 0x04a0  [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
23:28:42.0969 0x04a0  MSPCLOCK - ok
23:28:42.0985 0x04a0  [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM          C:\WINDOWS\system32\DRIVERS\MSPQM.sys
23:28:43.0000 0x04a0  MSPQM - ok
23:28:43.0053 0x04a0  [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC          C:\WINDOWS\system32\drivers\MsRPC.sys
23:28:43.0069 0x04a0  MsRPC - ok
23:28:43.0100 0x04a0  [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
23:28:43.0100 0x04a0  mssmbios - ok
23:28:43.0116 0x04a0  [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE          C:\WINDOWS\system32\DRIVERS\MSTEE.sys
23:28:43.0132 0x04a0  MSTEE - ok
23:28:43.0153 0x04a0  [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
23:28:43.0153 0x04a0  MTConfig - ok
23:28:43.0185 0x04a0  [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup            C:\WINDOWS\system32\Drivers\mup.sys
23:28:43.0185 0x04a0  Mup - ok
23:28:43.0216 0x04a0  [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
23:28:43.0233 0x04a0  mvumis - ok
23:28:43.0300 0x04a0  [ AA4CD20708B7E0412A5316D7E2875103, 4E60A0865B7656735F3AB34AF5FE48304138F47DE961D4D16661617D711DEBC0 ] NativeWifiP    C:\WINDOWS\system32\DRIVERS\nwifi.sys
23:28:43.0337 0x04a0  NativeWifiP - ok
23:28:43.0400 0x04a0  [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
23:28:43.0416 0x04a0  NcaSvc - ok
23:28:43.0453 0x04a0  [ 24146738C422814EEB2A98FF1FC5C6E1, 3C70C6768681CE63DED339822EFB36194037B987D92456B9E955061A3A3C63BC ] NcbService      C:\WINDOWS\System32\ncbservice.dll
23:28:43.0469 0x04a0  NcbService - ok
23:28:43.0500 0x04a0  [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
23:28:43.0515 0x04a0  NcdAutoSetup - ok
23:28:43.0553 0x04a0  [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
23:28:43.0568 0x04a0  ndfltr - ok
23:28:43.0668 0x04a0  [ E582DA849A58524E645545FB68B6625D, B74E2CF078F6C575EFC4A2E4293D03FE6BA933307D656E0E57FFA17EF324948D ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
23:28:43.0737 0x04a0  NDIS - ok
23:28:43.0753 0x04a0  [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap        C:\WINDOWS\system32\drivers\ndiscap.sys
23:28:43.0768 0x04a0  NdisCap - ok
23:28:43.0800 0x04a0  [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
23:28:43.0800 0x04a0  NdisImPlatform - ok
23:28:43.0834 0x04a0  [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:28:43.0836 0x04a0  NdisTapi - ok
23:28:43.0868 0x04a0  [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio        C:\WINDOWS\system32\drivers\ndisuio.sys
23:28:43.0868 0x04a0  Ndisuio - ok
23:28:43.0900 0x04a0  [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
23:28:43.0900 0x04a0  NdisVirtualBus - ok
23:28:43.0937 0x04a0  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan        C:\WINDOWS\System32\drivers\ndiswan.sys
23:28:43.0937 0x04a0  NdisWan - ok
23:28:43.0968 0x04a0  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy  C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:28:43.0968 0x04a0  ndiswanlegacy - ok
23:28:43.0984 0x04a0  [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy        C:\WINDOWS\system32\DRIVERS\NDProxy.sys
23:28:43.0999 0x04a0  ndproxy - ok
23:28:44.0068 0x04a0  [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu            C:\WINDOWS\system32\drivers\Ndu.sys
23:28:44.0084 0x04a0  Ndu - ok
23:28:44.0139 0x04a0  [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS        C:\WINDOWS\system32\drivers\netbios.sys
23:28:44.0139 0x04a0  NetBIOS - ok
23:28:44.0186 0x04a0  [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT          C:\WINDOWS\system32\DRIVERS\netbt.sys
23:28:44.0201 0x04a0  NetBT - ok
23:28:44.0217 0x04a0  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon        C:\WINDOWS\system32\lsass.exe
23:28:44.0233 0x04a0  Netlogon - ok
23:28:44.0271 0x04a0  [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman          C:\WINDOWS\System32\netman.dll
23:28:44.0302 0x04a0  Netman - ok
23:28:44.0355 0x04a0  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:28:44.0386 0x04a0  NetMsmqActivator - ok
23:28:44.0402 0x04a0  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:28:44.0417 0x04a0  NetPipeActivator - ok
23:28:44.0502 0x04a0  [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
23:28:44.0534 0x04a0  netprofm - ok
23:28:44.0587 0x04a0  [ C5DEEC4F7ED591D1E322899ADC4EE45F, CA3BE40FA1216F77C6D5B9FD518378DB9561163BFDC90C8CB1C2C2EA4112B263 ] NetSetupSvc    C:\WINDOWS\System32\NetSetupSvc.dll
23:28:44.0602 0x04a0  NetSetupSvc - ok
23:28:44.0639 0x04a0  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:28:44.0639 0x04a0  NetTcpActivator - ok
23:28:44.0655 0x04a0  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:28:44.0671 0x04a0  NetTcpPortSharing - ok
23:28:44.0718 0x04a0  [ 91B32D7036700BEED5343E1F6A7122CC, 8123CA398A79F0E69126F962AA29C2464FAB50182E961CB6A6ADB6CEA09A6732 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
23:28:44.0739 0x04a0  NgcCtnrSvc - ok
23:28:44.0802 0x04a0  [ C64B693DF26EB7BFF25F9BAD8B54D571, 12363E81B329D048E0148739AA542958F7CAF6FF3404BB001AF51850EF84338D ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
23:28:44.0839 0x04a0  NgcSvc - ok
23:28:44.0886 0x04a0  [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
23:28:44.0918 0x04a0  NlaSvc - ok
23:28:44.0955 0x04a0  [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
23:28:44.0971 0x04a0  Npfs - ok
23:28:45.0002 0x04a0  [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig      C:\WINDOWS\System32\drivers\npsvctrig.sys
23:28:45.0002 0x04a0  npsvctrig - ok
23:28:45.0034 0x04a0  [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi            C:\WINDOWS\system32\nsisvc.dll
23:28:45.0039 0x04a0  nsi - ok
23:28:45.0055 0x04a0  [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
23:28:45.0055 0x04a0  nsiproxy - ok
23:28:45.0239 0x04a0  [ 19BD8A88AAC580592668B070AC0727D9, 60DB84895C40E6412BEB2D0E4D7F05891446B9DE992D70579CC90BA3FB27FC01 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
23:28:45.0370 0x04a0  NTFS - ok
23:28:45.0402 0x04a0  [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null            C:\WINDOWS\system32\drivers\Null.sys
23:28:45.0417 0x04a0  Null - ok
23:28:45.0439 0x04a0  [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
23:28:45.0455 0x04a0  nvraid - ok
23:28:45.0470 0x04a0  [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
23:28:45.0486 0x04a0  nvstor - ok
23:28:45.0502 0x04a0  [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
23:28:45.0517 0x04a0  nv_agp - ok
23:28:45.0570 0x04a0  [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
23:28:45.0586 0x04a0  OneSyncSvc - ok
23:28:46.0156 0x04a0  [ 15DBED67D72057BDCD24097654DA5406, CE3C9D4D6177331341A039772688E7263E4A7CCEE85BB0AEF00779EBB23958B1 ] OO DiskImage    C:\Program Files\OO Software\DiskImage\oodiag.exe
23:28:46.0526 0x04a0  OO DiskImage - ok
23:28:46.0590 0x04a0  [ C7E08B48206F455B5310D65D7C8CB13D, A97BD308118426CAE4A1A82E85D79784756C432C36BFE02FFBD024CB7B053DED ] oodisr          C:\WINDOWS\system32\DRIVERS\oodisr.sys
23:28:46.0590 0x04a0  oodisr - ok
23:28:46.0606 0x04a0  [ 73D909163F39E393412A1F0A215BD8F9, 751F69FC1447BE727C12F9C25AB6C5F723E3D33A0482EE7F9661DE14B3A57715 ] oodisrh        C:\WINDOWS\system32\DRIVERS\oodisrh.sys
23:28:46.0606 0x04a0  oodisrh - ok
23:28:46.0655 0x04a0  [ 985A8117829ABEA8BFD83805150DFA4B, 8D3BB089B903B87E29F856A02A46719449FE846DF9E4E0EE23716F9795A5AE78 ] oodivd          C:\WINDOWS\system32\DRIVERS\oodivd.sys
23:28:46.0659 0x04a0  oodivd - ok
23:28:46.0675 0x04a0  [ EF5A29EB82449817D6C671BA6EA3D489, 91AB3ECC9AF58489313F98D32D45C15CDCED29E107AC8C1EBB90DA93C2CF9495 ] oodivdh        C:\WINDOWS\system32\DRIVERS\oodivdh.sys
23:28:46.0675 0x04a0  oodivdh - ok
23:28:46.0754 0x04a0  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
23:28:46.0775 0x04a0  p2pimsvc - ok
23:28:46.0837 0x04a0  [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
23:28:46.0859 0x04a0  p2psvc - ok
23:28:46.0937 0x04a0  [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport        C:\WINDOWS\System32\drivers\parport.sys
23:28:46.0958 0x04a0  Parport - ok
23:28:46.0975 0x04a0  [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr        C:\WINDOWS\system32\drivers\partmgr.sys
23:28:46.0990 0x04a0  partmgr - ok
23:28:47.0074 0x04a0  [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
23:28:47.0106 0x04a0  PcaSvc - ok
23:28:47.0137 0x04a0  [ 1D4E995955BDAE781C46CB97AE1CFB58, FF7475F19782CA253AA839DDB86E5AC20C5785D5CC1DD57D9FECBE4F5A5C0BFB ] pci            C:\WINDOWS\system32\drivers\pci.sys
23:28:47.0159 0x04a0  pci - ok
23:28:47.0206 0x04a0  [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
23:28:47.0206 0x04a0  pciide - ok
23:28:47.0222 0x04a0  [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
23:28:47.0237 0x04a0  pcmcia - ok
23:28:47.0275 0x04a0  [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw            C:\WINDOWS\system32\drivers\pcw.sys
23:28:47.0275 0x04a0  pcw - ok
23:28:47.0290 0x04a0  [ 48F3A3222CF340FE31535CB6D49C6D6F, 5F8904871219FA6C1BD74747583855B0FBCE42F340A3BE10270D8D3F02766E9D ] pdc            C:\WINDOWS\system32\drivers\pdc.sys
23:28:47.0306 0x04a0  pdc - ok
23:28:47.0375 0x04a0  [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
23:28:47.0422 0x04a0  PEAUTH - ok
23:28:47.0437 0x04a0  [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i      C:\WINDOWS\system32\drivers\percsas2i.sys
23:28:47.0437 0x04a0  percsas2i - ok
23:28:47.0459 0x04a0  [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i      C:\WINDOWS\system32\drivers\percsas3i.sys
23:28:47.0459 0x04a0  percsas3i - ok
23:28:47.0574 0x04a0  [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
23:28:47.0574 0x04a0  PerfHost - ok
23:28:47.0674 0x04a0  [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
23:28:47.0721 0x04a0  PhoneSvc - ok
23:28:47.0759 0x04a0  [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
23:28:47.0774 0x04a0  PimIndexMaintenanceSvc - ok
23:28:47.0974 0x04a0  [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla            C:\WINDOWS\system32\pla.dll
23:28:48.0058 0x04a0  pla - ok
23:28:48.0174 0x04a0  [ D1756AD36C8BC48728466E11FD7307B8, A229F406EFA65887E36F392329DBD9C377BEC70D6613EFE22A06FD402DCD9F4A ] PlaysService    C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
23:28:48.0174 0x04a0  PlaysService - ok
23:28:48.0236 0x04a0  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
23:28:48.0236 0x04a0  PlugPlay - ok
23:28:48.0274 0x04a0  [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg    C:\WINDOWS\system32\pnrpauto.dll
23:28:48.0290 0x04a0  PNRPAutoReg - ok
23:28:48.0337 0x04a0  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc        C:\WINDOWS\system32\pnrpsvc.dll
23:28:48.0359 0x04a0  PNRPsvc - ok
23:28:48.0421 0x04a0  [ 5A91C28F99043215121499257468C4BD, 816D2AEBA29B8A050747E01CE11EB12A05C1CDDF91835C44BBB6A7B9D348B15A ] PolicyAgent    C:\WINDOWS\System32\ipsecsvc.dll
23:28:48.0455 0x04a0  PolicyAgent - ok
23:28:48.0490 0x04a0  [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power          C:\WINDOWS\system32\umpo.dll
23:28:48.0490 0x04a0  Power - ok
23:28:48.0537 0x04a0  [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
23:28:48.0537 0x04a0  PptpMiniport - ok
23:28:48.0821 0x04a0  [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify    C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
23:28:49.0065 0x04a0  PrintNotify - ok
23:28:49.0143 0x04a0  [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor      C:\WINDOWS\System32\drivers\processr.sys
23:28:49.0149 0x04a0  Processor - ok
23:28:49.0196 0x04a0  [ 7E0078F1EFEB6F8F47CF85C1D73C7EBC, 831BC3CE72F29AD259DEE7121D6F785CE0A8462CFB69DD7FB1F3BDAF16CDBF3E ] ProfSvc        C:\WINDOWS\system32\profsvc.dll
23:28:49.0227 0x04a0  ProfSvc - ok
23:28:49.0264 0x04a0  [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
23:28:49.0280 0x04a0  Psched - ok
23:28:49.0349 0x04a0  [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE          C:\WINDOWS\system32\qwave.dll
23:28:49.0364 0x04a0  QWAVE - ok
23:28:49.0380 0x04a0  [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
23:28:49.0396 0x04a0  QWAVEdrv - ok
23:28:49.0427 0x04a0  [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:28:49.0427 0x04a0  RasAcd - ok
23:28:49.0470 0x04a0  [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn    C:\WINDOWS\System32\drivers\AgileVpn.sys
23:28:49.0470 0x04a0  RasAgileVpn - ok
23:28:49.0501 0x04a0  [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto        C:\WINDOWS\System32\rasauto.dll
23:28:49.0517 0x04a0  RasAuto - ok
23:28:49.0548 0x04a0  [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp        C:\WINDOWS\System32\drivers\rasl2tp.sys
23:28:49.0548 0x04a0  Rasl2tp - ok

M-K-D-B 23.04.2016 20:52
Servus,




Zukünftig bitte beachten:
Zitat:
Gestartet von C:\Users\PC\Downloads
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.



Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. (Bebilderte Anleitung zu AdwCleaner)
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • "Prefetch" Dateien löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Chrome Einstellungen zurücksetzen
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.

Monstera 24.04.2016 00:09
Ich hoffe alles richtig gemacht zu haben.
Hier nun FRST.text und Additos.tx
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
durchgeführt von PC (Administrator) auf PC-PC (24-04-2016 00:48:00)
Gestartet von C:\Users\PC\Desktop
Geladene Profile: PC (Verfügbare Profile: PC & Gast & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Malwarebytes) C:\Users\PC\Desktop\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(LULU Software Limited) C:\Program Files (x86)\Soda PDF 3D Reader\HelperService.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Users\PC\Desktop\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(O&O Software GmbH) C:\Program Files\OO Software\DiskImage\oodiag.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Farbar) C:\Users\PC\Desktop\FRST64 (1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2015-11-27] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-28] (Synaptics Incorporated)
HKLM\...\Run: [OODITRAY.EXE] => C:\Program Files\OO Software\DiskImage\ooditray.exe [6360824 2015-08-28] (O&O Software GmbH)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-03-03] (Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [56592 2016-03-03] (Raptr, Inc)
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\Run: [F579D32520C4CBAF298862F1BEDBBDD0A557E2BB._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1003160 2016-04-06] (Google Inc.)
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51662464 2016-04-08] (Skype Technologies S.A.)
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\Run: [AntiBrowserSpy - BrowserMask] => C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [816640 2016-01-08] ()
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\MountPoints2: {8d0e7b99-e9a4-11e5-b6ff-20689d1e57b6} - "G:\autorun.exe"
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\MountPoints2: {9e81865e-3b60-11e5-88d7-806e6f6e6963} - "D:\start.exe"
ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => C:\Program Files\OO Software\DiskImage\oodishi.dll [2015-08-28] (O&O Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2015-11-24]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-04-24]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{1f20a2f8-5f46-48e6-b412-693bd924926d}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{6dc7b702-0c45-4de1-a402-3cc3d6fa48c0}: [DhcpNameServer] 82.163.143.171
Tcpip\..\Interfaces\{c4506c39-3486-446e-aa19-5eac0360af24}: [DhcpNameServer] 82.163.143.171
Tcpip\..\Interfaces\{fd1e8feb-c8f3-4d2a-ac61-a21c3b3c1abc}: [DhcpNameServer] 82.163.143.171

Internet Explorer:
==================
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
SearchScopes: HKU\S-1-5-21-261562712-3610274027-2406615811-1000 -> {C1EE5DD0-D6CE-4591-AC55-509365F26D03} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=chr-yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-261562712-3610274027-2406615811-1000 -> {E71A49A3-7DFF-4CFD-801F-79BA30EDA49B} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-19] (Google Inc.)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-25] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-25] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-19] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19] (Google Inc.)
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-19] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://google.de/
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR DefaultSearchURL: Default -> hxxp://www.yessearches.com/chrome.php?q={searchTerms}&ts=AHEpC3YnA3AqAE..&v=20160323&uid=A7608D7CBCBC8C550A10284618D43029&ptid=cos1&mode=nnnb
CHR DefaultSearchKeyword: Default -> yessearches
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-05]
CHR Extension: (Google Docs) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-05]
CHR Extension: (Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2016-04-22]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-25]
CHR Extension: (Adblock Plus) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-08]
CHR Extension: (Google-Suche) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-16]
CHR Extension: (Google Tabellen) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-05]
CHR Extension: (Ad.Block Plus+) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopfmfbdadhahnjfgcbfcflmnlgpgggg [2016-01-05]
CHR Extension: (Google Docs Offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-25]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-21]
CHR Extension: (Google Mail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-05]
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2016-03-06] (Adobe Systems) [Datei ist nicht signiert]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S2 Everything; C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] () [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
R2 MBAMScheduler; C:\Users\PC\Desktop\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Users\PC\Desktop\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [7766264 2015-08-28] (O&O Software GmbH)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-03-03] (Plays.tv, LLC)
R2 Soda PDF 3D Reader Helper Service; C:\Program Files (x86)\Soda PDF 3D Reader\HelperService.exe [1162592 2013-08-19] (LULU Software Limited)
S2 Soda PDF 3D Reader Service; C:\Program Files (x86)\Soda PDF 3D Reader\ConversionService.exe [852320 2013-08-19] (LULU Software Limited)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4318760 2015-08-28] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-09-18] (Advanced Micro Devices)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-24] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [116888 2015-08-28] (O&O Software GmbH)
R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [41112 2015-08-28] (O&O Software GmbH)
R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [255640 2015-08-28] (O&O Software GmbH)
R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44696 2015-08-28] (O&O Software GmbH)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30544 2016-02-17] (HP)
U3 DfSdkS; kein ImagePath
U3 idsvc; kein ImagePath
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-24 00:48 - 2016-04-24 00:49 - 00016632 _____ C:\Users\PC\Desktop\FRST.txt
2016-04-24 00:46 - 2016-04-24 00:46 - 02375680 _____ (Farbar) C:\Users\PC\Desktop\FRST64 (1).exe
2016-04-24 00:45 - 2016-04-24 00:46 - 02375680 _____ (Farbar) C:\Users\PC\Downloads\FRST64 (1).exe
2016-04-24 00:42 - 2016-04-24 00:42 - 00001011 _____ C:\Users\PC\Desktop\JRT.txt
2016-04-24 00:34 - 2016-04-24 00:34 - 01610008 _____ (Malwarebytes) C:\Users\PC\Desktop\JRT.exe
2016-04-24 00:33 - 2016-04-24 00:33 - 01610008 _____ (Malwarebytes) C:\Users\PC\Downloads\JRT.exe
2016-04-24 00:31 - 2016-04-24 00:31 - 00001453 _____ C:\Users\PC\Desktop\mbam.txt
2016-04-23 23:21 - 2016-04-24 00:18 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-04-23 23:20 - 2016-04-24 00:14 - 00000873 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-23 23:20 - 2016-04-23 23:20 - 00000000 ____D C:\Users\PC\Desktop\Malwarebytes Anti-Malware
2016-04-23 23:20 - 2016-04-23 23:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-23 23:20 - 2016-04-23 23:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-23 23:20 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-04-23 23:20 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-04-23 23:20 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-04-23 23:16 - 2016-04-23 23:17 - 22851472 _____ (Malwarebytes ) C:\Users\PC\Downloads\mbam-setup-2.2.1.1043.exe
2016-04-23 23:14 - 2016-04-23 23:18 - 22851472 _____ (Malwarebytes ) C:\Users\PC\Desktop\mbam-setup-2.2.1.1043.exe
2016-04-23 23:12 - 2016-04-23 23:12 - 00002224 _____ C:\Users\PC\Desktop\AdwCleaner[C3].txt
2016-04-23 22:55 - 2016-04-23 22:56 - 03683904 _____ C:\Users\PC\Desktop\AdwCleaner_5.112 (1).exe
2016-04-23 22:12 - 2016-04-24 00:14 - 00001469 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Snipping Tool Plus.lnk
2016-04-23 22:10 - 2016-04-23 22:10 - 00000000 ____D C:\Users\PC\AppData\Roaming\www.rene-zeidler.de
2016-04-23 22:10 - 2016-04-23 22:10 - 00000000 ____D C:\Users\PC\AppData\Local\www.rene-zeidler.de
2016-04-23 22:10 - 2016-04-23 22:10 - 00000000 ____D C:\ProgramData\www.rene-zeidler.de
2016-04-23 22:08 - 2016-04-23 22:09 - 00000000 ____D C:\Users\PC\Downloads\SnippingToolPlusv3-4-1-0
2016-04-23 01:32 - 2016-04-23 01:32 - 00000000 ____D C:\Users\PC\Desktop\Matthias
2016-04-22 23:32 - 2016-04-22 23:36 - 00264124 _____ C:\TDSSKiller.3.1.0.9_22.04.2016_23.32.14_log.txt
2016-04-22 23:27 - 2016-04-22 23:30 - 00264222 _____ C:\TDSSKiller.3.1.0.9_22.04.2016_23.27.57_log.txt
2016-04-22 23:26 - 2016-04-22 23:26 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\PC\Downloads\tdsskiller.exe
2016-04-22 23:19 - 2016-04-22 23:22 - 00041239 _____ C:\Users\PC\Downloads\Addition.txt
2016-04-22 23:16 - 2016-04-24 00:48 - 00000000 ____D C:\FRST
2016-04-22 23:16 - 2016-04-22 23:22 - 00060816 _____ C:\Users\PC\Downloads\FRST.txt
2016-04-22 23:15 - 2016-04-22 23:16 - 02375680 _____ (Farbar) C:\Users\PC\Downloads\FRST64.exe
2016-04-22 18:25 - 2016-04-23 21:51 - 00033280 _____ C:\Users\PC\Documents\Test-Moni.xls
2016-04-22 12:34 - 2016-04-23 23:08 - 00000000 ____D C:\AdwCleaner
2016-04-22 12:34 - 2016-04-22 12:34 - 03683904 _____ C:\Users\PC\Downloads\AdwCleaner_5.112.exe
2016-04-22 11:17 - 2016-04-22 11:18 - 00000000 ____D C:\Users\PC\Desktop\Spiele
2016-04-22 11:10 - 2016-04-22 11:11 - 00000000 ____D C:\Users\PC\Desktop\Konstruktionsapp
2016-04-22 08:21 - 2016-04-24 00:16 - 00000000 ____D C:\Users\PC\AppData\Roaming\Everything
2016-04-22 08:21 - 2016-04-22 08:21 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2016-04-22 08:21 - 2016-04-22 08:21 - 00000000 ____D C:\Program Files\Everything
2016-04-20 18:07 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-20 18:07 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-20 18:07 - 2016-03-29 10:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-20 18:07 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-20 18:07 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-20 18:07 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-20 18:07 - 2016-03-29 09:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-20 18:07 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-20 18:07 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-20 18:07 - 2016-03-29 09:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-20 18:07 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-20 18:07 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-20 18:07 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-20 18:07 - 2016-03-29 08:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-20 18:07 - 2016-03-29 08:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-20 18:07 - 2016-03-29 08:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-20 18:07 - 2016-03-29 08:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-20 18:07 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-20 18:07 - 2016-03-29 07:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-20 18:07 - 2016-03-29 07:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-20 18:07 - 2016-03-29 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-20 18:07 - 2016-03-29 07:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-20 18:07 - 2016-03-29 07:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-20 18:06 - 2016-03-29 12:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-20 18:06 - 2016-03-29 12:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-20 18:06 - 2016-03-29 10:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-20 18:06 - 2016-03-29 09:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-20 18:06 - 2016-03-29 09:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-20 18:06 - 2016-03-29 09:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-20 18:06 - 2016-03-29 08:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-20 18:06 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-20 18:06 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-20 18:06 - 2016-03-29 08:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-20 18:06 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-20 18:06 - 2016-03-29 08:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-20 18:06 - 2016-03-29 07:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-20 18:06 - 2016-03-29 07:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-20 18:05 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-20 18:05 - 2016-04-02 05:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-20 18:05 - 2016-04-02 05:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-20 18:05 - 2016-04-02 05:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-20 18:05 - 2016-04-02 05:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-20 18:05 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-20 18:05 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-20 18:05 - 2016-03-29 11:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-20 18:05 - 2016-03-29 10:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-20 18:05 - 2016-03-29 09:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-20 18:05 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-20 18:05 - 2016-03-29 09:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-20 18:05 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-20 18:05 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-20 18:05 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-20 18:05 - 2016-03-29 08:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-20 18:05 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-20 18:05 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-20 18:05 - 2016-03-29 08:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-20 18:05 - 2016-03-29 08:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-20 18:05 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-20 18:05 - 2016-03-29 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-20 18:05 - 2016-03-29 07:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-20 18:05 - 2016-03-29 07:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-20 18:05 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-20 18:05 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-20 18:05 - 2016-03-29 07:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-20 18:05 - 2016-03-29 07:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-20 18:04 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-20 18:04 - 2016-04-02 06:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-20 18:04 - 2016-04-02 05:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-20 18:04 - 2016-04-02 05:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-20 18:04 - 2016-04-02 05:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-20 18:04 - 2016-04-02 05:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-20 18:04 - 2016-04-02 05:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-20 18:04 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-20 18:04 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-20 18:04 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-20 18:04 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-20 18:04 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-20 18:04 - 2016-03-29 11:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-20 18:04 - 2016-03-29 11:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-20 18:04 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-20 18:04 - 2016-03-29 10:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-20 18:04 - 2016-03-29 10:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-20 18:04 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-20 18:04 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-20 18:04 - 2016-03-29 09:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-20 18:04 - 2016-03-29 09:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-20 18:04 - 2016-03-29 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-20 18:04 - 2016-03-29 09:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-20 18:04 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-20 18:04 - 2016-03-29 09:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-20 18:04 - 2016-03-29 09:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-20 18:04 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-20 18:04 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-20 18:04 - 2016-03-29 09:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-20 18:04 - 2016-03-29 09:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-20 18:04 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-20 18:04 - 2016-03-29 09:14 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-04-20 18:04 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-20 18:04 - 2016-03-29 09:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-20 18:04 - 2016-03-29 09:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-20 18:04 - 2016-03-29 09:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-20 18:04 - 2016-03-29 09:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-20 18:04 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-20 18:04 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-20 18:04 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-20 18:04 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-20 18:04 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-20 18:04 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-20 18:04 - 2016-03-29 08:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-20 18:04 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-20 18:04 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-20 18:04 - 2016-03-29 08:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-20 18:04 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-20 18:04 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-20 18:04 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-20 18:04 - 2016-03-29 08:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-20 18:04 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-20 18:04 - 2016-03-29 08:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-20 18:04 - 2016-03-29 08:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-20 18:04 - 2016-03-29 08:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-20 18:04 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-20 18:04 - 2016-03-29 08:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-20 18:04 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-20 18:04 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-20 18:04 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-20 18:04 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-20 18:04 - 2016-03-29 08:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-20 18:04 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-20 18:04 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-20 18:04 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-20 18:04 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-20 18:03 - 2016-04-02 05:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-20 18:03 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-20 18:03 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-20 18:03 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-20 18:03 - 2016-03-29 11:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-20 18:03 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-20 18:03 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-20 18:03 - 2016-03-29 10:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-20 18:03 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-20 18:03 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-20 18:03 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-20 18:03 - 2016-03-29 09:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-20 18:03 - 2016-03-29 09:51 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-04-20 18:03 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-20 18:03 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-20 18:03 - 2016-03-29 09:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-20 18:03 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-20 18:03 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-20 18:03 - 2016-03-29 09:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-20 18:03 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-20 18:03 - 2016-03-29 09:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-20 18:03 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-20 18:03 - 2016-03-29 09:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-20 18:03 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-20 18:03 - 2016-03-29 09:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-20 18:03 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-20 18:03 - 2016-03-29 08:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-20 18:03 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-20 18:03 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-20 18:03 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-20 18:03 - 2016-03-29 08:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-20 18:03 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-20 18:03 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-20 18:03 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-20 18:03 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-20 18:03 - 2016-03-29 08:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-20 18:03 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-20 18:03 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-20 18:03 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-20 18:03 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-20 18:03 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-20 18:02 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-20 18:02 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-20 18:02 - 2016-04-02 05:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-20 18:02 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-20 18:02 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-20 18:02 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-20 18:02 - 2016-03-29 11:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-20 18:02 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-20 18:02 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-20 18:02 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-20 18:02 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-20 18:02 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-20 18:02 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-20 18:02 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-20 18:02 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-20 18:02 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-20 18:02 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-20 18:02 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-20 18:02 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-20 18:02 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-20 18:02 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-20 18:02 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-20 18:02 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-20 18:02 - 2016-03-29 09:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-20 18:02 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-20 18:02 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-20 18:02 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-20 18:02 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-20 18:02 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-20 18:02 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-20 18:02 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-20 18:02 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-20 18:02 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-20 18:02 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-20 18:02 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-20 18:02 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-20 18:02 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-20 18:02 - 2016-03-29 08:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-20 18:02 - 2016-03-29 08:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-20 18:02 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-20 18:02 - 2016-03-29 08:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-20 18:02 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-20 18:02 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-20 18:01 - 2016-04-02 05:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-20 18:01 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-20 18:01 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-20 18:01 - 2016-04-02 05:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-20 18:01 - 2016-04-02 05:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-20 18:01 - 2016-04-02 05:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-20 18:01 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-20 18:01 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-20 18:01 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-20 18:01 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-20 18:01 - 2016-03-29 09:54 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-04-20 18:01 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-20 18:01 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-20 18:01 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-20 18:01 - 2016-03-29 09:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-20 18:01 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-20 18:01 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-20 18:01 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-20 18:01 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-20 18:01 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-20 18:01 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-20 18:01 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-20 18:01 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-20 18:01 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-20 18:01 - 2016-03-29 08:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-20 18:01 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-20 18:01 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-20 18:01 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-20 18:01 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-20 18:01 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-20 18:01 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-20 18:01 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-20 18:01 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-20 18:01 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-20 18:00 - 2016-04-02 05:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-20 18:00 - 2016-03-29 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-20 18:00 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-20 18:00 - 2016-03-29 10:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-20 18:00 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-20 18:00 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-20 18:00 - 2016-03-29 10:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-20 18:00 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-20 18:00 - 2016-03-29 09:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-20 18:00 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-20 18:00 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-20 18:00 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-20 18:00 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-20 18:00 - 2016-03-29 09:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-20 18:00 - 2016-03-29 09:49 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-04-20 18:00 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-20 18:00 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-20 18:00 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-20 18:00 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-20 18:00 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-20 18:00 - 2016-03-29 08:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-20 18:00 - 2016-03-29 08:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-20 18:00 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-20 17:59 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-20 17:59 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-20 17:59 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-20 17:59 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-20 17:59 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-20 17:59 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-20 17:59 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-20 17:59 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-20 17:59 - 2016-03-29 08:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-20 17:57 - 2016-03-29 09:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-20 17:56 - 2016-03-29 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-20 17:56 - 2016-03-29 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-20 17:56 - 2016-03-29 09:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-20 17:56 - 2016-03-29 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-20 17:56 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-20 17:55 - 2016-03-29 09:14 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-04-20 17:54 - 2016-03-29 09:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-20 17:49 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-20 16:31 - 2016-04-20 16:31 - 00055041 ___RT C:\Users\PC\Documents\Projektplan_Berliner Stadtmission.xlsx
2016-03-30 13:13 - 2016-04-22 11:12 - 00000000 ___RD C:\Users\PC\Desktop\Musikabspielpro
2016-03-30 13:08 - 2016-04-23 01:31 - 00000000 ____D C:\Users\PC\Desktop\Wartung
2016-03-30 13:07 - 2016-03-30 13:09 - 00000000 ____D C:\Users\PC\Desktop\Bilderbearbeitung
2016-03-28 17:22 - 2016-03-28 17:22 - 141270216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MRT.exe
2016-03-28 17:21 - 2016-03-28 17:22 - 29011992 _____ (Microsoft Corporation) C:\Users\PC\Downloads\FileFormatConverters4 (2).exe
2016-03-28 16:58 - 2016-03-28 17:21 - 54887136 _____ (Microsoft Corporation) C:\Users\PC\Downloads\Windows-KB890830-V5.34.exe
2016-03-28 16:58 - 2016-03-28 17:06 - 373578968 _____ (Microsoft Corporation) C:\Users\PC\Downloads\office2007sp3-kb2526086-fullfile-de-de.exe
2016-03-28 16:58 - 2016-03-28 17:01 - 39074536 _____ (Microsoft Corporation) C:\Users\PC\Downloads\FileFormatConverters.exe
2016-03-28 16:41 - 2016-03-28 16:41 - 00000000 ____D C:\Program Files (x86)\MSECache
2016-03-28 16:37 - 2016-03-28 16:38 - 29011992 _____ (Microsoft Corporation) C:\Users\PC\Downloads\FileFormatConverters4 (1).exe
2016-03-28 16:37 - 2016-03-28 16:37 - 29011992 _____ (Microsoft Corporation) C:\Users\PC\Downloads\FileFormatConverters4.exe
2016-03-27 12:28 - 2016-03-27 12:37 - 02869760 _____ C:\Users\PC\Downloads\lottozahlen_archiv (1).xls
2016-03-27 10:54 - 2016-03-27 10:55 - 00987728 _____ (Google Inc.) C:\Users\PC\Downloads\ChromeSetup.exe
2016-03-26 08:57 - 2016-03-26 08:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hex-Editor MX
2016-03-26 08:56 - 2016-03-26 08:57 - 00000000 ____D C:\Program Files (x86)\Hex-Editor MX
2016-03-26 08:55 - 2016-03-26 08:55 - 00860736 _____ C:\Users\PC\Downloads\hexedit602.zip
2016-03-25 20:30 - 2016-03-25 20:30 - 00000000 ____D C:\Users\PC\AppData\Roaming\dlg
2016-03-25 20:26 - 2016-03-25 21:10 - 00000000 ____D C:\Program Files\fe1920a152aa161f127ed1ed733a8acb
2016-03-25 20:26 - 2016-03-25 20:26 - 00000000 ____D C:\extensions
2016-03-25 20:25 - 2016-03-25 20:26 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-03-25 19:59 - 2016-03-25 19:59 - 00015428 _____ C:\Users\PC\RefEdit.exd
2016-03-25 19:59 - 2016-03-25 19:59 - 00011776 _____ C:\Users\PC\Downloads\Winkel.xls

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-24 00:25 - 2015-12-02 20:52 - 02086168 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-24 00:25 - 2015-10-30 20:35 - 00889250 _____ C:\WINDOWS\system32\perfh007.dat
2016-04-24 00:25 - 2015-10-30 20:35 - 00197298 _____ C:\WINDOWS\system32\perfc007.dat
2016-04-24 00:25 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-24 00:19 - 2015-12-02 17:07 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d12d13235539a1.job
2016-04-24 00:17 - 2015-12-02 21:12 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-24 00:17 - 2015-10-30 20:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-04-24 00:16 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-04-24 00:15 - 2016-03-06 22:22 - 00001904 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Q-Dir.lnk
2016-04-24 00:15 - 2016-03-06 13:39 - 00002158 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk
2016-04-24 00:15 - 2016-03-06 13:37 - 00002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk
2016-04-24 00:15 - 2016-03-06 13:36 - 00002118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS2.lnk
2016-04-24 00:15 - 2016-03-06 13:36 - 00002115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady CS2.lnk
2016-04-24 00:15 - 2016-01-06 16:52 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-04-24 00:15 - 2016-01-06 16:52 - 00002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif DrawPlus X6.lnk
2016-04-24 00:15 - 2016-01-06 16:23 - 00002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif PhotoPlus Organizer.lnk
2016-04-24 00:15 - 2016-01-06 16:23 - 00002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif PhotoPlus X7.lnk
2016-04-24 00:15 - 2015-12-17 16:38 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-04-24 00:15 - 2015-12-02 21:03 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-24 00:15 - 2015-11-24 14:49 - 00002715 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Excel.lnk
2016-04-24 00:15 - 2015-11-24 14:49 - 00002683 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Word.lnk
2016-04-24 00:15 - 2015-11-24 14:49 - 00002635 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Office-Dokument öffnen.lnk
2016-04-24 00:15 - 2015-11-24 14:49 - 00002631 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Neues Office-Dokument.lnk
2016-04-24 00:15 - 2015-08-05 13:05 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-24 00:14 - 2015-12-17 10:02 - 00001047 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2016-04-24 00:14 - 2015-12-02 21:35 - 00002409 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-24 00:14 - 2015-11-16 16:32 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2016-04-24 00:14 - 2015-08-05 13:06 - 00001361 _____ C:\Users\Public\Desktop\CyberLink YouCam.lnk
2016-04-23 23:17 - 2015-12-02 17:07 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d12d13239242a7.job
2016-04-23 23:06 - 2015-11-16 16:32 - 00000000 ____D C:\Users\PC\AppData\Roaming\Skype
2016-04-23 23:05 - 2015-11-08 15:46 - 00000000 ____D C:\KeePass2.29
2016-04-23 22:21 - 2016-03-04 04:35 - 00004144 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B6C246B2-FD71-44F9-BCE6-EB4B4C5BE06A}
2016-04-22 22:41 - 2015-10-25 23:20 - 00000332 _____ C:\WINDOWS\Tasks\HPCeeScheduleForPC.job
2016-04-22 20:57 - 2015-12-04 20:04 - 00000000 ____D C:\Users\PC\AppData\Roaming\MediaMonkey
2016-04-22 13:17 - 2015-10-25 23:20 - 00003212 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForPC
2016-04-22 12:45 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-22 11:20 - 2015-12-02 21:35 - 00000000 ___RD C:\Users\PC\OneDrive
2016-04-22 09:57 - 2010-11-21 05:27 - 00453288 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-22 09:16 - 2015-12-08 13:52 - 00000000 ____D C:\Users\PC\AppData\Roaming\XnView
2016-04-22 04:01 - 2015-12-02 20:53 - 00000000 ____D C:\Users\PC
2016-04-21 15:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-21 12:38 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-21 12:29 - 2015-12-02 20:39 - 00463504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-20 19:46 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-20 19:46 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-20 19:46 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-20 19:46 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-20 19:33 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-20 19:30 - 2015-08-12 21:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-20 19:24 - 2015-08-12 21:00 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-20 18:43 - 2015-11-16 16:32 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-20 18:43 - 2015-11-16 16:31 - 00000000 ____D C:\ProgramData\Skype
2016-04-20 18:35 - 2015-12-02 21:27 - 00000000 ____D C:\Users\PC\AppData\Local\Packages
2016-04-06 20:32 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-06 20:32 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-30 13:16 - 2016-03-05 06:36 - 00000000 ____D C:\Program Files (x86)\Lux3
2016-03-30 09:42 - 2016-03-08 23:00 - 00000000 ____D C:\ProgramData\eJay
2016-03-30 09:35 - 2016-03-08 16:04 - 00000000 ____D C:\Program Files (x86)\MAGIX
2016-03-30 09:35 - 2016-03-08 16:03 - 00000000 ____D C:\ProgramData\MAGIX
2016-03-28 17:02 - 2015-11-24 14:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-03-25 21:11 - 2015-12-02 21:27 - 00000000 ____D C:\Users\DefaultAppPool
2016-03-25 21:11 - 2015-12-02 20:53 - 00000000 ____D C:\Users\Gast
2016-03-25 21:11 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-03-25 21:11 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\servicing
2016-03-25 21:10 - 2016-03-06 13:10 - 00000000 ____D C:\Users\PC\Projects Series
2016-03-25 21:10 - 2016-03-06 13:10 - 00000000 ____D C:\Users\PC\PhotoBuzzer Projects 1
2016-03-25 21:10 - 2016-03-06 09:45 - 00000000 ____D C:\Users\PC\AppData\Local\Abelssoft
2016-03-25 21:00 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\registration
2016-03-25 17:57 - 2016-01-28 19:39 - 00143272 _____ C:\Users\PC\AppData\Roaming\GDIPFONTCACHEV1.DAT

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-01-05 13:56 - 2016-01-05 13:56 - 0000037 ___SH () C:\Users\PC\AppData\Local\70149b02515b3bb20dd492.47983420
2015-12-04 23:05 - 2015-12-04 23:05 - 0004608 _____ () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Einige Dateien in TEMP:
====================
C:\Users\PC\AppData\Local\Temp\libeay32.dll
C:\Users\PC\AppData\Local\Temp\msvcr120.dll
C:\Users\PC\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-20 17:49

==================== Ende von FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-04-2016
durchgeführt von PC (2016-04-24 00:51:25)
Gestartet von C:\Users\PC\Desktop
Windows 10 Home Version 1511 (X64) (2015-12-02 19:27:34)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-261562712-3610274027-2406615811-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-261562712-3610274027-2406615811-503 - Limited - Disabled)
Gast (S-1-5-21-261562712-3610274027-2406615811-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-261562712-3610274027-2406615811-1003 - Limited - Enabled)
PC (S-1-5-21-261562712-3610274027-2406615811-1000 - Administrator - Enabled) => C:\Users\PC

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
AllDup 3.4.24 (HKLM-x32\...\AllDup_is1) (Version: 3.4.24 - Michael Thummerer Software Design)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
AntiBrowserSpy (HKLM-x32\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 169 - Abelssoft)
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo WinOptimizer 2016 (HKLM-x32\...\{4209F371-38F5-0B47-1C5B-A4A8456950A3}_is1) (Version: 12.00.40 - Ashampoo GmbH & Co. KG)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
COMPUTER BILD-App-Starter  (HKLM-x32\...\COMPUTER BILD-App-Starter) (Version:  - )
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
DC Toolkit Pro 2 Architekt (HKLM-x32\...\DC Toolkit Pro 2 Architekt_is1) (Version: 2.0.0 - Franzis Verlag)
DC Toolkit Pro 2 Ingenieur (HKLM-x32\...\DC Toolkit Pro 2 Ingenieur_is1) (Version: 2.0.0 - Franzis Verlag)
DC Toolkit Pro 2 Tischler (HKLM-x32\...\DC Toolkit Pro 2 Tischler_is1) (Version: 2.0.0 - Franzis Verlag)
DesignCAD 3D Max 23 (HKLM-x32\...\{01835371-C7CE-4307-A9F9-2DC37DA5293D}) (Version: 23.0.0 - IMSIDesign)
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version:  - )
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.173.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.2.8.17 - Hewlett-Packard Company)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Kyodai Mahjongg 2006 v1.42 (HKLM-x32\...\Kyodai Mahjongg 2006_is1) (Version:  - Rene-Gilles Deberdt)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LAV Filters 0.64 (HKLM-x32\...\lavfilters_is1) (Version: 0.64 - Hendrik Leppkes)
Mahjongg - Ancient Mayas (HKLM-x32\...\{BDA4BA81-D380-4596-95D3-5D8FA612FDA1}_is1) (Version:  - cerasus.media GmbH)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft Office XP Professional mit FrontPage (HKLM-x32\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.01 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
O&O DiskImage Professional (HKLM\...\{10C83530-840D-4AA3-994A-A9B9559B56C5}) (Version: 9.10.102 - O&O Software GmbH)
Photo BUZZER (64-Bit) (HKLM\...\EMOTION_PROJECTS_1_2_CDF5610E_is1) (Version: 1.14 - Franzis Verlag GmbH)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.8.8-r109999-release - Plays.tv, LLC)
Q-Dir (HKLM-x32\...\Q-Dir) (Version:  - )
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.0.3-r110001-release - Raptr, Inc)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.54.309.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6652 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29005 - Realtek Semiconductor Corp.)
Serif DrawPlus X6 (HKLM\...\{8A8AB2D3-53DE-4A65-8D35-68A09AA1AD7A}) (Version: 13.0.3.26 - Serif (Europe) Ltd)
Serif PhotoPlus X7 (HKLM\...\{7B7344AA-B8E3-4A86-B499-517B7E2F6CB3}) (Version: 17.0.3.023 - Serif (Europe) Ltd)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Soda PDF 3D Reader (HKLM-x32\...\{025C48E1-4695-4F49-906E-EBABCD54EA51}) (Version: 5.0.30.11889 - LULU Software Limited)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.19-0 - Bitnami)
XnView 2.34 (HKLM-x32\...\XnView_is1) (Version: 2.34 - Gougelet Pierre-e)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-261562712-3610274027-2406615811-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\PC\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02CF7A3F-AAD8-4E61-B716-7DBF67C62160} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {083DC944-E27B-4EF0-BE3A-6A8B9CBFC6A6} - System32\Tasks\{DA10FA2B-437F-4571-A584-D0387598B2E1} => pcalua.exe -a E:\sp57434.exe -d E:\
Task: {09229287-FF30-48DB-9DE5-91E55E89E074} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {0AB690DA-867C-4EDB-AA55-892133CDB826} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {1325C51C-5CC3-4DF3-B7C9-5B57E5123167} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {1606EAEC-B83E-4107-9867-F338B4922033} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {1A2EBA06-C61F-4C4C-95E3-CA9BFE43FCBE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {1BBA0ECC-16DF-4F48-ACE3-DBC900C1FF77} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {1C9B5F6C-EF78-49FE-A751-3ADD6F983855} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {2489FFE5-74F6-4214-AA7B-3F91D7861FC6} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {25F5691A-40A5-4C51-A023-5868C329C30B} - System32\Tasks\GoogleUpdateTaskMachineUA1d12d13239242a7 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-05] (Google Inc.)
Task: {27DF7894-4511-41CB-A2B5-5782D30905AA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2EAC86C0-E1D1-4E10-B0BF-B6B3CEBDCA28} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {326554BD-203C-4386-B368-8D2C3C9B0C19} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {3776E8F3-C578-4CFA-AA31-4ED66052B967} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {3BA80EFA-741E-4339-B123-E5E776BB75DE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {3CA58688-DC7F-40F8-A2CA-8C14FDDA1AB9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {429E8375-B79A-4594-BFE9-645B12E10D9F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-04-05] (HP Inc.)
Task: {4FB532F7-2023-406C-9928-0CE390D4F55D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-03-11] (Hewlett-Packard)
Task: {50876B6C-6ACA-4C96-AA98-CA8E6AE29AAD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {6047C20E-9A0E-4C77-A366-153386332B3F} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {610E1FB8-3626-490B-BF08-4B5F06FB16DD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {68B7518E-247D-4C6F-8B0F-5858D8752CBB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {6CEF1D55-4A8B-4FBA-A552-B579A87318E6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {6E6CB22B-9331-4420-800D-2BBFC0CE0DBC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {719553D7-525B-4057-B2DB-3413BF402FFF} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {7D4878E8-64E5-4602-8C07-E80A167323F8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {87DC8B2C-7C3D-4FB3-B5B2-9B7D0BBD1DA1} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {9131E4CD-A123-4A88-9D6F-41526BC40D8D} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {93E24D23-CE2B-456E-B406-7271860E1614} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {9CD31E09-A1DB-4E96-8389-1F4D2214B707} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {9E41352D-BBCB-451F-BAAB-8E2C8D36A7A1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {A098E5AB-228A-4706-9DEF-9A4DA79C69D2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {A28CA1CA-59F5-4C86-BBDB-4B37A77BD2D3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {A63BC3DC-2DCD-49A1-96A3-52D760470BAD} - System32\Tasks\{1A69F63C-CDDF-4D93-B81E-E410515DEF76} => pcalua.exe -a E:\sp58586.exe -d E:\
Task: {AE4C289D-67A5-45C9-8CA5-992352EA3637} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-04-05] (HP Inc.)
Task: {B48D4983-B0E5-4D4E-A235-BEB39593EF3C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {B9DC49B2-E0E9-499F-B205-75282CE82DFA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {BC242B0C-D8EE-444F-985C-9D04D42918DB} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {C05F19EE-BC80-40A9-9EF7-E06F2B1D967A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {C3E1F0B3-F893-47FB-8A59-1C5075643228} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {C5C6C097-7861-4D38-B078-00A867236A95} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {CBE30283-25FE-45A5-8F6A-B216CD13B9D5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-20] (Microsoft Corporation)
Task: {DAD51C36-66AE-4E6F-ACAB-BBBFBDA1A872} - System32\Tasks\{9B919B26-39B8-4BE5-B803-87BF06F53AF9} => pcalua.exe -a "C:\Program Files (x86)\The Truth About Ada\uninst.exe"
Task: {DD98E0DC-9376-483C-B0C8-18C77B221676} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-05] (Google Inc.)
Task: {E6FEA7C8-0681-4A6B-A843-71A7DBA55CFB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {E9EC0A49-42C0-4AD7-AC8D-58A442344C81} - System32\Tasks\HPCeeScheduleForPC => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {EAE19955-D12A-498C-A8DB-4ECD1198B3CD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {EFD56A51-2461-43A1-9367-1AD7EF20178F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-05] (Google Inc.)
Task: {F006188E-B780-4AD8-895A-FBAA58B9F206} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {F1E47111-E947-45B1-B913-1D0BEA81AB80} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {F20956C5-4E2C-4C27-9CF2-9E3CA9110198} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F7C65971-6182-48B7-8113-5FDDE08CB97C} - System32\Tasks\GoogleUpdateTaskMachineCore1d12d13235539a1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-05] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d12d13235539a1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d12d13239242a7.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForPC.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-08-21 23:09 - 2015-08-21 23:09 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-04-20 18:06 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-28 02:01 - 2015-08-28 02:01 - 00326904 _____ () C:\Program Files\OO Software\DiskImage\oodiagrs.dll
2015-08-28 02:01 - 2015-08-28 02:01 - 00069880 _____ () C:\Program Files\OO Software\DiskImage\oodiagpsx64.dll
2016-04-20 18:06 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-08-28 02:01 - 2015-08-28 02:01 - 00345336 _____ () C:\Program Files\OO Software\DiskImage\oodishrs.dll
2016-04-20 18:31 - 2016-04-20 18:32 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-04-20 18:03 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-18 17:58 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-20 17:49 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-20 18:04 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-20 18:03 - 2016-04-02 05:00 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-04-20 18:05 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-20 18:05 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-21 13:24 - 2016-04-06 04:12 - 02140824 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-21 13:24 - 2016-04-06 04:12 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
2016-03-10 10:55 - 2016-03-10 10:55 - 00051200 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2016.29.13.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 22:57 - 2015-12-07 22:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2016-04-20 18:31 - 2016-04-20 18:32 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:8D09CB9B [338]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-261562712-3610274027-2406615811-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{07EFE3DE-0215-44F1-AE6F-5523FFC1F865}C:\program files (x86)\kyodai mahjongg 2006\kmj.exe] => (Block) C:\program files (x86)\kyodai mahjongg 2006\kmj.exe
FirewallRules: [TCP Query User{816AD850-E45A-458C-80C9-2A97385C33B4}C:\program files (x86)\kyodai mahjongg 2006\kmj.exe] => (Block) C:\program files (x86)\kyodai mahjongg 2006\kmj.exe
FirewallRules: [{621E8B2D-022D-46EA-B996-EAF7D48603C0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{184844D8-AA89-4531-91BD-293A9C52A133}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{37161028-A725-44BF-9C4E-0C75651C77A8}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [{73D83782-5CC4-4BE2-84FB-458D9DC6507E}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{849DE0BB-B464-4764-BD9D-78F05127D667}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{891BF47F-5287-448F-B2F6-BACC43D63C68}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [{C98CAAC0-1777-4D2D-9287-F90C1F1396B0}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{B23AC914-A616-4BD9-AB3F-FF7DCED7AB83}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{17D3F124-A5FA-4D97-97A2-4127C32E65B1}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{37CA90D8-31AC-4037-8833-E5DC7C4F7D6E}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{1D0086A4-00D4-447A-A68C-09E3421CE248}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{6B385AA1-3D7D-437D-8D44-3027E96A8565}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [TCP Query User{5633C939-A601-40CB-96F0-ECC59F8F63B3}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{C9410077-61F7-415B-BDF8-CC4294E0B438}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{C22D28AA-8C68-40EA-AFA4-90D9391D5031}] => (Allow) LPort=80
FirewallRules: [{174F6F07-C798-4548-8D51-FF9C864BCAD6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

30-03-2016 13:11:06 Removed inSSIDer 3
20-04-2016 19:21:20 Windows Update
20-04-2016 19:23:08 Windows Update
22-04-2016 11:16:03 Removed inSSIDer 3
24-04-2016 00:35:31 JRT Pre-Junkware Removal
24-04-2016 00:35:47 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/24/2016 12:36:37 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (04/24/2016 12:35:55 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (04/24/2016 12:24:55 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/24/2016 12:23:11 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/24/2016 12:16:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: ESENT.dll, Version: 10.0.10586.212, Zeitstempel: 0x56fa1686
Ausnahmecode: 0xc0000602
Fehleroffset: 0x000000000022885f
ID des fehlerhaften Prozesses: 0x86c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (04/24/2016 12:16:21 AM) (Source: ESENT) (EventID: 908) (User: )
Description: svchost (2156) Der Prozess wird aufgrund eines nicht behebbaren Fehlers beendet: PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1603(bt.cxx:1768): dllentry.cxx(103) (ESENT[10.0.10586.0] RETAIL RTM MBCS)

Error: (04/23/2016 11:16:19 PM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/23/2016 11:09:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: ESENT.dll, Version: 10.0.10586.212, Zeitstempel: 0x56fa1686
Ausnahmecode: 0xc0000602
Fehleroffset: 0x000000000022885f
ID des fehlerhaften Prozesses: 0x85c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (04/23/2016 11:09:34 PM) (Source: ESENT) (EventID: 908) (User: )
Description: svchost (2140) Der Prozess wird aufgrund eines nicht behebbaren Fehlers beendet: PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1054(tm.cxx:1630): dllentry.cxx(103) (ESENT[10.0.10586.0] RETAIL RTM MBCS)

Error: (04/23/2016 09:25:28 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.


Systemfehler:
=============
Error: (04/24/2016 12:37:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Everything" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/24/2016 12:17:51 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Soda PDF 3D Reader Service" wurde mit folgendem Fehler beendet:
%%2147500037

Error: (04/24/2016 12:17:45 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (04/24/2016 12:16:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "StateRepository-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/24/2016 12:16:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_1c8de" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/24/2016 12:16:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _1c8de" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/24/2016 12:16:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_1c8de" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/24/2016 12:16:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_1c8de" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/23/2016 11:10:47 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Soda PDF 3D Reader Service" wurde mit folgendem Fehler beendet:
%%2147500037

Error: (04/23/2016 11:10:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058


CodeIntegrity:
===================================
  Date: 2016-04-24 00:48:57.773
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-24 00:48:57.671
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-24 00:48:57.519
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-24 00:48:57.391
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-24 00:48:57.315
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-24 00:48:57.144
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-23 22:09:26.695
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-23 22:09:26.226
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-23 22:09:25.410
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-23 22:09:25.244
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: AMD E1-1200 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 3682.27 MB
Verfügbarer physikalischer RAM: 1906.21 MB
Summe virtueller Speicher: 7394.27 MB
Verfügbarer virtueller Speicher: 5212.05 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:465.07 GB) (Free:380.19 GB) NTFS
Drive d: (Assimil) (CDROM) (Total:0.13 GB) (Free:0 GB) CDFS
Drive e: (windows 10-Daten) (Fixed) (Total:58.59 GB) (Free:58.45 GB) NTFS
Drive f: (Elements) (Fixed) (Total:872.89 GB) (Free:462.34 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1FB83FB5)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: CA8D065F)
Partition 1: (Not Active) - (Size=872.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=58.6 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
Hier nun der Rest.
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org


Protection, 23.04.2016 23:21, SYSTEM, PC-PC, Protection, Malware Protection, Starting,
Protection, 23.04.2016 23:21, SYSTEM, PC-PC, Protection, Malware Protection, Started,
Protection, 23.04.2016 23:21, SYSTEM, PC-PC, Protection, Malicious Website Protection, Starting,
Protection, 23.04.2016 23:21, SYSTEM, PC-PC, Protection, Malicious Website Protection, Started,
Update, 23.04.2016 23:21, SYSTEM, PC-PC, Manual, Rootkit Database, 2016.2.8.1, 2016.4.17.1,
Update, 23.04.2016 23:21, SYSTEM, PC-PC, Manual, Remediation Database, 2016.2.12.1, 2016.4.19.1,
Update, 23.04.2016 23:21, SYSTEM, PC-PC, Manual, Domain Database, 2016.2.16.8, 2016.4.22.6,
Update, 23.04.2016 23:22, SYSTEM, PC-PC, Manual, IP Database, 2016.2.8.1, 2016.4.7.1,
Update, 23.04.2016 23:22, SYSTEM, PC-PC, Manual, Malware Database, 2016.2.16.6, 2016.4.23.7,
Protection, 23.04.2016 23:22, SYSTEM, PC-PC, Protection, Refresh, Starting,
Protection, 23.04.2016 23:22, SYSTEM, PC-PC, Protection, Malicious Website Protection, Stopping,
Protection, 23.04.2016 23:22, SYSTEM, PC-PC, Protection, Malicious Website Protection, Stopped,
Protection, 23.04.2016 23:22, SYSTEM, PC-PC, Protection, Refresh, Success,
Protection, 23.04.2016 23:22, SYSTEM, PC-PC, Protection, Malicious Website Protection, Starting,
Protection, 23.04.2016 23:22, SYSTEM, PC-PC, Protection, Malicious Website Protection, Started,

(end)
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.5 (04.20.2016)
Operating System: Windows 10 Home x64
Ran by PC (Administrator) on 24.04.2016 at  0:35:47,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 3

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2FE0F895-6D1D-4c80-A20D-18E42DE9B631} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2FE0F895-6D1D-4c80-A20D-18E42DE9B631} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{64C9D46E-8F8B-4158-9780-A6581C7439B1} (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.04.2016 at  0:42:50,58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[CODE][AdwCleaner Logfile:
Code:
# AdwCleaner v5.112 - Bericht erstellt am 23/04/2016 um 23:08:38
# Aktualisiert am 17/04/2016 von Xplode
# Datenbank : 2016-04-19.5 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : PC - PC-PC
# Gestartet von : C:\Users\PC\Desktop\AdwCleaner_5.112 (1).exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****

[-] Datei gelöscht : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_d19tqk5t6qcjac.cloudfront.net_0.localstorage
[-] Datei gelöscht : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal
[-] Datei gelöscht : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.eshopcomp.com_0.localstorage
[-] Datei gelöscht : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.eshopcomp.com_0.localstorage-journal
[-] Datei gelöscht : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_utop.it_0.localstorage
[-] Datei gelöscht : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_utop.it_0.localstorage-journal

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [5035 Bytes] - [22/04/2016 12:40:11]
C:\AdwCleaner\AdwCleaner[C2].txt - [2249 Bytes] - [22/04/2016 12:51:01]
C:\AdwCleaner\AdwCleaner[C3].txt - [1850 Bytes] - [23/04/2016 23:08:38]
C:\AdwCleaner\AdwCleaner[S1].txt - [4750 Bytes] - [22/04/2016 12:35:42]
C:\AdwCleaner\AdwCleaner[S2].txt - [2028 Bytes] - [22/04/2016 12:47:30]
C:\AdwCleaner\AdwCleaner[S3].txt - [1894 Bytes] - [23/04/2016 22:58:48]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2142 Bytes] ##########
--- --- ---
/CODE]

Gruß Monstera

M-K-D-B 24.04.2016 15:07
Servus,


1.
Du hast AdwCleaner nicht so ausgeführt wie ich geschrieben habe (Stichwort "Optionen" auswählen).

2.
Du hast die falsche Logdatei von MBAM gepostet. Ich will die Logdatei des Suchlaufs sehen, nicht der Echtzeitüberwachung.


AdwCleaner nochmal, MBAM Log posten, danach nochmal FRST wie beschrieben...

Monstera 24.04.2016 19:03
Servus,
sorry meine Fehler aber ich liege im Krankenhaus mit einem Lungentumor, da schweifen die Gedanken manchmal ab.
Ich hoffe das es jetzt richtig ist.
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
durchgeführt von PC (Administrator) auf PC-PC (24-04-2016 19:46:22)
Gestartet von C:\Users\PC\Desktop
Geladene Profile: PC (Verfügbare Profile: PC & Gast & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files\Everything\Everything.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(LULU Software Limited) C:\Program Files (x86)\Soda PDF 3D Reader\HelperService.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(O&O Software GmbH) C:\Program Files\OO Software\DiskImage\oodiag.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(O&O Software GmbH) C:\Program Files\OO Software\DiskImage\ooditray.exe
() C:\Program Files\Everything\Everything.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe
(Dominik Reichl) C:\KeePass2.29\KeePass.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Malwarebytes) C:\Users\PC\Desktop\Matthias1\Malwarebytes Anti-Malware\mbam.exe
(Farbar) C:\Users\PC\Desktop\FRST64 (1).exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2015-11-27] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-28] (Synaptics Incorporated)
HKLM\...\Run: [OODITRAY.EXE] => C:\Program Files\OO Software\DiskImage\ooditray.exe [6360824 2015-08-28] (O&O Software GmbH)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-03-03] (Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [56592 2016-03-03] (Raptr, Inc)
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\Run: [F579D32520C4CBAF298862F1BEDBBDD0A557E2BB._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1003160 2016-04-06] (Google Inc.)
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51662464 2016-04-08] (Skype Technologies S.A.)
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\Run: [AntiBrowserSpy - BrowserMask] => C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [816640 2016-01-08] ()
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\MountPoints2: {8d0e7b99-e9a4-11e5-b6ff-20689d1e57b6} - "G:\autorun.exe"
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\MountPoints2: {9e81865e-3b60-11e5-88d7-806e6f6e6963} - "D:\start.exe"
ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => C:\Program Files\OO Software\DiskImage\oodishi.dll [2015-08-28] (O&O Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2015-11-24]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-04-24]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{1f20a2f8-5f46-48e6-b412-693bd924926d}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{6dc7b702-0c45-4de1-a402-3cc3d6fa48c0}: [DhcpNameServer] 82.163.143.171
Tcpip\..\Interfaces\{c4506c39-3486-446e-aa19-5eac0360af24}: [DhcpNameServer] 82.163.143.171
Tcpip\..\Interfaces\{fd1e8feb-c8f3-4d2a-ac61-a21c3b3c1abc}: [DhcpNameServer] 82.163.143.171

Internet Explorer:
==================
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
SearchScopes: HKU\S-1-5-21-261562712-3610274027-2406615811-1000 -> {C1EE5DD0-D6CE-4591-AC55-509365F26D03} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=chr-yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-261562712-3610274027-2406615811-1000 -> {E71A49A3-7DFF-4CFD-801F-79BA30EDA49B} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-19] (Google Inc.)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-25] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-25] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-19] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19] (Google Inc.)
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-19] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://google.de/
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR DefaultSearchURL: Default -> hxxp://www.yessearches.com/chrome.php?q={searchTerms}&ts=AHEpC3YnA3AqAE..&v=20160323&uid=A7608D7CBCBC8C550A10284618D43029&ptid=cos1&mode=nnnb
CHR DefaultSearchKeyword: Default -> yessearches
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-05]
CHR Extension: (Google Docs) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-05]
CHR Extension: (Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2016-04-22]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-25]
CHR Extension: (Adblock Plus) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-08]
CHR Extension: (Google-Suche) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-16]
CHR Extension: (Google Tabellen) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-05]
CHR Extension: (Ad.Block Plus+) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopfmfbdadhahnjfgcbfcflmnlgpgggg [2016-01-05]
CHR Extension: (Google Docs Offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-25]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-21]
CHR Extension: (Google Mail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-05]
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2016-03-06] (Adobe Systems) [Datei ist nicht signiert]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 Everything; C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] () [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
R2 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [7766264 2015-08-28] (O&O Software GmbH)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-03-03] (Plays.tv, LLC)
R2 Soda PDF 3D Reader Helper Service; C:\Program Files (x86)\Soda PDF 3D Reader\HelperService.exe [1162592 2013-08-19] (LULU Software Limited)
S2 Soda PDF 3D Reader Service; C:\Program Files (x86)\Soda PDF 3D Reader\ConversionService.exe [852320 2013-08-19] (LULU Software Limited)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 MBAMScheduler; "C:\Users\PC\Desktop\Malwarebytes Anti-Malware\mbamscheduler.exe" [X]
S2 MBAMService; "C:\Users\PC\Desktop\Malwarebytes Anti-Malware\mbamservice.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4318760 2015-08-28] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-09-18] (Advanced Micro Devices)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-24] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [116888 2015-08-28] (O&O Software GmbH)
R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [41112 2015-08-28] (O&O Software GmbH)
R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [255640 2015-08-28] (O&O Software GmbH)
R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44696 2015-08-28] (O&O Software GmbH)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30544 2016-02-17] (HP)
U3 DfSdkS; kein ImagePath
U3 idsvc; kein ImagePath
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-24 19:46 - 2016-04-24 19:47 - 00016740 _____ C:\Users\PC\Desktop\FRST.txt
2016-04-24 19:44 - 2016-04-24 19:44 - 00001187 _____ C:\Users\PC\Desktop\mbam.txt
2016-04-24 18:11 - 2016-04-24 18:12 - 00001567 _____ C:\Users\PC\Desktop\AdwCleaner[C4].txt
2016-04-24 02:13 - 2016-04-24 02:15 - 00000000 ____D C:\Users\PC\Desktop\Matthias1
2016-04-24 00:46 - 2016-04-24 00:46 - 02375680 _____ (Farbar) C:\Users\PC\Desktop\FRST64 (1).exe
2016-04-24 00:45 - 2016-04-24 00:46 - 02375680 _____ (Farbar) C:\Users\PC\Downloads\FRST64 (1).exe
2016-04-24 00:34 - 2016-04-24 00:34 - 01610008 _____ (Malwarebytes) C:\Users\PC\Desktop\JRT.exe
2016-04-24 00:33 - 2016-04-24 00:33 - 01610008 _____ (Malwarebytes) C:\Users\PC\Downloads\JRT.exe
2016-04-23 23:21 - 2016-04-24 19:39 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-04-23 23:20 - 2016-04-24 00:14 - 00000873 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-23 23:20 - 2016-04-23 23:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-23 23:20 - 2016-04-23 23:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-23 23:20 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-04-23 23:20 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-04-23 23:20 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-04-23 23:16 - 2016-04-23 23:17 - 22851472 _____ (Malwarebytes ) C:\Users\PC\Downloads\mbam-setup-2.2.1.1043.exe
2016-04-23 23:14 - 2016-04-23 23:18 - 22851472 _____ (Malwarebytes ) C:\Users\PC\Desktop\mbam-setup-2.2.1.1043.exe
2016-04-23 22:55 - 2016-04-23 22:56 - 03683904 _____ C:\Users\PC\Desktop\AdwCleaner_5.112 (1).exe
2016-04-23 22:12 - 2016-04-24 00:14 - 00001469 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Snipping Tool Plus.lnk
2016-04-23 22:10 - 2016-04-23 22:10 - 00000000 ____D C:\Users\PC\AppData\Roaming\www.rene-zeidler.de
2016-04-23 22:10 - 2016-04-23 22:10 - 00000000 ____D C:\Users\PC\AppData\Local\www.rene-zeidler.de
2016-04-23 22:10 - 2016-04-23 22:10 - 00000000 ____D C:\ProgramData\www.rene-zeidler.de
2016-04-23 22:08 - 2016-04-23 22:09 - 00000000 ____D C:\Users\PC\Downloads\SnippingToolPlusv3-4-1-0
2016-04-23 01:32 - 2016-04-23 01:32 - 00000000 ____D C:\Users\PC\Desktop\Matthias
2016-04-22 23:32 - 2016-04-22 23:36 - 00264124 _____ C:\TDSSKiller.3.1.0.9_22.04.2016_23.32.14_log.txt
2016-04-22 23:27 - 2016-04-22 23:30 - 00264222 _____ C:\TDSSKiller.3.1.0.9_22.04.2016_23.27.57_log.txt
2016-04-22 23:26 - 2016-04-22 23:26 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\PC\Downloads\tdsskiller.exe
2016-04-22 23:19 - 2016-04-22 23:22 - 00041239 _____ C:\Users\PC\Downloads\Addition.txt
2016-04-22 23:16 - 2016-04-24 19:46 - 00000000 ____D C:\FRST
2016-04-22 23:16 - 2016-04-22 23:22 - 00060816 _____ C:\Users\PC\Downloads\FRST.txt
2016-04-22 23:15 - 2016-04-22 23:16 - 02375680 _____ (Farbar) C:\Users\PC\Downloads\FRST64.exe
2016-04-22 18:25 - 2016-04-23 21:51 - 00033280 _____ C:\Users\PC\Documents\Test-Moni.xls
2016-04-22 12:34 - 2016-04-24 18:08 - 00000000 ____D C:\AdwCleaner
2016-04-22 12:34 - 2016-04-22 12:34 - 03683904 _____ C:\Users\PC\Downloads\AdwCleaner_5.112.exe
2016-04-22 11:17 - 2016-04-22 11:18 - 00000000 ____D C:\Users\PC\Desktop\Spiele
2016-04-22 11:10 - 2016-04-22 11:11 - 00000000 ____D C:\Users\PC\Desktop\Konstruktionsapp
2016-04-22 08:21 - 2016-04-24 19:34 - 00000000 ____D C:\Users\PC\AppData\Roaming\Everything
2016-04-22 08:21 - 2016-04-22 08:21 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2016-04-22 08:21 - 2016-04-22 08:21 - 00000000 ____D C:\Program Files\Everything
2016-04-20 18:07 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-20 18:07 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-20 18:07 - 2016-03-29 10:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-20 18:07 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-20 18:07 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-20 18:07 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-20 18:07 - 2016-03-29 09:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-20 18:07 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-20 18:07 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-20 18:07 - 2016-03-29 09:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-20 18:07 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-20 18:07 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-20 18:07 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-20 18:07 - 2016-03-29 08:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-20 18:07 - 2016-03-29 08:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-20 18:07 - 2016-03-29 08:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-20 18:07 - 2016-03-29 08:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-20 18:07 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-20 18:07 - 2016-03-29 07:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-20 18:07 - 2016-03-29 07:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-20 18:07 - 2016-03-29 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-20 18:07 - 2016-03-29 07:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-20 18:07 - 2016-03-29 07:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-20 18:06 - 2016-03-29 12:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-20 18:06 - 2016-03-29 12:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-20 18:06 - 2016-03-29 10:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-20 18:06 - 2016-03-29 09:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-20 18:06 - 2016-03-29 09:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-20 18:06 - 2016-03-29 09:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-20 18:06 - 2016-03-29 08:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-20 18:06 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-20 18:06 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-20 18:06 - 2016-03-29 08:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-20 18:06 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-20 18:06 - 2016-03-29 08:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-20 18:06 - 2016-03-29 07:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-20 18:06 - 2016-03-29 07:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-20 18:05 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-20 18:05 - 2016-04-02 05:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-20 18:05 - 2016-04-02 05:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-20 18:05 - 2016-04-02 05:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-20 18:05 - 2016-04-02 05:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-20 18:05 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-20 18:05 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-20 18:05 - 2016-03-29 11:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-20 18:05 - 2016-03-29 10:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-20 18:05 - 2016-03-29 09:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-20 18:05 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-20 18:05 - 2016-03-29 09:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-20 18:05 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-20 18:05 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-20 18:05 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-20 18:05 - 2016-03-29 08:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-20 18:05 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-20 18:05 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-20 18:05 - 2016-03-29 08:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-20 18:05 - 2016-03-29 08:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-20 18:05 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-20 18:05 - 2016-03-29 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-20 18:05 - 2016-03-29 07:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-20 18:05 - 2016-03-29 07:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-20 18:05 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-20 18:05 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-20 18:05 - 2016-03-29 07:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-20 18:05 - 2016-03-29 07:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-20 18:04 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-20 18:04 - 2016-04-02 06:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-20 18:04 - 2016-04-02 05:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-20 18:04 - 2016-04-02 05:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-20 18:04 - 2016-04-02 05:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-20 18:04 - 2016-04-02 05:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-20 18:04 - 2016-04-02 05:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-20 18:04 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-20 18:04 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-20 18:04 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-20 18:04 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-20 18:04 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-20 18:04 - 2016-03-29 11:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-20 18:04 - 2016-03-29 11:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-20 18:04 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-20 18:04 - 2016-03-29 10:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-20 18:04 - 2016-03-29 10:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-20 18:04 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-20 18:04 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-20 18:04 - 2016-03-29 09:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-20 18:04 - 2016-03-29 09:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-20 18:04 - 2016-03-29 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-20 18:04 - 2016-03-29 09:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-20 18:04 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-20 18:04 - 2016-03-29 09:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-20 18:04 - 2016-03-29 09:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-20 18:04 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-20 18:04 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-20 18:04 - 2016-03-29 09:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-20 18:04 - 2016-03-29 09:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-20 18:04 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-20 18:04 - 2016-03-29 09:14 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-04-20 18:04 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-20 18:04 - 2016-03-29 09:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-20 18:04 - 2016-03-29 09:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-20 18:04 - 2016-03-29 09:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-20 18:04 - 2016-03-29 09:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-20 18:04 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-20 18:04 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-20 18:04 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-20 18:04 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-20 18:04 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-20 18:04 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-20 18:04 - 2016-03-29 08:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-20 18:04 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-20 18:04 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-20 18:04 - 2016-03-29 08:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-20 18:04 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-20 18:04 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-20 18:04 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-20 18:04 - 2016-03-29 08:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-20 18:04 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-20 18:04 - 2016-03-29 08:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-20 18:04 - 2016-03-29 08:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-20 18:04 - 2016-03-29 08:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-20 18:04 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-20 18:04 - 2016-03-29 08:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-20 18:04 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-20 18:04 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-20 18:04 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-20 18:04 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-20 18:04 - 2016-03-29 08:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-20 18:04 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-20 18:04 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-20 18:04 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-20 18:04 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-20 18:03 - 2016-04-02 05:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-20 18:03 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-20 18:03 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-20 18:03 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-20 18:03 - 2016-03-29 11:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-20 18:03 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-20 18:03 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-20 18:03 - 2016-03-29 10:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-20 18:03 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-20 18:03 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-20 18:03 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-20 18:03 - 2016-03-29 09:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-20 18:03 - 2016-03-29 09:51 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-04-20 18:03 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-20 18:03 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-20 18:03 - 2016-03-29 09:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-20 18:03 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-20 18:03 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-20 18:03 - 2016-03-29 09:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-20 18:03 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-20 18:03 - 2016-03-29 09:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-20 18:03 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-20 18:03 - 2016-03-29 09:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-20 18:03 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-20 18:03 - 2016-03-29 09:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-20 18:03 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-20 18:03 - 2016-03-29 08:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-20 18:03 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-20 18:03 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-20 18:03 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-20 18:03 - 2016-03-29 08:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-20 18:03 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-20 18:03 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-20 18:03 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-20 18:03 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-20 18:03 - 2016-03-29 08:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-20 18:03 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-20 18:03 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-20 18:03 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-20 18:03 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-20 18:03 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-20 18:02 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-20 18:02 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-20 18:02 - 2016-04-02 05:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-20 18:02 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-20 18:02 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-20 18:02 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-20 18:02 - 2016-03-29 11:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-20 18:02 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-20 18:02 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-20 18:02 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-20 18:02 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-20 18:02 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-20 18:02 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-20 18:02 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-20 18:02 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-20 18:02 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-20 18:02 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-20 18:02 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-20 18:02 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-20 18:02 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-20 18:02 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-20 18:02 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-20 18:02 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-20 18:02 - 2016-03-29 09:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-20 18:02 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-20 18:02 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-20 18:02 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-20 18:02 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-20 18:02 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-20 18:02 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-20 18:02 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-20 18:02 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-20 18:02 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-20 18:02 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-20 18:02 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-20 18:02 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-20 18:02 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-20 18:02 - 2016-03-29 08:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-20 18:02 - 2016-03-29 08:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-20 18:02 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-20 18:02 - 2016-03-29 08:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-20 18:02 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-20 18:02 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-20 18:01 - 2016-04-02 05:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-20 18:01 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-20 18:01 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-20 18:01 - 2016-04-02 05:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-20 18:01 - 2016-04-02 05:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-20 18:01 - 2016-04-02 05:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-20 18:01 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-20 18:01 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-20 18:01 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-20 18:01 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-20 18:01 - 2016-03-29 09:54 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-04-20 18:01 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-20 18:01 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-20 18:01 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-20 18:01 - 2016-03-29 09:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-20 18:01 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-20 18:01 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-20 18:01 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-20 18:01 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-20 18:01 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-20 18:01 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-20 18:01 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-20 18:01 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-20 18:01 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-20 18:01 - 2016-03-29 08:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-20 18:01 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-20 18:01 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-20 18:01 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-20 18:01 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-20 18:01 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-20 18:01 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-20 18:01 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-20 18:01 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-20 18:01 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-20 18:00 - 2016-04-02 05:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-20 18:00 - 2016-03-29 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-20 18:00 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-20 18:00 - 2016-03-29 10:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-20 18:00 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-20 18:00 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-20 18:00 - 2016-03-29 10:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-20 18:00 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-20 18:00 - 2016-03-29 09:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-20 18:00 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-20 18:00 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-20 18:00 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-20 18:00 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-20 18:00 - 2016-03-29 09:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-20 18:00 - 2016-03-29 09:49 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-04-20 18:00 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-20 18:00 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-20 18:00 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-20 18:00 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-20 18:00 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-20 18:00 - 2016-03-29 08:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-20 18:00 - 2016-03-29 08:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-20 18:00 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-20 17:59 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-20 17:59 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-20 17:59 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-20 17:59 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-20 17:59 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-20 17:59 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-20 17:59 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-20 17:59 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-20 17:59 - 2016-03-29 08:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-20 17:57 - 2016-03-29 09:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-20 17:56 - 2016-03-29 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-20 17:56 - 2016-03-29 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-20 17:56 - 2016-03-29 09:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-20 17:56 - 2016-03-29 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-20 17:56 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-20 17:55 - 2016-03-29 09:14 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-04-20 17:54 - 2016-03-29 09:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-20 17:49 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-20 16:31 - 2016-04-20 16:31 - 00055041 ___RT C:\Users\PC\Documents\Projektplan_Berliner Stadtmission.xlsx
2016-03-30 13:13 - 2016-04-22 11:12 - 00000000 ___RD C:\Users\PC\Desktop\Musikabspielpro
2016-03-30 13:08 - 2016-04-23 01:31 - 00000000 ____D C:\Users\PC\Desktop\Wartung
2016-03-30 13:07 - 2016-03-30 13:09 - 00000000 ____D C:\Users\PC\Desktop\Bilderbearbeitung
2016-03-28 17:22 - 2016-03-28 17:22 - 141270216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MRT.exe
2016-03-28 17:21 - 2016-03-28 17:22 - 29011992 _____ (Microsoft Corporation) C:\Users\PC\Downloads\FileFormatConverters4 (2).exe
2016-03-28 16:58 - 2016-03-28 17:21 - 54887136 _____ (Microsoft Corporation) C:\Users\PC\Downloads\Windows-KB890830-V5.34.exe
2016-03-28 16:58 - 2016-03-28 17:06 - 373578968 _____ (Microsoft Corporation) C:\Users\PC\Downloads\office2007sp3-kb2526086-fullfile-de-de.exe
2016-03-28 16:58 - 2016-03-28 17:01 - 39074536 _____ (Microsoft Corporation) C:\Users\PC\Downloads\FileFormatConverters.exe
2016-03-28 16:41 - 2016-03-28 16:41 - 00000000 ____D C:\Program Files (x86)\MSECache
2016-03-28 16:37 - 2016-03-28 16:38 - 29011992 _____ (Microsoft Corporation) C:\Users\PC\Downloads\FileFormatConverters4 (1).exe
2016-03-28 16:37 - 2016-03-28 16:37 - 29011992 _____ (Microsoft Corporation) C:\Users\PC\Downloads\FileFormatConverters4.exe
2016-03-27 12:28 - 2016-03-27 12:37 - 02869760 _____ C:\Users\PC\Downloads\lottozahlen_archiv (1).xls
2016-03-27 10:54 - 2016-03-27 10:55 - 00987728 _____ (Google Inc.) C:\Users\PC\Downloads\ChromeSetup.exe
2016-03-26 08:57 - 2016-03-26 08:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hex-Editor MX
2016-03-26 08:56 - 2016-03-26 08:57 - 00000000 ____D C:\Program Files (x86)\Hex-Editor MX
2016-03-26 08:55 - 2016-03-26 08:55 - 00860736 _____ C:\Users\PC\Downloads\hexedit602.zip
2016-03-25 20:30 - 2016-03-25 20:30 - 00000000 ____D C:\Users\PC\AppData\Roaming\dlg
2016-03-25 20:26 - 2016-03-25 21:10 - 00000000 ____D C:\Program Files\fe1920a152aa161f127ed1ed733a8acb
2016-03-25 20:26 - 2016-03-25 20:26 - 00000000 ____D C:\extensions
2016-03-25 20:25 - 2016-03-25 20:26 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-03-25 19:59 - 2016-03-25 19:59 - 00015428 _____ C:\Users\PC\RefEdit.exd
2016-03-25 19:59 - 2016-03-25 19:59 - 00011776 _____ C:\Users\PC\Downloads\Winkel.xls

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-24 19:43 - 2015-12-02 20:52 - 02086168 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-24 19:43 - 2015-10-30 20:35 - 00889250 _____ C:\WINDOWS\system32\perfh007.dat
2016-04-24 19:43 - 2015-10-30 20:35 - 00197298 _____ C:\WINDOWS\system32\perfc007.dat
2016-04-24 19:43 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-24 19:36 - 2015-12-02 17:07 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d12d13235539a1.job
2016-04-24 19:35 - 2015-12-02 21:12 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-24 19:34 - 2015-11-08 15:46 - 00000000 ____D C:\KeePass2.29
2016-04-24 19:34 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-04-24 19:17 - 2015-12-02 17:07 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d12d13239242a7.job
2016-04-24 18:58 - 2015-11-16 16:32 - 00000000 ____D C:\Users\PC\AppData\Roaming\Skype
2016-04-24 17:10 - 2016-03-04 04:35 - 00004144 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B6C246B2-FD71-44F9-BCE6-EB4B4C5BE06A}
2016-04-24 13:01 - 2015-12-04 20:04 - 00000000 ____D C:\Users\PC\AppData\Roaming\MediaMonkey
2016-04-24 00:17 - 2015-10-30 20:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-04-24 00:15 - 2016-03-06 22:22 - 00001904 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Q-Dir.lnk
2016-04-24 00:15 - 2016-03-06 13:39 - 00002158 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk
2016-04-24 00:15 - 2016-03-06 13:37 - 00002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk
2016-04-24 00:15 - 2016-03-06 13:36 - 00002118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS2.lnk
2016-04-24 00:15 - 2016-03-06 13:36 - 00002115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady CS2.lnk
2016-04-24 00:15 - 2016-01-06 16:52 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-04-24 00:15 - 2016-01-06 16:52 - 00002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif DrawPlus X6.lnk
2016-04-24 00:15 - 2016-01-06 16:23 - 00002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif PhotoPlus Organizer.lnk
2016-04-24 00:15 - 2016-01-06 16:23 - 00002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif PhotoPlus X7.lnk
2016-04-24 00:15 - 2015-12-17 16:38 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-04-24 00:15 - 2015-12-02 21:03 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-24 00:15 - 2015-11-24 14:49 - 00002715 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Excel.lnk
2016-04-24 00:15 - 2015-11-24 14:49 - 00002683 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Word.lnk
2016-04-24 00:15 - 2015-11-24 14:49 - 00002635 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Office-Dokument öffnen.lnk
2016-04-24 00:15 - 2015-11-24 14:49 - 00002631 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Neues Office-Dokument.lnk
2016-04-24 00:15 - 2015-08-05 13:05 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-24 00:14 - 2015-12-17 10:02 - 00001047 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2016-04-24 00:14 - 2015-12-02 21:35 - 00002409 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-24 00:14 - 2015-11-16 16:32 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2016-04-24 00:14 - 2015-08-05 13:06 - 00001361 _____ C:\Users\Public\Desktop\CyberLink YouCam.lnk
2016-04-22 22:41 - 2015-10-25 23:20 - 00000332 _____ C:\WINDOWS\Tasks\HPCeeScheduleForPC.job
2016-04-22 13:17 - 2015-10-25 23:20 - 00003212 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForPC
2016-04-22 12:45 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-22 11:20 - 2015-12-02 21:35 - 00000000 ___RD C:\Users\PC\OneDrive
2016-04-22 09:57 - 2010-11-21 05:27 - 00453288 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-22 09:16 - 2015-12-08 13:52 - 00000000 ____D C:\Users\PC\AppData\Roaming\XnView
2016-04-22 04:01 - 2015-12-02 20:53 - 00000000 ____D C:\Users\PC
2016-04-21 15:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-21 12:38 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-21 12:29 - 2015-12-02 20:39 - 00463504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-20 19:46 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-20 19:46 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-20 19:46 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-20 19:46 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-20 19:33 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-20 19:30 - 2015-08-12 21:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-20 19:24 - 2015-08-12 21:00 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-20 18:43 - 2015-11-16 16:32 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-20 18:43 - 2015-11-16 16:31 - 00000000 ____D C:\ProgramData\Skype
2016-04-20 18:35 - 2015-12-02 21:27 - 00000000 ____D C:\Users\PC\AppData\Local\Packages
2016-04-06 20:32 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-06 20:32 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-30 13:16 - 2016-03-05 06:36 - 00000000 ____D C:\Program Files (x86)\Lux3
2016-03-30 09:42 - 2016-03-08 23:00 - 00000000 ____D C:\ProgramData\eJay
2016-03-30 09:35 - 2016-03-08 16:04 - 00000000 ____D C:\Program Files (x86)\MAGIX
2016-03-30 09:35 - 2016-03-08 16:03 - 00000000 ____D C:\ProgramData\MAGIX
2016-03-28 17:02 - 2015-11-24 14:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-03-25 21:11 - 2015-12-02 21:27 - 00000000 ____D C:\Users\DefaultAppPool
2016-03-25 21:11 - 2015-12-02 20:53 - 00000000 ____D C:\Users\Gast
2016-03-25 21:11 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-03-25 21:11 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\servicing
2016-03-25 21:10 - 2016-03-06 13:10 - 00000000 ____D C:\Users\PC\Projects Series
2016-03-25 21:10 - 2016-03-06 13:10 - 00000000 ____D C:\Users\PC\PhotoBuzzer Projects 1
2016-03-25 21:10 - 2016-03-06 09:45 - 00000000 ____D C:\Users\PC\AppData\Local\Abelssoft
2016-03-25 21:00 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\registration
2016-03-25 17:57 - 2016-01-28 19:39 - 00143272 _____ C:\Users\PC\AppData\Roaming\GDIPFONTCACHEV1.DAT

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-01-05 13:56 - 2016-01-05 13:56 - 0000037 ___SH () C:\Users\PC\AppData\Local\70149b02515b3bb20dd492.47983420
2015-12-04 23:05 - 2015-12-04 23:05 - 0004608 _____ () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Einige Dateien in TEMP:
====================
C:\Users\PC\AppData\Local\Temp\libeay32.dll
C:\Users\PC\AppData\Local\Temp\msvcr120.dll
C:\Users\PC\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-20 17:49

==================== Ende von FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-04-2016
durchgeführt von PC (2016-04-24 19:50:23)
Gestartet von C:\Users\PC\Desktop
Windows 10 Home Version 1511 (X64) (2015-12-02 19:27:34)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-261562712-3610274027-2406615811-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-261562712-3610274027-2406615811-503 - Limited - Disabled)
Gast (S-1-5-21-261562712-3610274027-2406615811-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-261562712-3610274027-2406615811-1003 - Limited - Enabled)
PC (S-1-5-21-261562712-3610274027-2406615811-1000 - Administrator - Enabled) => C:\Users\PC

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
AllDup 3.4.24 (HKLM-x32\...\AllDup_is1) (Version: 3.4.24 - Michael Thummerer Software Design)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
AntiBrowserSpy (HKLM-x32\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 169 - Abelssoft)
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo WinOptimizer 2016 (HKLM-x32\...\{4209F371-38F5-0B47-1C5B-A4A8456950A3}_is1) (Version: 12.00.40 - Ashampoo GmbH & Co. KG)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
COMPUTER BILD-App-Starter  (HKLM-x32\...\COMPUTER BILD-App-Starter) (Version:  - )
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
DC Toolkit Pro 2 Architekt (HKLM-x32\...\DC Toolkit Pro 2 Architekt_is1) (Version: 2.0.0 - Franzis Verlag)
DC Toolkit Pro 2 Ingenieur (HKLM-x32\...\DC Toolkit Pro 2 Ingenieur_is1) (Version: 2.0.0 - Franzis Verlag)
DC Toolkit Pro 2 Tischler (HKLM-x32\...\DC Toolkit Pro 2 Tischler_is1) (Version: 2.0.0 - Franzis Verlag)
DesignCAD 3D Max 23 (HKLM-x32\...\{01835371-C7CE-4307-A9F9-2DC37DA5293D}) (Version: 23.0.0 - IMSIDesign)
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version:  - )
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.173.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.2.8.17 - Hewlett-Packard Company)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Kyodai Mahjongg 2006 v1.42 (HKLM-x32\...\Kyodai Mahjongg 2006_is1) (Version:  - Rene-Gilles Deberdt)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LAV Filters 0.64 (HKLM-x32\...\lavfilters_is1) (Version: 0.64 - Hendrik Leppkes)
Mahjongg - Ancient Mayas (HKLM-x32\...\{BDA4BA81-D380-4596-95D3-5D8FA612FDA1}_is1) (Version:  - cerasus.media GmbH)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft Office XP Professional mit FrontPage (HKLM-x32\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.01 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
O&O DiskImage Professional (HKLM\...\{10C83530-840D-4AA3-994A-A9B9559B56C5}) (Version: 9.10.102 - O&O Software GmbH)
Photo BUZZER (64-Bit) (HKLM\...\EMOTION_PROJECTS_1_2_CDF5610E_is1) (Version: 1.14 - Franzis Verlag GmbH)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.8.8-r109999-release - Plays.tv, LLC)
Q-Dir (HKLM-x32\...\Q-Dir) (Version:  - )
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.0.3-r110001-release - Raptr, Inc)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.54.309.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6652 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29005 - Realtek Semiconductor Corp.)
Serif DrawPlus X6 (HKLM\...\{8A8AB2D3-53DE-4A65-8D35-68A09AA1AD7A}) (Version: 13.0.3.26 - Serif (Europe) Ltd)
Serif PhotoPlus X7 (HKLM\...\{7B7344AA-B8E3-4A86-B499-517B7E2F6CB3}) (Version: 17.0.3.023 - Serif (Europe) Ltd)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Soda PDF 3D Reader (HKLM-x32\...\{025C48E1-4695-4F49-906E-EBABCD54EA51}) (Version: 5.0.30.11889 - LULU Software Limited)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.19-0 - Bitnami)
XnView 2.34 (HKLM-x32\...\XnView_is1) (Version: 2.34 - Gougelet Pierre-e)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-261562712-3610274027-2406615811-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\PC\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02CF7A3F-AAD8-4E61-B716-7DBF67C62160} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {083DC944-E27B-4EF0-BE3A-6A8B9CBFC6A6} - System32\Tasks\{DA10FA2B-437F-4571-A584-D0387598B2E1} => pcalua.exe -a E:\sp57434.exe -d E:\
Task: {09229287-FF30-48DB-9DE5-91E55E89E074} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {0AB690DA-867C-4EDB-AA55-892133CDB826} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {1325C51C-5CC3-4DF3-B7C9-5B57E5123167} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {1606EAEC-B83E-4107-9867-F338B4922033} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {1A2EBA06-C61F-4C4C-95E3-CA9BFE43FCBE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {1BBA0ECC-16DF-4F48-ACE3-DBC900C1FF77} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {1C9B5F6C-EF78-49FE-A751-3ADD6F983855} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {2489FFE5-74F6-4214-AA7B-3F91D7861FC6} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {25F5691A-40A5-4C51-A023-5868C329C30B} - System32\Tasks\GoogleUpdateTaskMachineUA1d12d13239242a7 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-05] (Google Inc.)
Task: {27DF7894-4511-41CB-A2B5-5782D30905AA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2EAC86C0-E1D1-4E10-B0BF-B6B3CEBDCA28} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {326554BD-203C-4386-B368-8D2C3C9B0C19} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {3776E8F3-C578-4CFA-AA31-4ED66052B967} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {3BA80EFA-741E-4339-B123-E5E776BB75DE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {3CA58688-DC7F-40F8-A2CA-8C14FDDA1AB9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {429E8375-B79A-4594-BFE9-645B12E10D9F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-04-05] (HP Inc.)
Task: {4FB532F7-2023-406C-9928-0CE390D4F55D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-03-11] (Hewlett-Packard)
Task: {50876B6C-6ACA-4C96-AA98-CA8E6AE29AAD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {6047C20E-9A0E-4C77-A366-153386332B3F} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {610E1FB8-3626-490B-BF08-4B5F06FB16DD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {68B7518E-247D-4C6F-8B0F-5858D8752CBB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {6CEF1D55-4A8B-4FBA-A552-B579A87318E6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {6E6CB22B-9331-4420-800D-2BBFC0CE0DBC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {719553D7-525B-4057-B2DB-3413BF402FFF} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {74C4BE09-32EC-4237-82B4-CDDCBEEADFF7} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {7D4878E8-64E5-4602-8C07-E80A167323F8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {87DC8B2C-7C3D-4FB3-B5B2-9B7D0BBD1DA1} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {9131E4CD-A123-4A88-9D6F-41526BC40D8D} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {93E24D23-CE2B-456E-B406-7271860E1614} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {9CD31E09-A1DB-4E96-8389-1F4D2214B707} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {9E41352D-BBCB-451F-BAAB-8E2C8D36A7A1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {A098E5AB-228A-4706-9DEF-9A4DA79C69D2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {A28CA1CA-59F5-4C86-BBDB-4B37A77BD2D3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {A63BC3DC-2DCD-49A1-96A3-52D760470BAD} - System32\Tasks\{1A69F63C-CDDF-4D93-B81E-E410515DEF76} => pcalua.exe -a E:\sp58586.exe -d E:\
Task: {AE4C289D-67A5-45C9-8CA5-992352EA3637} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-04-05] (HP Inc.)
Task: {B48D4983-B0E5-4D4E-A235-BEB39593EF3C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {B9DC49B2-E0E9-499F-B205-75282CE82DFA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {BC242B0C-D8EE-444F-985C-9D04D42918DB} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {C05F19EE-BC80-40A9-9EF7-E06F2B1D967A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {C3E1F0B3-F893-47FB-8A59-1C5075643228} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {C5C6C097-7861-4D38-B078-00A867236A95} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {CBE30283-25FE-45A5-8F6A-B216CD13B9D5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-20] (Microsoft Corporation)
Task: {DAD51C36-66AE-4E6F-ACAB-BBBFBDA1A872} - System32\Tasks\{9B919B26-39B8-4BE5-B803-87BF06F53AF9} => pcalua.exe -a "C:\Program Files (x86)\The Truth About Ada\uninst.exe"
Task: {DD98E0DC-9376-483C-B0C8-18C77B221676} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-05] (Google Inc.)
Task: {E6FEA7C8-0681-4A6B-A843-71A7DBA55CFB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {E9EC0A49-42C0-4AD7-AC8D-58A442344C81} - System32\Tasks\HPCeeScheduleForPC => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {EAE19955-D12A-498C-A8DB-4ECD1198B3CD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {EFD56A51-2461-43A1-9367-1AD7EF20178F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-05] (Google Inc.)
Task: {F1E47111-E947-45B1-B913-1D0BEA81AB80} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {F20956C5-4E2C-4C27-9CF2-9E3CA9110198} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F7C65971-6182-48B7-8113-5FDDE08CB97C} - System32\Tasks\GoogleUpdateTaskMachineCore1d12d13235539a1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-05] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d12d13235539a1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d12d13239242a7.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForPC.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-20 18:06 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-21 23:09 - 2015-08-21 23:09 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-04-22 08:21 - 2014-08-06 03:04 - 01441792 _____ () C:\Program Files\Everything\Everything.exe
2016-04-20 18:06 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-08-28 02:01 - 2015-08-28 02:01 - 00345336 _____ () C:\Program Files\OO Software\DiskImage\oodishrs.dll
2016-04-20 18:03 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-28 02:01 - 2015-08-28 02:01 - 00326904 _____ () C:\Program Files\OO Software\DiskImage\oodiagrs.dll
2015-08-28 02:01 - 2015-08-28 02:01 - 00069880 _____ () C:\Program Files\OO Software\DiskImage\oodiagpsx64.dll
2015-12-18 17:58 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-20 17:49 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-20 18:04 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-20 18:03 - 2016-04-02 05:00 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-04-20 18:05 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-20 18:05 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-08-28 02:01 - 2015-08-28 02:01 - 00553720 _____ () C:\Program Files\OO Software\DiskImage\ooditrrs.dll
2016-03-06 09:45 - 2016-01-08 14:31 - 00816640 _____ () C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe
2016-04-21 13:24 - 2016-04-06 04:12 - 02140824 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-21 13:24 - 2016-04-06 04:12 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 22:57 - 2015-12-07 22:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:8D09CB9B [338]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-261562712-3610274027-2406615811-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{07EFE3DE-0215-44F1-AE6F-5523FFC1F865}C:\program files (x86)\kyodai mahjongg 2006\kmj.exe] => (Block) C:\program files (x86)\kyodai mahjongg 2006\kmj.exe
FirewallRules: [TCP Query User{816AD850-E45A-458C-80C9-2A97385C33B4}C:\program files (x86)\kyodai mahjongg 2006\kmj.exe] => (Block) C:\program files (x86)\kyodai mahjongg 2006\kmj.exe
FirewallRules: [{621E8B2D-022D-46EA-B996-EAF7D48603C0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{184844D8-AA89-4531-91BD-293A9C52A133}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{37161028-A725-44BF-9C4E-0C75651C77A8}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [{73D83782-5CC4-4BE2-84FB-458D9DC6507E}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{849DE0BB-B464-4764-BD9D-78F05127D667}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{891BF47F-5287-448F-B2F6-BACC43D63C68}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [{C98CAAC0-1777-4D2D-9287-F90C1F1396B0}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{B23AC914-A616-4BD9-AB3F-FF7DCED7AB83}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{17D3F124-A5FA-4D97-97A2-4127C32E65B1}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{37CA90D8-31AC-4037-8833-E5DC7C4F7D6E}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{1D0086A4-00D4-447A-A68C-09E3421CE248}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{6B385AA1-3D7D-437D-8D44-3027E96A8565}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [TCP Query User{5633C939-A601-40CB-96F0-ECC59F8F63B3}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{C9410077-61F7-415B-BDF8-CC4294E0B438}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{C22D28AA-8C68-40EA-AFA4-90D9391D5031}] => (Allow) LPort=80
FirewallRules: [{174F6F07-C798-4548-8D51-FF9C864BCAD6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

30-03-2016 13:11:06 Removed inSSIDer 3
20-04-2016 19:21:20 Windows Update
20-04-2016 19:23:08 Windows Update
22-04-2016 11:16:03 Removed inSSIDer 3
24-04-2016 00:35:31 JRT Pre-Junkware Removal
24-04-2016 00:35:47 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/24/2016 07:42:01 PM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/24/2016 06:15:41 PM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/24/2016 12:22:23 PM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/24/2016 02:19:50 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/24/2016 02:17:10 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/24/2016 02:14:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamservice.exe, Version: 0.0.0.0, Zeitstempel: 0x56bd3616
Name des fehlerhaften Moduls: mbamservice.exe, Version: 0.0.0.0, Zeitstempel: 0x56bd3616
Ausnahmecode: 0x40000015
Fehleroffset: 0x000ad2a6
ID des fehlerhaften Prozesses: 0xbc8
Startzeit der fehlerhaften Anwendung: 0xmbamservice.exe0
Pfad der fehlerhaften Anwendung: mbamservice.exe1
Pfad des fehlerhaften Moduls: mbamservice.exe2
Berichtskennung: mbamservice.exe3
Vollständiger Name des fehlerhaften Pakets: mbamservice.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mbamservice.exe5

Error: (04/24/2016 12:36:37 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (04/24/2016 12:35:55 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (04/24/2016 12:24:55 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/24/2016 12:23:11 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.


Systemfehler:
=============
Error: (04/24/2016 07:39:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/24/2016 07:39:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/24/2016 07:39:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/24/2016 07:36:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Soda PDF 3D Reader Service" wurde mit folgendem Fehler beendet:
%%2147500037

Error: (04/24/2016 07:36:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (04/24/2016 07:36:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/24/2016 07:35:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/24/2016 07:34:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_1ca3f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/24/2016 07:34:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _1ca3f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/24/2016 07:34:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_1ca3f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-04-24 00:48:57.773
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-24 00:48:57.671
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-24 00:48:57.519
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-24 00:48:57.391
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-24 00:48:57.315
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-24 00:48:57.144
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-23 22:09:26.695
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-23 22:09:26.226
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-23 22:09:25.410
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-23 22:09:25.244
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: AMD E1-1200 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 3682.27 MB
Verfügbarer physikalischer RAM: 1899.44 MB
Summe virtueller Speicher: 7394.27 MB
Verfügbarer virtueller Speicher: 5409.35 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:465.07 GB) (Free:379.73 GB) NTFS
Drive d: (Assimil) (CDROM) (Total:0.13 GB) (Free:0 GB) CDFS
Drive e: (windows 10-Daten) (Fixed) (Total:58.59 GB) (Free:58.45 GB) NTFS
Drive f: (Elements) (Fixed) (Total:872.89 GB) (Free:462.34 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1FB83FB5)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: CA8D065F)
Partition 1: (Not Active) - (Size=872.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=58.6 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 24.04.2016
Suchlaufzeit: 18:20
Protokolldatei: mbam1.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.04.24.05
Rootkit-Datenbank: v2016.04.17.01
Lizenz: Testversion
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: PC

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 449498
Abgelaufene Zeit: 45 Min., 17 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
Code:
# AdwCleaner v5.112 - Bericht erstellt am 24/04/2016 um 18:08:31
# Aktualisiert am 17/04/2016 von Xplode
# Datenbank : 2016-04-24.2 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : PC - PC-PC
# Gestartet von : C:\Users\PC\Desktop\AdwCleaner_5.112 (1).exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [5035 Bytes] - [22/04/2016 12:40:11]
C:\AdwCleaner\AdwCleaner[C2].txt - [2249 Bytes] - [22/04/2016 12:51:01]
C:\AdwCleaner\AdwCleaner[C3].txt - [2221 Bytes] - [23/04/2016 23:08:38]
C:\AdwCleaner\AdwCleaner[C4].txt - [1120 Bytes] - [24/04/2016 18:08:31]
C:\AdwCleaner\AdwCleaner[S1].txt - [4750 Bytes] - [22/04/2016 12:35:42]
C:\AdwCleaner\AdwCleaner[S2].txt - [2028 Bytes] - [22/04/2016 12:47:30]
C:\AdwCleaner\AdwCleaner[S3].txt - [1894 Bytes] - [23/04/2016 22:58:48]
C:\AdwCleaner\AdwCleaner[S4].txt - [1234 Bytes] - [24/04/2016 18:04:47]

########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [1485 Bytes] ##########




Gruß Monstera

M-K-D-B 25.04.2016 15:42
Servus,


tut mir wirklich Leid, das zu hören. Ich wünsche dir alles Gute.


Die "Chrome Einstellungen" müssen wir noch zurücksetzen, da sitzt hartnäckig die Adware drinnen.


Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • Chrome Einstellungen zurücksetzen
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die beiden neuen Logdateien von FRST.

Monstera 26.04.2016 11:14
Habe ich erledigt , hier die geforderten Dateien

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-04-2016
durchgeführt von PC (2016-04-26 12:03:19)
Gestartet von C:\Users\PC\Desktop
Windows 10 Home Version 1511 (X64) (2015-12-02 19:27:34)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-261562712-3610274027-2406615811-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-261562712-3610274027-2406615811-503 - Limited - Disabled)
Gast (S-1-5-21-261562712-3610274027-2406615811-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-261562712-3610274027-2406615811-1003 - Limited - Enabled)
PC (S-1-5-21-261562712-3610274027-2406615811-1000 - Administrator - Enabled) => C:\Users\PC

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
AllDup 3.4.24 (HKLM-x32\...\AllDup_is1) (Version: 3.4.24 - Michael Thummerer Software Design)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
AntiBrowserSpy (HKLM-x32\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 169 - Abelssoft)
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo WinOptimizer 2016 (HKLM-x32\...\{4209F371-38F5-0B47-1C5B-A4A8456950A3}_is1) (Version: 12.00.40 - Ashampoo GmbH & Co. KG)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
COMPUTER BILD-App-Starter  (HKLM-x32\...\COMPUTER BILD-App-Starter) (Version:  - )
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
DC Toolkit Pro 2 Architekt (HKLM-x32\...\DC Toolkit Pro 2 Architekt_is1) (Version: 2.0.0 - Franzis Verlag)
DC Toolkit Pro 2 Ingenieur (HKLM-x32\...\DC Toolkit Pro 2 Ingenieur_is1) (Version: 2.0.0 - Franzis Verlag)
DC Toolkit Pro 2 Tischler (HKLM-x32\...\DC Toolkit Pro 2 Tischler_is1) (Version: 2.0.0 - Franzis Verlag)
DesignCAD 3D Max 23 (HKLM-x32\...\{01835371-C7CE-4307-A9F9-2DC37DA5293D}) (Version: 23.0.0 - IMSIDesign)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.39.1 - Dropbox, Inc.) Hidden
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version:  - )
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.173.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.2.8.17 - Hewlett-Packard Company)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Kyodai Mahjongg 2006 v1.42 (HKLM-x32\...\Kyodai Mahjongg 2006_is1) (Version:  - Rene-Gilles Deberdt)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LAV Filters 0.64 (HKLM-x32\...\lavfilters_is1) (Version: 0.64 - Hendrik Leppkes)
Mahjongg - Ancient Mayas (HKLM-x32\...\{BDA4BA81-D380-4596-95D3-5D8FA612FDA1}_is1) (Version:  - cerasus.media GmbH)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft Office XP Professional mit FrontPage (HKLM-x32\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.01 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
O&O DiskImage Professional (HKLM\...\{10C83530-840D-4AA3-994A-A9B9559B56C5}) (Version: 9.10.102 - O&O Software GmbH)
Photo BUZZER (64-Bit) (HKLM\...\EMOTION_PROJECTS_1_2_CDF5610E_is1) (Version: 1.14 - Franzis Verlag GmbH)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.8.8-r109999-release - Plays.tv, LLC)
Q-Dir (HKLM-x32\...\Q-Dir) (Version:  - )
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.0.3-r110001-release - Raptr, Inc)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.54.309.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6652 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29005 - Realtek Semiconductor Corp.)
Serif DrawPlus X6 (HKLM\...\{8A8AB2D3-53DE-4A65-8D35-68A09AA1AD7A}) (Version: 13.0.3.26 - Serif (Europe) Ltd)
Serif PhotoPlus X7 (HKLM\...\{7B7344AA-B8E3-4A86-B499-517B7E2F6CB3}) (Version: 17.0.3.023 - Serif (Europe) Ltd)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Soda PDF 3D Reader (HKLM-x32\...\{025C48E1-4695-4F49-906E-EBABCD54EA51}) (Version: 5.0.30.11889 - LULU Software Limited)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.19-0 - Bitnami)
XnView 2.34 (HKLM-x32\...\XnView_is1) (Version: 2.34 - Gougelet Pierre-e)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-261562712-3610274027-2406615811-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\PC\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02CF7A3F-AAD8-4E61-B716-7DBF67C62160} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {083DC944-E27B-4EF0-BE3A-6A8B9CBFC6A6} - System32\Tasks\{DA10FA2B-437F-4571-A584-D0387598B2E1} => pcalua.exe -a E:\sp57434.exe -d E:\
Task: {09229287-FF30-48DB-9DE5-91E55E89E074} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {0AB690DA-867C-4EDB-AA55-892133CDB826} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {1325C51C-5CC3-4DF3-B7C9-5B57E5123167} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {1606EAEC-B83E-4107-9867-F338B4922033} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {1A2EBA06-C61F-4C4C-95E3-CA9BFE43FCBE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {1BBA0ECC-16DF-4F48-ACE3-DBC900C1FF77} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {1C9B5F6C-EF78-49FE-A751-3ADD6F983855} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {2489FFE5-74F6-4214-AA7B-3F91D7861FC6} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {25F5691A-40A5-4C51-A023-5868C329C30B} - System32\Tasks\GoogleUpdateTaskMachineUA1d12d13239242a7 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-05] (Google Inc.)
Task: {27DF7894-4511-41CB-A2B5-5782D30905AA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2EAC86C0-E1D1-4E10-B0BF-B6B3CEBDCA28} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {326554BD-203C-4386-B368-8D2C3C9B0C19} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {3776E8F3-C578-4CFA-AA31-4ED66052B967} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {3BA80EFA-741E-4339-B123-E5E776BB75DE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {3CA58688-DC7F-40F8-A2CA-8C14FDDA1AB9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {429E8375-B79A-4594-BFE9-645B12E10D9F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-04-05] (HP Inc.)
Task: {4FB532F7-2023-406C-9928-0CE390D4F55D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-03-11] (Hewlett-Packard)
Task: {50876B6C-6ACA-4C96-AA98-CA8E6AE29AAD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {58E813EE-8224-4914-AA68-F14F5A02CF53} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {6047C20E-9A0E-4C77-A366-153386332B3F} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {610E1FB8-3626-490B-BF08-4B5F06FB16DD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {68B7518E-247D-4C6F-8B0F-5858D8752CBB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {6CEF1D55-4A8B-4FBA-A552-B579A87318E6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {6E6CB22B-9331-4420-800D-2BBFC0CE0DBC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {719553D7-525B-4057-B2DB-3413BF402FFF} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {7D4878E8-64E5-4602-8C07-E80A167323F8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {87DC8B2C-7C3D-4FB3-B5B2-9B7D0BBD1DA1} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {9131E4CD-A123-4A88-9D6F-41526BC40D8D} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {93E24D23-CE2B-456E-B406-7271860E1614} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {9CD31E09-A1DB-4E96-8389-1F4D2214B707} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {9E41352D-BBCB-451F-BAAB-8E2C8D36A7A1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {A098E5AB-228A-4706-9DEF-9A4DA79C69D2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {A28CA1CA-59F5-4C86-BBDB-4B37A77BD2D3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {A63BC3DC-2DCD-49A1-96A3-52D760470BAD} - System32\Tasks\{1A69F63C-CDDF-4D93-B81E-E410515DEF76} => pcalua.exe -a E:\sp58586.exe -d E:\
Task: {AC471F45-FA8D-4B45-8D93-9CCCB309F1F3} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-26] (Dropbox, Inc.)
Task: {AE4C289D-67A5-45C9-8CA5-992352EA3637} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-04-05] (HP Inc.)
Task: {B48D4983-B0E5-4D4E-A235-BEB39593EF3C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {B9DC49B2-E0E9-499F-B205-75282CE82DFA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {BC242B0C-D8EE-444F-985C-9D04D42918DB} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {C05F19EE-BC80-40A9-9EF7-E06F2B1D967A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {C3E1F0B3-F893-47FB-8A59-1C5075643228} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {C5C6C097-7861-4D38-B078-00A867236A95} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {CBE30283-25FE-45A5-8F6A-B216CD13B9D5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-20] (Microsoft Corporation)
Task: {DAD51C36-66AE-4E6F-ACAB-BBBFBDA1A872} - System32\Tasks\{9B919B26-39B8-4BE5-B803-87BF06F53AF9} => pcalua.exe -a "C:\Program Files (x86)\The Truth About Ada\uninst.exe"
Task: {DD98E0DC-9376-483C-B0C8-18C77B221676} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-05] (Google Inc.)
Task: {E26E4069-8343-45CF-88A2-6EFA9B63B3DF} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-26] (Dropbox, Inc.)
Task: {E6FEA7C8-0681-4A6B-A843-71A7DBA55CFB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {E9EC0A49-42C0-4AD7-AC8D-58A442344C81} - System32\Tasks\HPCeeScheduleForPC => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {EAE19955-D12A-498C-A8DB-4ECD1198B3CD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {EFD56A51-2461-43A1-9367-1AD7EF20178F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-05] (Google Inc.)
Task: {F1E47111-E947-45B1-B913-1D0BEA81AB80} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {F20956C5-4E2C-4C27-9CF2-9E3CA9110198} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F7C65971-6182-48B7-8113-5FDDE08CB97C} - System32\Tasks\GoogleUpdateTaskMachineCore1d12d13235539a1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-05] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d12d13235539a1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d12d13239242a7.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForPC.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-20 18:06 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-21 23:09 - 2015-08-21 23:09 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-04-22 08:21 - 2014-08-06 03:04 - 01441792 _____ () C:\Program Files\Everything\Everything.exe
2016-04-20 18:06 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-08-28 02:01 - 2015-08-28 02:01 - 00345336 _____ () C:\Program Files\OO Software\DiskImage\oodishrs.dll
2015-08-28 02:01 - 2015-08-28 02:01 - 00326904 _____ () C:\Program Files\OO Software\DiskImage\oodiagrs.dll
2015-08-28 02:01 - 2015-08-28 02:01 - 00069880 _____ () C:\Program Files\OO Software\DiskImage\oodiagpsx64.dll
2016-04-20 18:03 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-18 17:58 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-20 17:49 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-20 18:04 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-20 18:03 - 2016-04-02 05:00 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-04-20 18:05 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-20 18:05 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-08-28 02:01 - 2015-08-28 02:01 - 00553720 _____ () C:\Program Files\OO Software\DiskImage\ooditrrs.dll
2016-03-06 09:45 - 2016-01-08 14:31 - 00816640 _____ () C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe
2016-04-20 18:31 - 2016-04-20 18:32 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-04-21 13:24 - 2016-04-06 04:12 - 02140824 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-21 13:24 - 2016-04-06 04:12 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 22:57 - 2015-12-07 22:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2016-04-26 11:12 - 2016-03-21 23:50 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-04-26 11:11 - 2016-03-21 23:51 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-04-26 11:12 - 2016-03-21 23:50 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-04-26 11:12 - 2016-03-21 23:50 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-04-26 11:12 - 2016-03-21 23:50 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-04-26 11:12 - 2016-03-21 23:50 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-04-26 11:12 - 2016-04-08 20:20 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-04-26 11:12 - 2016-03-21 23:50 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-04-26 11:11 - 2016-04-08 20:19 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-04-26 11:12 - 2016-03-21 23:51 - 00112592 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-04-26 11:11 - 2016-04-08 20:19 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-04-26 11:11 - 2016-04-08 20:19 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-04-26 11:11 - 2016-04-08 20:19 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-04-26 11:11 - 2016-03-21 23:52 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-04-26 11:11 - 2016-04-08 20:19 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-04-26 11:11 - 2016-04-08 20:19 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-04-26 11:12 - 2016-03-21 23:50 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-04-26 11:12 - 2016-03-21 23:50 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-04-26 11:11 - 2016-03-21 23:51 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2016-04-26 11:11 - 2016-04-08 20:19 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-04-26 11:11 - 2016-03-21 23:52 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-04-26 11:11 - 2016-04-08 20:19 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-04-26 11:11 - 2016-03-12 02:46 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-04-26 11:12 - 2016-04-08 20:19 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00021824 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-04-26 11:11 - 2016-04-08 20:19 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-04-26 11:11 - 2016-04-08 20:19 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-04-26 11:12 - 2016-04-08 20:20 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-04-26 11:12 - 2016-03-21 23:51 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00158008 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-04-26 11:11 - 2016-03-21 23:54 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-04-26 11:11 - 2016-03-21 23:54 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-04-26 11:12 - 2016-04-08 20:20 - 00025928 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-04-26 11:12 - 2016-03-21 23:56 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-04-20 18:31 - 2016-04-20 18:32 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-20 18:31 - 2016-04-20 18:32 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:8D09CB9B [338]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-261562712-3610274027-2406615811-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{07EFE3DE-0215-44F1-AE6F-5523FFC1F865}C:\program files (x86)\kyodai mahjongg 2006\kmj.exe] => (Block) C:\program files (x86)\kyodai mahjongg 2006\kmj.exe
FirewallRules: [TCP Query User{816AD850-E45A-458C-80C9-2A97385C33B4}C:\program files (x86)\kyodai mahjongg 2006\kmj.exe] => (Block) C:\program files (x86)\kyodai mahjongg 2006\kmj.exe
FirewallRules: [{621E8B2D-022D-46EA-B996-EAF7D48603C0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{184844D8-AA89-4531-91BD-293A9C52A133}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{37161028-A725-44BF-9C4E-0C75651C77A8}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [{73D83782-5CC4-4BE2-84FB-458D9DC6507E}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{849DE0BB-B464-4764-BD9D-78F05127D667}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{891BF47F-5287-448F-B2F6-BACC43D63C68}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [{C98CAAC0-1777-4D2D-9287-F90C1F1396B0}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{B23AC914-A616-4BD9-AB3F-FF7DCED7AB83}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{17D3F124-A5FA-4D97-97A2-4127C32E65B1}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{37CA90D8-31AC-4037-8833-E5DC7C4F7D6E}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{1D0086A4-00D4-447A-A68C-09E3421CE248}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{6B385AA1-3D7D-437D-8D44-3027E96A8565}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [TCP Query User{5633C939-A601-40CB-96F0-ECC59F8F63B3}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{C9410077-61F7-415B-BDF8-CC4294E0B438}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{C22D28AA-8C68-40EA-AFA4-90D9391D5031}] => (Allow) LPort=80
FirewallRules: [{174F6F07-C798-4548-8D51-FF9C864BCAD6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{65BA0E3C-6C76-4473-8125-30BC7DCEEC47}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Wiederherstellungspunkte =========================

30-03-2016 13:11:06 Removed inSSIDer 3
20-04-2016 19:21:20 Windows Update
20-04-2016 19:23:08 Windows Update
22-04-2016 11:16:03 Removed inSSIDer 3
24-04-2016 00:35:31 JRT Pre-Junkware Removal
24-04-2016 00:35:47 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/26/2016 12:01:21 PM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/26/2016 11:58:19 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/26/2016 05:50:26 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/26/2016 05:40:58 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/26/2016 05:39:45 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/26/2016 01:12:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: ESENT.dll, Version: 10.0.10586.212, Zeitstempel: 0x56fa1686
Ausnahmecode: 0xc0000602
Fehleroffset: 0x000000000022885f
ID des fehlerhaften Prozesses: 0xc80
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (04/26/2016 01:12:53 AM) (Source: ESENT) (EventID: 908) (User: )
Description: svchost (3200) Der Prozess wird aufgrund eines nicht behebbaren Fehlers beendet: PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1601(dir.cxx:753): dllentry.cxx(103) (ESENT[10.0.10586.0] RETAIL RTM MBCS)

Error: (04/25/2016 05:04:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm EXCEL.EXE, Version 10.0.2614.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1a04

Startzeit: 01d19f039a09e222

Beendigungszeit: 50

Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE

Berichts-ID: eee84045-0af6-11e6-b720-20689d1e57b6

Vollständiger Name des fehlerhaften Pakets:

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (04/25/2016 06:56:48 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/25/2016 06:53:35 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.


Systemfehler:
=============
Error: (04/26/2016 11:53:18 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Soda PDF 3D Reader Service" wurde mit folgendem Fehler beendet:
%%2147500037

Error: (04/26/2016 11:53:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (04/26/2016 11:53:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/26/2016 11:53:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/26/2016 11:51:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_1ce53" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/26/2016 11:51:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _1ce53" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/26/2016 11:51:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_1ce53" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/26/2016 11:51:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_1ce53" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/26/2016 05:45:31 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Soda PDF 3D Reader Service" wurde mit folgendem Fehler beendet:
%%2147500037

Error: (04/26/2016 05:45:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058


CodeIntegrity:
===================================
  Date: 2016-04-26 11:44:18.709
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-26 11:44:18.656
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-26 11:44:18.542
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-26 11:44:18.441
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-26 11:44:18.388
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-26 11:44:18.287
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-26 09:17:26.737
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-26 09:17:26.626
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-26 09:17:26.330
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-26 09:17:26.128
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: AMD E1-1200 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 3682.27 MB
Verfügbarer physikalischer RAM: 1847.79 MB
Summe virtueller Speicher: 7394.27 MB
Verfügbarer virtueller Speicher: 5449.07 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:465.07 GB) (Free:379.22 GB) NTFS
Drive d: (Assimil) (CDROM) (Total:0.13 GB) (Free:0 GB) CDFS
Drive e: (windows 10-Daten) (Fixed) (Total:58.59 GB) (Free:58.45 GB) NTFS
Drive f: (Elements) (Fixed) (Total:872.89 GB) (Free:462.34 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1FB83FB5)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: CA8D065F)
Partition 1: (Not Active) - (Size=872.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=58.6 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Code:

LastRegBack: 2016-04-20 17:49

==================== Ende von FRST.txt ============================
[CODE]Monstera LtrJlLjEj5cAdwCleaner Logfile:
Code:
# AdwCleaner v5.113 - Bericht erstellt am 26/04/2016 um 11:44:04
# Aktualisiert am 24/04/2016 von Xplode
# Datenbank : 2016-04-24.3 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : PC - PC-PC
# Gestartet von : C:\Users\PC\Desktop\adwcleaner_5.113.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLL ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [5035 Bytes] - [22/04/2016 12:40:11]
C:\AdwCleaner\AdwCleaner[C2].txt - [2249 Bytes] - [22/04/2016 12:51:01]
C:\AdwCleaner\AdwCleaner[C3].txt - [2221 Bytes] - [23/04/2016 23:08:38]
C:\AdwCleaner\AdwCleaner[C4].txt - [1564 Bytes] - [24/04/2016 18:08:31]
C:\AdwCleaner\AdwCleaner[S1].txt - [4750 Bytes] - [22/04/2016 12:35:42]
C:\AdwCleaner\AdwCleaner[S2].txt - [2028 Bytes] - [22/04/2016 12:47:30]
C:\AdwCleaner\AdwCleaner[S3].txt - [1894 Bytes] - [23/04/2016 22:58:48]
C:\AdwCleaner\AdwCleaner[S4].txt - [1234 Bytes] - [24/04/2016 18:04:47]
C:\AdwCleaner\AdwCleaner[S5].txt - [1224 Bytes] - [26/04/2016 11:44:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1297 Bytes] ##########
--- --- ---


Gruß Monstera

M-K-D-B 26.04.2016 15:36
Servus,


kannst du bitte bei AdwCleaner > Optionen > Chrome Einstellungen zurücksetzen anhaken, bevor du auf "Suchen" und dann auf "Löschen" klickst?

Bitte nachholfen.


FRST dann bitte nochmal.

Monstera 27.04.2016 08:24
Das habe ich schon richtig gemacht ADWcleaner hat eben nichts gefunden. Trotzdem hier die Files.

Code:
# AdwCleaner v5.113 - Bericht erstellt am 27/04/2016 um 08:46:18
# Aktualisiert am 24/04/2016 von Xplode
# Datenbank : 2016-04-24.3 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : PC - PC-PC
# Gestartet von : C:\Users\PC\Desktop\adwcleaner_5.113.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
:: Chrome Einstellungen zurückgesetzt : C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default
:: Chrome Einstellungen zurückgesetzt : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [5035 Bytes] - [22/04/2016 12:40:11]
C:\AdwCleaner\AdwCleaner[C2].txt - [2249 Bytes] - [22/04/2016 12:51:01]
C:\AdwCleaner\AdwCleaner[C3].txt - [2221 Bytes] - [23/04/2016 23:08:38]
C:\AdwCleaner\AdwCleaner[C4].txt - [1564 Bytes] - [24/04/2016 18:08:31]
C:\AdwCleaner\AdwCleaner[C5].txt - [1275 Bytes] - [27/04/2016 08:46:18]
C:\AdwCleaner\AdwCleaner[S1].txt - [4750 Bytes] - [22/04/2016 12:35:42]
C:\AdwCleaner\AdwCleaner[S2].txt - [2028 Bytes] - [22/04/2016 12:47:30]
C:\AdwCleaner\AdwCleaner[S3].txt - [1894 Bytes] - [23/04/2016 22:58:48]
C:\AdwCleaner\AdwCleaner[S4].txt - [1234 Bytes] - [24/04/2016 18:04:47]
C:\AdwCleaner\AdwCleaner[S5].txt - [1376 Bytes] - [26/04/2016 11:44:04]
C:\AdwCleaner\AdwCleaner[S6].txt - [1449 Bytes] - [27/04/2016 08:42:54]

########## EOF - C:\AdwCleaner\AdwCleaner[C5].txt - [1786 Bytes] ##########
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-04-2016
durchgeführt von PC (2016-04-27 08:53:51)
Gestartet von C:\Users\PC\Desktop
Windows 10 Home Version 1511 (X64) (2015-12-02 19:27:34)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-261562712-3610274027-2406615811-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-261562712-3610274027-2406615811-503 - Limited - Disabled)
Gast (S-1-5-21-261562712-3610274027-2406615811-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-261562712-3610274027-2406615811-1003 - Limited - Enabled)
PC (S-1-5-21-261562712-3610274027-2406615811-1000 - Administrator - Enabled) => C:\Users\PC

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
AllDup 3.4.24 (HKLM-x32\...\AllDup_is1) (Version: 3.4.24 - Michael Thummerer Software Design)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
AntiBrowserSpy (HKLM-x32\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 169 - Abelssoft)
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo WinOptimizer 2016 (HKLM-x32\...\{4209F371-38F5-0B47-1C5B-A4A8456950A3}_is1) (Version: 12.00.40 - Ashampoo GmbH & Co. KG)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
COMPUTER BILD-App-Starter  (HKLM-x32\...\COMPUTER BILD-App-Starter) (Version:  - )
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
DC Toolkit Pro 2 Architekt (HKLM-x32\...\DC Toolkit Pro 2 Architekt_is1) (Version: 2.0.0 - Franzis Verlag)
DC Toolkit Pro 2 Ingenieur (HKLM-x32\...\DC Toolkit Pro 2 Ingenieur_is1) (Version: 2.0.0 - Franzis Verlag)
DC Toolkit Pro 2 Tischler (HKLM-x32\...\DC Toolkit Pro 2 Tischler_is1) (Version: 2.0.0 - Franzis Verlag)
DesignCAD 3D Max 23 (HKLM-x32\...\{01835371-C7CE-4307-A9F9-2DC37DA5293D}) (Version: 23.0.0 - IMSIDesign)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.39.1 - Dropbox, Inc.) Hidden
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version:  - )
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.173.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.2.8.17 - Hewlett-Packard Company)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Kyodai Mahjongg 2006 v1.42 (HKLM-x32\...\Kyodai Mahjongg 2006_is1) (Version:  - Rene-Gilles Deberdt)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LAV Filters 0.64 (HKLM-x32\...\lavfilters_is1) (Version: 0.64 - Hendrik Leppkes)
Mahjongg - Ancient Mayas (HKLM-x32\...\{BDA4BA81-D380-4596-95D3-5D8FA612FDA1}_is1) (Version:  - cerasus.media GmbH)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft Office XP Professional mit FrontPage (HKLM-x32\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.01 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
O&O DiskImage Professional (HKLM\...\{10C83530-840D-4AA3-994A-A9B9559B56C5}) (Version: 9.10.102 - O&O Software GmbH)
Photo BUZZER (64-Bit) (HKLM\...\EMOTION_PROJECTS_1_2_CDF5610E_is1) (Version: 1.14 - Franzis Verlag GmbH)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.8.8-r109999-release - Plays.tv, LLC)
Q-Dir (HKLM-x32\...\Q-Dir) (Version:  - )
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.0.3-r110001-release - Raptr, Inc)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.54.309.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6652 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29005 - Realtek Semiconductor Corp.)
Serif DrawPlus X6 (HKLM\...\{8A8AB2D3-53DE-4A65-8D35-68A09AA1AD7A}) (Version: 13.0.3.26 - Serif (Europe) Ltd)
Serif PhotoPlus X7 (HKLM\...\{7B7344AA-B8E3-4A86-B499-517B7E2F6CB3}) (Version: 17.0.3.023 - Serif (Europe) Ltd)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Soda PDF 3D Reader (HKLM-x32\...\{025C48E1-4695-4F49-906E-EBABCD54EA51}) (Version: 5.0.30.11889 - LULU Software Limited)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.19-0 - Bitnami)
XnView 2.34 (HKLM-x32\...\XnView_is1) (Version: 2.34 - Gougelet Pierre-e)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-261562712-3610274027-2406615811-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\PC\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02CF7A3F-AAD8-4E61-B716-7DBF67C62160} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {083DC944-E27B-4EF0-BE3A-6A8B9CBFC6A6} - System32\Tasks\{DA10FA2B-437F-4571-A584-D0387598B2E1} => pcalua.exe -a E:\sp57434.exe -d E:\
Task: {09229287-FF30-48DB-9DE5-91E55E89E074} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {0AB690DA-867C-4EDB-AA55-892133CDB826} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {1325C51C-5CC3-4DF3-B7C9-5B57E5123167} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {1606EAEC-B83E-4107-9867-F338B4922033} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {1A2EBA06-C61F-4C4C-95E3-CA9BFE43FCBE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {1BBA0ECC-16DF-4F48-ACE3-DBC900C1FF77} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {1C9B5F6C-EF78-49FE-A751-3ADD6F983855} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {2489FFE5-74F6-4214-AA7B-3F91D7861FC6} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {25F5691A-40A5-4C51-A023-5868C329C30B} - System32\Tasks\GoogleUpdateTaskMachineUA1d12d13239242a7 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-05] (Google Inc.)
Task: {27DF7894-4511-41CB-A2B5-5782D30905AA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2EAC86C0-E1D1-4E10-B0BF-B6B3CEBDCA28} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {326554BD-203C-4386-B368-8D2C3C9B0C19} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {3776E8F3-C578-4CFA-AA31-4ED66052B967} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {3BA80EFA-741E-4339-B123-E5E776BB75DE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {3CA58688-DC7F-40F8-A2CA-8C14FDDA1AB9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {429E8375-B79A-4594-BFE9-645B12E10D9F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-04-05] (HP Inc.)
Task: {4FB532F7-2023-406C-9928-0CE390D4F55D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-04-06] (Hewlett-Packard)
Task: {50876B6C-6ACA-4C96-AA98-CA8E6AE29AAD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {6047C20E-9A0E-4C77-A366-153386332B3F} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {610E1FB8-3626-490B-BF08-4B5F06FB16DD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {68B7518E-247D-4C6F-8B0F-5858D8752CBB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {6CEF1D55-4A8B-4FBA-A552-B579A87318E6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {6E6CB22B-9331-4420-800D-2BBFC0CE0DBC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {719553D7-525B-4057-B2DB-3413BF402FFF} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {7D4878E8-64E5-4602-8C07-E80A167323F8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {87DC8B2C-7C3D-4FB3-B5B2-9B7D0BBD1DA1} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {9131E4CD-A123-4A88-9D6F-41526BC40D8D} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {93E24D23-CE2B-456E-B406-7271860E1614} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {9CD31E09-A1DB-4E96-8389-1F4D2214B707} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {9E41352D-BBCB-451F-BAAB-8E2C8D36A7A1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {A098E5AB-228A-4706-9DEF-9A4DA79C69D2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {A28CA1CA-59F5-4C86-BBDB-4B37A77BD2D3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {A63BC3DC-2DCD-49A1-96A3-52D760470BAD} - System32\Tasks\{1A69F63C-CDDF-4D93-B81E-E410515DEF76} => pcalua.exe -a E:\sp58586.exe -d E:\
Task: {AC471F45-FA8D-4B45-8D93-9CCCB309F1F3} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-26] (Dropbox, Inc.)
Task: {AE4C289D-67A5-45C9-8CA5-992352EA3637} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-04-05] (HP Inc.)
Task: {B48D4983-B0E5-4D4E-A235-BEB39593EF3C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {B9DC49B2-E0E9-499F-B205-75282CE82DFA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {BC242B0C-D8EE-444F-985C-9D04D42918DB} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {C05F19EE-BC80-40A9-9EF7-E06F2B1D967A} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {C3E1F0B3-F893-47FB-8A59-1C5075643228} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {C5C6C097-7861-4D38-B078-00A867236A95} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {CBE30283-25FE-45A5-8F6A-B216CD13B9D5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-20] (Microsoft Corporation)
Task: {D8DFC9DA-E2ED-4148-A9B0-9D6BA9440554} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {DAD51C36-66AE-4E6F-ACAB-BBBFBDA1A872} - System32\Tasks\{9B919B26-39B8-4BE5-B803-87BF06F53AF9} => pcalua.exe -a "C:\Program Files (x86)\The Truth About Ada\uninst.exe"
Task: {DD98E0DC-9376-483C-B0C8-18C77B221676} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-05] (Google Inc.)
Task: {E26E4069-8343-45CF-88A2-6EFA9B63B3DF} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-26] (Dropbox, Inc.)
Task: {E6FEA7C8-0681-4A6B-A843-71A7DBA55CFB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {E9EC0A49-42C0-4AD7-AC8D-58A442344C81} - System32\Tasks\HPCeeScheduleForPC => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {EAE19955-D12A-498C-A8DB-4ECD1198B3CD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {EFD56A51-2461-43A1-9367-1AD7EF20178F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-05] (Google Inc.)
Task: {F1E47111-E947-45B1-B913-1D0BEA81AB80} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {F20956C5-4E2C-4C27-9CF2-9E3CA9110198} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F7C65971-6182-48B7-8113-5FDDE08CB97C} - System32\Tasks\GoogleUpdateTaskMachineCore1d12d13235539a1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-05] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d12d13235539a1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d12d13239242a7.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForPC.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-20 18:06 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-20 18:06 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-08-21 23:09 - 2015-08-21 23:09 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-04-22 08:21 - 2014-08-06 03:04 - 01441792 _____ () C:\Program Files\Everything\Everything.exe
2016-04-20 18:03 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-20 18:05 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-28 02:01 - 2015-08-28 02:01 - 00326904 _____ () C:\Program Files\OO Software\DiskImage\oodiagrs.dll
2015-08-28 02:01 - 2015-08-28 02:01 - 00069880 _____ () C:\Program Files\OO Software\DiskImage\oodiagpsx64.dll
2015-12-18 17:58 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-20 17:49 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-20 18:04 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-20 18:03 - 2016-04-02 05:00 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-04-20 18:05 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-20 18:02 - 2016-04-02 04:58 - 00150016 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2016-04-20 18:03 - 2016-04-02 04:58 - 00098304 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\DeviceSideServicesActionUriHandler.dll
2016-04-20 18:03 - 2016-04-02 04:58 - 00529408 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll
2015-10-30 09:18 - 2015-10-30 20:44 - 00037888 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node
2015-10-30 09:18 - 2015-10-30 20:44 - 00796160 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node
2015-10-30 09:18 - 2015-10-30 20:44 - 00961024 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node
2015-10-30 09:18 - 2015-10-30 20:44 - 00206336 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node
2015-10-30 09:18 - 2015-10-30 20:44 - 00558592 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node
2015-10-30 09:18 - 2015-10-30 20:44 - 00397824 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node
2016-04-20 18:04 - 2016-04-02 04:58 - 01645056 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.IntentExtraction.dll
2015-10-30 09:18 - 2015-10-30 20:44 - 00181248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node
2016-04-20 18:11 - 2016-04-20 18:11 - 01506304 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe\People.BackgroundTasks.dll
2016-04-20 18:11 - 2016-04-20 18:11 - 00123904 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe\PeopleUtilRT.Windows.dll
2015-12-18 17:59 - 2015-12-07 06:59 - 03081568 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2015-12-18 17:58 - 2015-12-07 06:57 - 02394976 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2015-08-28 02:01 - 2015-08-28 02:01 - 00553720 _____ () C:\Program Files\OO Software\DiskImage\ooditrrs.dll
2016-03-06 09:45 - 2016-01-08 14:31 - 00816640 _____ () C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe
2015-11-24 22:48 - 2015-11-24 22:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 22:57 - 2015-12-07 22:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2016-04-26 11:12 - 2016-03-21 23:50 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-04-26 11:11 - 2016-03-21 23:51 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-04-26 11:12 - 2016-03-21 23:50 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-04-26 11:12 - 2016-03-21 23:50 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-04-26 11:12 - 2016-03-21 23:50 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-04-26 11:12 - 2016-03-21 23:50 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-04-26 11:12 - 2016-04-08 20:20 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-04-26 11:12 - 2016-03-21 23:50 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-04-26 11:11 - 2016-04-08 20:19 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-04-26 11:12 - 2016-03-21 23:51 - 00112592 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-04-26 11:11 - 2016-04-08 20:19 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-04-26 11:11 - 2016-04-08 20:19 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-04-26 11:11 - 2016-04-08 20:19 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-04-26 11:11 - 2016-03-21 23:52 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-04-26 11:11 - 2016-04-08 20:19 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-04-26 11:11 - 2016-04-08 20:19 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-04-26 11:12 - 2016-03-21 23:50 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-04-26 11:12 - 2016-03-21 23:50 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-04-26 11:11 - 2016-03-21 23:51 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2016-04-26 11:11 - 2016-04-08 20:19 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-04-26 11:11 - 2016-03-21 23:52 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-04-26 11:11 - 2016-04-08 20:19 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-04-26 11:11 - 2016-03-12 02:46 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-04-26 11:12 - 2016-04-08 20:19 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00021824 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-04-26 11:11 - 2016-04-08 20:19 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-04-26 11:12 - 2016-03-21 23:52 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-04-26 11:11 - 2016-04-08 20:19 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-04-26 11:12 - 2016-04-08 20:20 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-04-26 11:12 - 2016-03-21 23:51 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00158008 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-04-26 11:11 - 2016-03-21 23:54 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-04-26 11:11 - 2016-03-21 23:54 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-04-26 11:12 - 2016-04-08 20:20 - 00025928 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-04-26 11:12 - 2016-04-08 20:20 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-04-26 11:12 - 2016-03-21 23:56 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:8D09CB9B [338]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-261562712-3610274027-2406615811-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{07EFE3DE-0215-44F1-AE6F-5523FFC1F865}C:\program files (x86)\kyodai mahjongg 2006\kmj.exe] => (Block) C:\program files (x86)\kyodai mahjongg 2006\kmj.exe
FirewallRules: [TCP Query User{816AD850-E45A-458C-80C9-2A97385C33B4}C:\program files (x86)\kyodai mahjongg 2006\kmj.exe] => (Block) C:\program files (x86)\kyodai mahjongg 2006\kmj.exe
FirewallRules: [{621E8B2D-022D-46EA-B996-EAF7D48603C0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{184844D8-AA89-4531-91BD-293A9C52A133}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{37161028-A725-44BF-9C4E-0C75651C77A8}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [{73D83782-5CC4-4BE2-84FB-458D9DC6507E}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{849DE0BB-B464-4764-BD9D-78F05127D667}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{891BF47F-5287-448F-B2F6-BACC43D63C68}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [{C98CAAC0-1777-4D2D-9287-F90C1F1396B0}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{B23AC914-A616-4BD9-AB3F-FF7DCED7AB83}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{17D3F124-A5FA-4D97-97A2-4127C32E65B1}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{37CA90D8-31AC-4037-8833-E5DC7C4F7D6E}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{1D0086A4-00D4-447A-A68C-09E3421CE248}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{6B385AA1-3D7D-437D-8D44-3027E96A8565}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [TCP Query User{5633C939-A601-40CB-96F0-ECC59F8F63B3}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{C9410077-61F7-415B-BDF8-CC4294E0B438}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{C22D28AA-8C68-40EA-AFA4-90D9391D5031}] => (Allow) LPort=80
FirewallRules: [{174F6F07-C798-4548-8D51-FF9C864BCAD6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{65BA0E3C-6C76-4473-8125-30BC7DCEEC47}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Wiederherstellungspunkte =========================

30-03-2016 13:11:06 Removed inSSIDer 3
20-04-2016 19:21:20 Windows Update
20-04-2016 19:23:08 Windows Update
22-04-2016 11:16:03 Removed inSSIDer 3
24-04-2016 00:35:31 JRT Pre-Junkware Removal
24-04-2016 00:35:47 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/27/2016 08:55:58 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/27/2016 08:18:29 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/27/2016 01:32:57 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/27/2016 01:31:37 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/27/2016 12:29:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: ESENT.dll, Version: 10.0.10586.212, Zeitstempel: 0x56fa1686
Ausnahmecode: 0xc0000602
Fehleroffset: 0x000000000022885f
ID des fehlerhaften Prozesses: 0x8ac
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (04/27/2016 12:29:44 AM) (Source: ESENT) (EventID: 908) (User: )
Description: svchost (2220) Der Prozess wird aufgrund eines nicht behebbaren Fehlers beendet: PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1054(tm.cxx:1630): dllentry.cxx(103) (ESENT[10.0.10586.0] RETAIL RTM MBCS)

Error: (04/26/2016 12:01:21 PM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/26/2016 11:58:19 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/26/2016 05:50:26 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.

Error: (04/26/2016 05:40:58 AM) (Source: HP Active Health) (EventID: 14) (User: )
Description: Exception while generating JSON: Die Eingabezeichenfolge hat das falsche Format.


Systemfehler:
=============
Error: (04/27/2016 08:48:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Soda PDF 3D Reader Service" wurde mit folgendem Fehler beendet:
%%2147500037

Error: (04/27/2016 08:47:57 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (04/27/2016 08:47:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/27/2016 08:47:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/27/2016 08:46:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_1b266" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/27/2016 08:46:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _1b266" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/27/2016 08:46:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_1b266" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/27/2016 08:46:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_1b266" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/27/2016 08:46:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Support Solutions Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/27/2016 08:46:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "OO DiskImage" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2016-04-26 19:29:25.068
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-26 19:29:21.670
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-26 19:29:21.476
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-26 11:44:18.709
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-26 11:44:18.656
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-26 11:44:18.542
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-26 11:44:18.441
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-26 11:44:18.388
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-26 11:44:18.287
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-26 09:17:26.737
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: AMD E1-1200 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 3682.27 MB
Verfügbarer physikalischer RAM: 2101.34 MB
Summe virtueller Speicher: 7394.27 MB
Verfügbarer virtueller Speicher: 5827.04 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:465.07 GB) (Free:378.77 GB) NTFS
Drive d: (Assimil) (CDROM) (Total:0.13 GB) (Free:0 GB) CDFS
Drive e: (windows 10-Daten) (Fixed) (Total:58.59 GB) (Free:58.45 GB) NTFS
Drive f: (Elements) (Fixed) (Total:872.89 GB) (Free:462.34 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1FB83FB5)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: CA8D065F)
Partition 1: (Not Active) - (Size=872.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=58.6 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Monstera 27.04.2016 08:31
Und hier der Rest

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
durchgeführt von PC (Administrator) auf PC-PC (27-04-2016 08:49:32)
Gestartet von C:\Users\PC\Desktop
Geladene Profile: PC (Verfügbare Profile: PC & Gast & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files\Everything\Everything.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(LULU Software Limited) C:\Program Files (x86)\Soda PDF 3D Reader\HelperService.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(O&O Software GmbH) C:\Program Files\OO Software\DiskImage\oodiag.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\vdsldr.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(O&O Software GmbH) C:\Program Files\OO Software\DiskImage\ooditray.exe
() C:\Program Files\Everything\Everything.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Farbar) C:\Users\PC\Desktop\FRST64 (1).exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6769.40891.0_x64__8wekyb3d8bbwe\HxTsr.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2015-11-27] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-28] (Synaptics Incorporated)
HKLM\...\Run: [OODITRAY.EXE] => C:\Program Files\OO Software\DiskImage\ooditray.exe [6360824 2015-08-28] (O&O Software GmbH)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-03-03] (Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [56592 2016-03-03] (Raptr, Inc)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23248560 2016-04-08] (Dropbox, Inc.)
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\Run: [F579D32520C4CBAF298862F1BEDBBDD0A557E2BB._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1003160 2016-04-06] (Google Inc.)
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51662464 2016-04-08] (Skype Technologies S.A.)
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\Run: [AntiBrowserSpy - BrowserMask] => C:\Program Files (x86)\AntiBrowserSpy\BrowserMask.exe [816640 2016-01-08] ()
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\MountPoints2: {8d0e7b99-e9a4-11e5-b6ff-20689d1e57b6} - "G:\autorun.exe"
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\...\MountPoints2: {9e81865e-3b60-11e5-88d7-806e6f6e6963} - "D:\start.exe"
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => C:\Program Files\OO Software\DiskImage\oodishi.dll [2015-08-28] (O&O Software GmbH)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2015-11-24]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-04-24]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{1f20a2f8-5f46-48e6-b412-693bd924926d}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{6dc7b702-0c45-4de1-a402-3cc3d6fa48c0}: [DhcpNameServer] 82.163.143.171
Tcpip\..\Interfaces\{c4506c39-3486-446e-aa19-5eac0360af24}: [DhcpNameServer] 82.163.143.171
Tcpip\..\Interfaces\{fd1e8feb-c8f3-4d2a-ac61-a21c3b3c1abc}: [DhcpNameServer] 82.163.143.171

Internet Explorer:
==================
HKU\S-1-5-21-261562712-3610274027-2406615811-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
SearchScopes: HKU\S-1-5-21-261562712-3610274027-2406615811-1000 -> {C1EE5DD0-D6CE-4591-AC55-509365F26D03} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=chr-yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-261562712-3610274027-2406615811-1000 -> {E71A49A3-7DFF-4CFD-801F-79BA30EDA49B} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-19] (Google Inc.)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-25] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-25] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-19] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19] (Google Inc.)
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-19] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-05]
CHR Extension: (Google Docs) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-05]
CHR Extension: (Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2016-04-22]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-25]
CHR Extension: (Adblock Plus) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-08]
CHR Extension: (Google Search) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-16]
CHR Extension: (Google Sheets) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-05]
CHR Extension: (Ad.Block Plus+) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopfmfbdadhahnjfgcbfcflmnlgpgggg [2016-01-05]
CHR Extension: (Google Docs Offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-21]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-05]
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2016-03-06] (Adobe Systems) [Datei ist nicht signiert]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-26] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-26] (Dropbox, Inc.)
R2 Everything; C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] () [Datei ist nicht signiert]
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
R2 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [7766264 2015-08-28] (O&O Software GmbH)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-03-03] (Plays.tv, LLC)
R2 Soda PDF 3D Reader Helper Service; C:\Program Files (x86)\Soda PDF 3D Reader\HelperService.exe [1162592 2013-08-19] (LULU Software Limited)
S2 Soda PDF 3D Reader Service; C:\Program Files (x86)\Soda PDF 3D Reader\ConversionService.exe [852320 2013-08-19] (LULU Software Limited)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 MBAMScheduler; "C:\Users\PC\Desktop\Malwarebytes Anti-Malware\mbamscheduler.exe" [X]
S2 MBAMService; "C:\Users\PC\Desktop\Malwarebytes Anti-Malware\mbamservice.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4318760 2015-08-28] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-09-18] (Advanced Micro Devices)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-24] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [116888 2015-08-28] (O&O Software GmbH)
R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [41112 2015-08-28] (O&O Software GmbH)
R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [255640 2015-08-28] (O&O Software GmbH)
R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44696 2015-08-28] (O&O Software GmbH)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30544 2016-02-17] (HP)
U3 DfSdkS; kein ImagePath
U3 idsvc; kein ImagePath
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-27 08:49 - 2016-04-27 08:52 - 00019254 _____ C:\Users\PC\Desktop\FRST.txt
2016-04-27 08:49 - 2016-04-27 08:49 - 00001868 _____ C:\Users\PC\Desktop\AdwCleaner[C5].txt
2016-04-26 19:28 - 2016-04-26 19:28 - 00053248 _____ C:\Users\PC\Downloads\MappeMoni (3).xls
2016-04-26 19:27 - 2016-04-26 19:45 - 00053248 _____ C:\Users\PC\Downloads\MappeMoni (2).xls
2016-04-26 11:42 - 2016-04-26 11:43 - 03580480 _____ C:\Users\PC\Desktop\adwcleaner_5.113.exe
2016-04-26 11:42 - 2016-04-26 11:42 - 03580480 _____ C:\Users\PC\Downloads\adwcleaner_5.113.exe
2016-04-26 11:16 - 2016-04-27 08:49 - 00000000 ___RD C:\Users\PC\Dropbox
2016-04-26 11:16 - 2016-04-26 11:16 - 00001299 _____ C:\Users\PC\Desktop\Dropbox.lnk
2016-04-26 11:12 - 2016-04-26 11:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-26 11:10 - 2016-04-26 11:10 - 00000000 ____D C:\Users\PC\AppData\Roaming\Dropbox
2016-04-26 11:08 - 2016-04-27 08:48 - 00001214 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-04-26 11:08 - 2016-04-27 08:13 - 00001218 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-04-26 11:08 - 2016-04-26 11:16 - 00000000 ____D C:\Users\PC\AppData\Local\Dropbox
2016-04-26 11:08 - 2016-04-26 11:13 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-04-26 11:08 - 2016-04-26 11:08 - 00004278 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2016-04-26 11:08 - 2016-04-26 11:08 - 00004046 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2016-04-26 11:08 - 2016-04-26 11:08 - 00000000 ____D C:\ProgramData\Dropbox
2016-04-26 11:07 - 2016-04-26 11:08 - 00690072 _____ (Dropbox, Inc.) C:\Users\PC\Downloads\DropboxInstaller.exe
2016-04-26 09:14 - 2016-04-26 09:14 - 00370529 _____ C:\Users\PC\Downloads\1442951102_anlmscom.zip
2016-04-26 09:14 - 2016-04-26 09:14 - 00370529 _____ C:\Users\PC\Downloads\1442951102_anlmscom (1).zip
2016-04-26 05:43 - 2016-04-26 05:43 - 00930536 _____ (Microsoft Corporation) C:\Users\PC\Downloads\VisualBasic6-KB896559-v1-DEU.exe
2016-04-25 17:46 - 2016-04-25 17:46 - 00119808 _____ C:\Users\PC\Downloads\mappemoni (1).xls
2016-04-25 17:06 - 2016-04-26 11:17 - 00125952 _____ C:\Users\PC\Downloads\mappemoni.xls
2016-04-24 02:13 - 2016-04-24 20:09 - 00000000 ____D C:\Users\PC\Desktop\Matthias1
2016-04-24 00:46 - 2016-04-24 00:46 - 02375680 _____ (Farbar) C:\Users\PC\Desktop\FRST64 (1).exe
2016-04-24 00:45 - 2016-04-24 00:46 - 02375680 _____ (Farbar) C:\Users\PC\Downloads\FRST64 (1).exe
2016-04-24 00:34 - 2016-04-24 00:34 - 01610008 _____ (Malwarebytes) C:\Users\PC\Desktop\JRT.exe
2016-04-24 00:33 - 2016-04-24 00:33 - 01610008 _____ (Malwarebytes) C:\Users\PC\Downloads\JRT.exe
2016-04-23 23:21 - 2016-04-24 19:39 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-04-23 23:20 - 2016-04-24 00:14 - 00000873 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-23 23:20 - 2016-04-23 23:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-23 23:20 - 2016-04-23 23:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-23 23:20 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-04-23 23:20 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-04-23 23:20 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-04-23 23:16 - 2016-04-23 23:17 - 22851472 _____ (Malwarebytes ) C:\Users\PC\Downloads\mbam-setup-2.2.1.1043.exe
2016-04-23 23:14 - 2016-04-23 23:18 - 22851472 _____ (Malwarebytes ) C:\Users\PC\Desktop\mbam-setup-2.2.1.1043.exe
2016-04-23 22:12 - 2016-04-24 00:14 - 00001469 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Snipping Tool Plus.lnk
2016-04-23 22:10 - 2016-04-23 22:10 - 00000000 ____D C:\Users\PC\AppData\Roaming\www.rene-zeidler.de
2016-04-23 22:10 - 2016-04-23 22:10 - 00000000 ____D C:\Users\PC\AppData\Local\www.rene-zeidler.de
2016-04-23 22:10 - 2016-04-23 22:10 - 00000000 ____D C:\ProgramData\www.rene-zeidler.de
2016-04-23 22:08 - 2016-04-23 22:09 - 00000000 ____D C:\Users\PC\Downloads\SnippingToolPlusv3-4-1-0
2016-04-22 23:32 - 2016-04-22 23:36 - 00264124 _____ C:\TDSSKiller.3.1.0.9_22.04.2016_23.32.14_log.txt
2016-04-22 23:27 - 2016-04-22 23:30 - 00264222 _____ C:\TDSSKiller.3.1.0.9_22.04.2016_23.27.57_log.txt
2016-04-22 23:26 - 2016-04-22 23:26 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\PC\Downloads\tdsskiller.exe
2016-04-22 23:19 - 2016-04-22 23:22 - 00041239 _____ C:\Users\PC\Downloads\Addition.txt
2016-04-22 23:16 - 2016-04-27 08:49 - 00000000 ____D C:\FRST
2016-04-22 23:16 - 2016-04-22 23:22 - 00060816 _____ C:\Users\PC\Downloads\FRST.txt
2016-04-22 23:15 - 2016-04-22 23:16 - 02375680 _____ (Farbar) C:\Users\PC\Downloads\FRST64.exe
2016-04-22 18:25 - 2016-04-23 21:51 - 00033280 _____ C:\Users\PC\Documents\Test-Moni.xls
2016-04-22 12:34 - 2016-04-27 08:46 - 00000000 ____D C:\AdwCleaner
2016-04-22 12:34 - 2016-04-22 12:34 - 03683904 _____ C:\Users\PC\Downloads\AdwCleaner_5.112.exe
2016-04-22 11:17 - 2016-04-22 11:18 - 00000000 ____D C:\Users\PC\Desktop\Spiele
2016-04-22 11:10 - 2016-04-22 11:11 - 00000000 ____D C:\Users\PC\Desktop\Konstruktionsapp
2016-04-22 08:21 - 2016-04-27 04:19 - 00000000 ____D C:\Users\PC\AppData\Roaming\Everything
2016-04-22 08:21 - 2016-04-22 08:21 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2016-04-22 08:21 - 2016-04-22 08:21 - 00000000 ____D C:\Program Files\Everything
2016-04-20 18:07 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-20 18:07 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-20 18:07 - 2016-03-29 10:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-20 18:07 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-20 18:07 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-20 18:07 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-20 18:07 - 2016-03-29 09:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-20 18:07 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-20 18:07 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-20 18:07 - 2016-03-29 09:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-20 18:07 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-20 18:07 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-20 18:07 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-20 18:07 - 2016-03-29 08:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-20 18:07 - 2016-03-29 08:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-20 18:07 - 2016-03-29 08:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-20 18:07 - 2016-03-29 08:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-20 18:07 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-20 18:07 - 2016-03-29 07:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-20 18:07 - 2016-03-29 07:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-20 18:07 - 2016-03-29 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-20 18:07 - 2016-03-29 07:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-20 18:07 - 2016-03-29 07:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-20 18:06 - 2016-03-29 12:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-20 18:06 - 2016-03-29 12:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-20 18:06 - 2016-03-29 10:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-20 18:06 - 2016-03-29 09:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-20 18:06 - 2016-03-29 09:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-20 18:06 - 2016-03-29 09:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-20 18:06 - 2016-03-29 08:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-20 18:06 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-20 18:06 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-20 18:06 - 2016-03-29 08:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-20 18:06 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-20 18:06 - 2016-03-29 08:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-20 18:06 - 2016-03-29 07:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-20 18:06 - 2016-03-29 07:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-20 18:05 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-20 18:05 - 2016-04-02 05:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-20 18:05 - 2016-04-02 05:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-20 18:05 - 2016-04-02 05:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-20 18:05 - 2016-04-02 05:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-20 18:05 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-20 18:05 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-20 18:05 - 2016-03-29 11:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-20 18:05 - 2016-03-29 10:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-20 18:05 - 2016-03-29 09:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-20 18:05 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-20 18:05 - 2016-03-29 09:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-20 18:05 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-20 18:05 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-20 18:05 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-20 18:05 - 2016-03-29 08:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-20 18:05 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-20 18:05 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-20 18:05 - 2016-03-29 08:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-20 18:05 - 2016-03-29 08:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-20 18:05 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-20 18:05 - 2016-03-29 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-20 18:05 - 2016-03-29 07:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-20 18:05 - 2016-03-29 07:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-20 18:05 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-20 18:05 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-20 18:05 - 2016-03-29 07:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-20 18:05 - 2016-03-29 07:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-20 18:04 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-20 18:04 - 2016-04-02 06:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-20 18:04 - 2016-04-02 05:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-20 18:04 - 2016-04-02 05:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-20 18:04 - 2016-04-02 05:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-20 18:04 - 2016-04-02 05:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-20 18:04 - 2016-04-02 05:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-20 18:04 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-20 18:04 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-20 18:04 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-20 18:04 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-20 18:04 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-20 18:04 - 2016-03-29 11:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-20 18:04 - 2016-03-29 11:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-20 18:04 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-20 18:04 - 2016-03-29 10:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-20 18:04 - 2016-03-29 10:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-20 18:04 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-20 18:04 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-20 18:04 - 2016-03-29 09:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-20 18:04 - 2016-03-29 09:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-20 18:04 - 2016-03-29 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-20 18:04 - 2016-03-29 09:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-20 18:04 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-20 18:04 - 2016-03-29 09:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-20 18:04 - 2016-03-29 09:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-20 18:04 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-20 18:04 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-20 18:04 - 2016-03-29 09:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-20 18:04 - 2016-03-29 09:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-20 18:04 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-20 18:04 - 2016-03-29 09:14 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-04-20 18:04 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-20 18:04 - 2016-03-29 09:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-20 18:04 - 2016-03-29 09:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-20 18:04 - 2016-03-29 09:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-20 18:04 - 2016-03-29 09:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-20 18:04 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-20 18:04 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-20 18:04 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-20 18:04 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-20 18:04 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-20 18:04 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-20 18:04 - 2016-03-29 08:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-20 18:04 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-20 18:04 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-20 18:04 - 2016-03-29 08:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-20 18:04 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-20 18:04 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-20 18:04 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-20 18:04 - 2016-03-29 08:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-20 18:04 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-20 18:04 - 2016-03-29 08:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-20 18:04 - 2016-03-29 08:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-20 18:04 - 2016-03-29 08:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-20 18:04 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-20 18:04 - 2016-03-29 08:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-20 18:04 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-20 18:04 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-20 18:04 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-20 18:04 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-20 18:04 - 2016-03-29 08:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-20 18:04 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-20 18:04 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-20 18:04 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-20 18:04 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-20 18:03 - 2016-04-02 05:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-20 18:03 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-20 18:03 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-20 18:03 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-20 18:03 - 2016-03-29 11:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-20 18:03 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-20 18:03 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-20 18:03 - 2016-03-29 10:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-20 18:03 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-20 18:03 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-20 18:03 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-20 18:03 - 2016-03-29 09:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-20 18:03 - 2016-03-29 09:51 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-04-20 18:03 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-20 18:03 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-20 18:03 - 2016-03-29 09:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-20 18:03 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-20 18:03 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-20 18:03 - 2016-03-29 09:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-20 18:03 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-20 18:03 - 2016-03-29 09:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-20 18:03 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-20 18:03 - 2016-03-29 09:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-20 18:03 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-20 18:03 - 2016-03-29 09:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-20 18:03 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-20 18:03 - 2016-03-29 08:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-20 18:03 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-20 18:03 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-20 18:03 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-20 18:03 - 2016-03-29 08:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-20 18:03 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-20 18:03 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-20 18:03 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-20 18:03 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-20 18:03 - 2016-03-29 08:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-20 18:03 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-20 18:03 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-20 18:03 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-20 18:03 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-20 18:03 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-20 18:02 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-20 18:02 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-20 18:02 - 2016-04-02 05:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-20 18:02 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-20 18:02 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-20 18:02 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-20 18:02 - 2016-03-29 11:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-20 18:02 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-20 18:02 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-20 18:02 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-20 18:02 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-20 18:02 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-20 18:02 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-20 18:02 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-20 18:02 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-20 18:02 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-20 18:02 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-20 18:02 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-20 18:02 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-20 18:02 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-20 18:02 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-20 18:02 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-20 18:02 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-20 18:02 - 2016-03-29 09:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-20 18:02 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-20 18:02 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-20 18:02 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-20 18:02 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-20 18:02 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-20 18:02 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-20 18:02 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-20 18:02 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-20 18:02 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-20 18:02 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-20 18:02 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-20 18:02 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-20 18:02 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-20 18:02 - 2016-03-29 08:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-20 18:02 - 2016-03-29 08:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-20 18:02 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-20 18:02 - 2016-03-29 08:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-20 18:02 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-20 18:02 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-20 18:01 - 2016-04-02 05:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-20 18:01 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-20 18:01 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-20 18:01 - 2016-04-02 05:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-20 18:01 - 2016-04-02 05:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-20 18:01 - 2016-04-02 05:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-20 18:01 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-20 18:01 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-20 18:01 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-20 18:01 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-20 18:01 - 2016-03-29 09:54 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-04-20 18:01 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-20 18:01 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-20 18:01 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-20 18:01 - 2016-03-29 09:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-20 18:01 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-20 18:01 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-20 18:01 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-20 18:01 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-20 18:01 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-20 18:01 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-20 18:01 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-20 18:01 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-20 18:01 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-20 18:01 - 2016-03-29 08:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-20 18:01 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-20 18:01 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-20 18:01 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-20 18:01 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-20 18:01 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-20 18:01 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-20 18:01 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-20 18:01 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-20 18:01 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-20 18:00 - 2016-04-02 05:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-20 18:00 - 2016-03-29 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-20 18:00 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-20 18:00 - 2016-03-29 10:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-20 18:00 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-20 18:00 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-20 18:00 - 2016-03-29 10:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-20 18:00 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-20 18:00 - 2016-03-29 09:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-20 18:00 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-20 18:00 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-20 18:00 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-20 18:00 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-20 18:00 - 2016-03-29 09:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-20 18:00 - 2016-03-29 09:49 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-04-20 18:00 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-20 18:00 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-20 18:00 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-20 18:00 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-20 18:00 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-20 18:00 - 2016-03-29 08:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-20 18:00 - 2016-03-29 08:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-20 18:00 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-20 17:59 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-20 17:59 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-20 17:59 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-20 17:59 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-20 17:59 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-20 17:59 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-20 17:59 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-20 17:59 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-20 17:59 - 2016-03-29 08:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-20 17:57 - 2016-03-29 09:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-20 17:56 - 2016-03-29 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-20 17:56 - 2016-03-29 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-20 17:56 - 2016-03-29 09:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-20 17:56 - 2016-03-29 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-20 17:56 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-20 17:55 - 2016-03-29 09:14 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-04-20 17:54 - 2016-03-29 09:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-20 17:49 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-20 16:31 - 2016-04-20 16:31 - 00055041 ___RT C:\Users\PC\Documents\Projektplan_Berliner Stadtmission.xlsx
2016-03-30 13:13 - 2016-04-22 11:12 - 00000000 ___RD C:\Users\PC\Desktop\Musikabspielpro
2016-03-30 13:08 - 2016-04-23 01:31 - 00000000 ____D C:\Users\PC\Desktop\Wartung
2016-03-30 13:07 - 2016-03-30 13:09 - 00000000 ____D C:\Users\PC\Desktop\Bilderbearbeitung
2016-03-28 17:22 - 2016-03-28 17:22 - 141270216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MRT.exe
2016-03-28 17:21 - 2016-03-28 17:22 - 29011992 _____ (Microsoft Corporation) C:\Users\PC\Downloads\FileFormatConverters4 (2).exe
2016-03-28 16:58 - 2016-03-28 17:21 - 54887136 _____ (Microsoft Corporation) C:\Users\PC\Downloads\Windows-KB890830-V5.34.exe
2016-03-28 16:58 - 2016-03-28 17:06 - 373578968 _____ (Microsoft Corporation) C:\Users\PC\Downloads\office2007sp3-kb2526086-fullfile-de-de.exe
2016-03-28 16:58 - 2016-03-28 17:01 - 39074536 _____ (Microsoft Corporation) C:\Users\PC\Downloads\FileFormatConverters.exe
2016-03-28 16:41 - 2016-03-28 16:41 - 00000000 ____D C:\Program Files (x86)\MSECache
2016-03-28 16:37 - 2016-03-28 16:38 - 29011992 _____ (Microsoft Corporation) C:\Users\PC\Downloads\FileFormatConverters4 (1).exe
2016-03-28 16:37 - 2016-03-28 16:37 - 29011992 _____ (Microsoft Corporation) C:\Users\PC\Downloads\FileFormatConverters4.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-27 08:48 - 2015-12-02 17:07 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d12d13235539a1.job
2016-04-27 08:47 - 2015-12-02 21:12 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-27 08:46 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-04-27 08:20 - 2015-12-02 20:52 - 02086168 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-27 08:20 - 2015-10-30 20:35 - 00889250 _____ C:\WINDOWS\system32\perfh007.dat
2016-04-27 08:20 - 2015-10-30 20:35 - 00197298 _____ C:\WINDOWS\system32\perfc007.dat
2016-04-27 08:20 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-27 08:17 - 2015-12-02 17:07 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d12d13239242a7.job
2016-04-27 08:15 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-27 02:12 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-27 00:27 - 2015-11-16 16:32 - 00000000 ____D C:\Users\PC\AppData\Roaming\Skype
2016-04-27 00:27 - 2015-11-08 15:46 - 00000000 ____D C:\KeePass2.29
2016-04-26 18:22 - 2016-03-04 04:35 - 00004144 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B6C246B2-FD71-44F9-BCE6-EB4B4C5BE06A}
2016-04-26 13:17 - 2015-10-25 23:20 - 00003212 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForPC
2016-04-26 13:17 - 2015-10-25 23:20 - 00000332 _____ C:\WINDOWS\Tasks\HPCeeScheduleForPC.job
2016-04-26 11:16 - 2015-12-02 20:53 - 00000000 ____D C:\Users\PC
2016-04-24 13:01 - 2015-12-04 20:04 - 00000000 ____D C:\Users\PC\AppData\Roaming\MediaMonkey
2016-04-24 00:17 - 2015-10-30 20:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-04-24 00:15 - 2016-03-06 22:22 - 00001904 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Q-Dir.lnk
2016-04-24 00:15 - 2016-03-06 13:39 - 00002158 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk
2016-04-24 00:15 - 2016-03-06 13:37 - 00002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk
2016-04-24 00:15 - 2016-03-06 13:36 - 00002118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS2.lnk
2016-04-24 00:15 - 2016-03-06 13:36 - 00002115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady CS2.lnk
2016-04-24 00:15 - 2016-01-06 16:52 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-04-24 00:15 - 2016-01-06 16:52 - 00002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif DrawPlus X6.lnk
2016-04-24 00:15 - 2016-01-06 16:23 - 00002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif PhotoPlus Organizer.lnk
2016-04-24 00:15 - 2016-01-06 16:23 - 00002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif PhotoPlus X7.lnk
2016-04-24 00:15 - 2015-12-17 16:38 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-04-24 00:15 - 2015-12-02 21:03 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-24 00:15 - 2015-11-24 14:49 - 00002715 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Excel.lnk
2016-04-24 00:15 - 2015-11-24 14:49 - 00002683 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Word.lnk
2016-04-24 00:15 - 2015-11-24 14:49 - 00002635 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Office-Dokument öffnen.lnk
2016-04-24 00:15 - 2015-11-24 14:49 - 00002631 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Neues Office-Dokument.lnk
2016-04-24 00:15 - 2015-08-05 13:05 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-24 00:14 - 2015-12-17 10:02 - 00001047 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2016-04-24 00:14 - 2015-12-02 21:35 - 00002409 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-24 00:14 - 2015-11-16 16:32 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2016-04-24 00:14 - 2015-08-05 13:06 - 00001361 _____ C:\Users\Public\Desktop\CyberLink YouCam.lnk
2016-04-22 11:20 - 2015-12-02 21:35 - 00000000 ___RD C:\Users\PC\OneDrive
2016-04-22 09:57 - 2010-11-21 05:27 - 00453288 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-22 09:16 - 2015-12-08 13:52 - 00000000 ____D C:\Users\PC\AppData\Roaming\XnView
2016-04-21 15:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-21 12:29 - 2015-12-02 20:39 - 00463504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-20 19:46 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-20 19:46 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-20 19:46 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-20 19:46 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-20 19:33 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-20 19:30 - 2015-08-12 21:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-20 19:24 - 2015-08-12 21:00 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-20 18:43 - 2015-11-16 16:32 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-20 18:43 - 2015-11-16 16:31 - 00000000 ____D C:\ProgramData\Skype
2016-04-20 18:35 - 2015-12-02 21:27 - 00000000 ____D C:\Users\PC\AppData\Local\Packages
2016-04-06 20:32 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-06 20:32 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-30 13:16 - 2016-03-05 06:36 - 00000000 ____D C:\Program Files (x86)\Lux3
2016-03-30 09:42 - 2016-03-08 23:00 - 00000000 ____D C:\ProgramData\eJay
2016-03-30 09:35 - 2016-03-08 16:04 - 00000000 ____D C:\Program Files (x86)\MAGIX
2016-03-30 09:35 - 2016-03-08 16:03 - 00000000 ____D C:\ProgramData\MAGIX
2016-03-28 17:02 - 2015-11-24 14:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Office

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-01-05 13:56 - 2016-01-05 13:56 - 0000037 ___SH () C:\Users\PC\AppData\Local\70149b02515b3bb20dd492.47983420
2015-12-04 23:05 - 2015-12-04 23:05 - 0004608 _____ () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Einige Dateien in TEMP:
====================
C:\Users\PC\AppData\Local\Temp\libeay32.dll
C:\Users\PC\AppData\Local\Temp\msvcr120.dll
C:\Users\PC\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-27 08:38

==================== Ende von FRST.txt ============================


Alle Zeitangaben in WEZ +1. Es ist jetzt 02:51 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131