| |
| |||||||
Log-Analyse und Auswertung: Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware ProblemWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
13.08.2015, 14:54
| #1 |
 |  Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem Hallo, seit ich vor einigen Tagen den Upgrade auf Win 10 durchgeführt habe, ist mir aufgefallen, dass im Taskmanager system.exe eine ständige Auslastung des Arbeitsspeichers mit 50-60% aufweist. Der Rechner ist allgemein sehr langsam und stockt immer wieder mal so, dass kaum noch etwas geht. Hin und wieder lässt er sich nicht runter fahren, das ist aber nicht bei jedem Versuch so. Darüber hinaus habe ich mir offensichtlich lästige Adware eingefangen, die beim Öffnen von neuen Tabs in Chrome einen zusätzlichen Tab mit Werbung öffnet. Scans mit Avira und Malwarebytes haben keine Ergebnisse geliefert. Die Schritte mit defogger und FRST waren kein Problem, allerdings konnte ich mit GMER keinen vollständigen Scan durchführen. Ich habe alle angegebenen Schritte exakt durchgeführt. Beim ersten Suchlauf erhielt ich einen Bluescreen, danach habe ich die Checkbox "Devices" deaktiviert, aber erneut Bluescreen. Auch das Ausführen im abgesicherten Modus führte zu einem Bluescreen. Darüber hinaus bekam ich beim Start von GMER die Fehlermeldung C:\WINDOWS\system32\config\system: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. FRST.txt musste ich leider anhängen, weil zu groß. Wenn das falsch war, tut es mir leid, dann bitte andere Anweisung. Addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:12-08-2015
durchgeführt von Kris (2015-08-13 13:54:50)
Gestartet von C:\Users\Kris\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2324392281-2098655948-2250387561-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2324392281-2098655948-2250387561-503 - Limited - Disabled)
Gast (S-1-5-21-2324392281-2098655948-2250387561-501 - Limited - Disabled) => C:\Users\Gast
Kris (S-1-5-21-2324392281-2098655948-2250387561-1002 - Administrator - Enabled) => C:\Users\Kris
UpdatusUser (S-1-5-21-2324392281-2098655948-2250387561-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adguard (HKLM-x32\...\{4188c793-ec87-4895-a722-e6fe841ca851}) (Version: 5.10.2010.6262 - Insoft LLC)
Adguard (x32 Version: 5.10.2051.6368 - Performix LLC) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.2 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.8 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.26 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.9.120 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.10.168 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0022 - ASUS)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.5187 - DsNET Corp)
aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avira (HKLM-x32\...\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}) (Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.408 - Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brütal Legend (HKLM-x32\...\Steam App 225260) (Version: - )
Canon MX350 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX350_series) (Version: - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.3868 - CDBurnerXP)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05160 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05160 - Cisco Systems, Inc.) Hidden
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Citrix Online Launcher (HKLM-x32\...\{6740FE60-43C1-4D15-8C4A-001624134B14}) (Version: 1.0.312 - Citrix)
CloudApp for Windows (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Uploadinator) (Version: 3.0.0-dev - CloudApp)
CloudApp for Windows (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Uploadinator) (Version: 3.0.0-dev - CloudApp)
CloudApp for Windows (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Uploadinator) (Version: 3.0.0-dev - CloudApp)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5415 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.2914 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dropbox (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.)
Ekahau HeatMapper (HKLM\...\Heatmapper-1.1.4.39795) (Version: 1.1.4.39795 - Ekahau Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Fable III (HKLM-x32\...\Steam App 105400) (Version: - )
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free to Play (HKLM-x32\...\Steam App 245550) (Version: - Valve)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
GoToMeeting 7.2.4.3164 (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GoToMeeting) (Version: 7.2.4.3164 - CitrixOnline)
GoToMeeting 7.2.4.3215 (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\GoToMeeting) (Version: 7.2.4.3215 - CitrixOnline)
GoToMeeting 7.2.4.3215 (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\GoToMeeting) (Version: 7.2.4.3215 - CitrixOnline)
Hippsoft hsWebCam 1.09.0000 (HKLM-x32\...\Hippsoft hsWebCam_is1) (Version: 1.09.0000 - Hippsoft)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
ICQ7M (HKLM-x32\...\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}) (Version: 7.8 - ICQ)
Inquisit 4 Web Player (HKLM\...\{E8620E4B-8567-4E07-8CDB-8432054BD5B2}) (Version: 4.0.8.0 - Millisecond Software)
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.3.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.3.0 - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
MAGIX Video deluxe 2015 Premium (HKLM\...\MX.{EAC79752-A0A4-45DB-9F99-9F6445920F77}) (Version: 14.0.0.140 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Premium (Version: 14.0.0.140 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.312.1 - Tracker Software Products Ltd)
Photobucket Desktop (HKLM-x32\...\{D0916F1D-236D-4B9A-BCEA-F535444DCA41}) (Version: 1.0.3.1552 - Photobucket)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment)
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version: - PopCap)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Link 1.8.0.1403131552 (HKLM\...\8474-7877-9059-0204) (Version: 1.8.0.1403131552 - Copyright 2013 SAMSUNG)
Scanned Text Editor 1 (HKLM-x32\...\Scanned Text Editor 1) (Version: - )
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skillstraining für Borderline-Patienten, 2. Auflage (HKLM-x32\...\com.mmm.app.schattauer.skillstraining2) (Version: 2.0.17 - Schattauer GmbH)
Skillstraining für Borderline-Patienten, 2. Auflage (x32 Version: 2.0.17 - Schattauer GmbH) Hidden
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Spotify) (Version: 1.0.11.134.ga37df67b - Spotify AB)
Spotify (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.11.134.ga37df67b - Spotify AB)
Spotify (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Spotify) (Version: 1.0.11.134.ga37df67b - Spotify AB)
Spotydl 0.8.5 (HKLM-x32\...\Spotydl_is1) (Version: 0.8.5 - spotydl.com)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - )
Telegram Desktop version 0.8.48 (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.8.48 - Telegram Messenger LLP)
Telegram Desktop version 0.8.48 (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.8.48 - Telegram Messenger LLP)
Telegram Desktop version 0.8.48 (HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.8.48 - Telegram Messenger LLP)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - )
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version: - )
Torchlight II (HKLM-x32\...\Steam App 200710) (Version: - Runic Games)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows-Treiberpaket - ASUS (ATP) Mouse (06/17/2015 1.0.0.262) (HKLM\...\14588A15B66655338DBCC021FFA81E31DC281859) (Version: 06/17/2015 1.0.0.262 - ASUS)
Windows-Treiberpaket - ASUS (ATP) Mouse (10/29/2012 1.0.0.148) (HKLM\...\C01F56FBD9B141017E63E2A1A141E59934D4DC67) (Version: 10/29/2012 1.0.0.148 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 5.11 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Kris\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
08-08-2015 12:18:30 Windows Update
08-08-2015 12:19:05 Windows Update
11-08-2015 14:55:19 Windows Update
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {031E4AB1-2202-4FAD-A5CE-88DCFD6FDE18} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-12] (Microsoft Corporation)
Task: {0A4DE283-A99E-41A5-B6EF-AEB919898071} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {0E19CB89-16F9-4A09-AA59-AF0DD52B8223} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002Core => C:\Users\Kris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {104796B1-AA38-4828-A53F-F124CF3EA43C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-26] (Google Inc.)
Task: {1641F54C-1E57-4902-AB65-EE2B65E5629D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {1D3D099E-EE1E-4907-8BA2-BA8F12D11AA6} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2015-07-10] (Microsoft Corporation)
Task: {1D4CB878-79AC-41F5-9ADC-97ADFD7FBE30} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {1D647E6B-35A0-45DF-AFC0-A802D7EFDD50} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {2512C62A-D7BC-464C-A742-101BE9CCBB02} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002UA => C:\Users\Kris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {25E13BFD-1972-4FC1-8330-D28CA3DBBAC1} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent
Task: {2669C6B7-8F72-4023-AA16-74D4F82B6E3A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => C:\WINDOWS\system32\MusNotification.exe [2015-08-07] (Microsoft Corporation)
Task: {2C97A00A-1C5C-4318-B5CC-8A1A126B77F9} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask
Task: {2E7C2783-C630-4450-92B0-5D148FAB3F6D} - \The weDownload Manager-codedownloader -> Keine Datei <==== ACHTUNG
Task: {335AC3E0-51C3-408A-BD1D-6BF68F3AE245} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-04-26] (Apple Inc.)
Task: {3B5663D5-6339-4CBB-993F-812FDA19C5FC} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {3E80D279-51A5-4492-A52E-97400C42A5EE} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => C:\WINDOWS\system32\MusNotification.exe [2015-08-07] (Microsoft Corporation)
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {43A92C06-5743-42FE-82D8-78F84BF269AA} - System32\Tasks\{4F236E2E-E3E7-4127-B77B-21F7F0B81AE2} => pcalua.exe -a C:\Users\Kris\Desktop\Downloads\scannedtxttrial.exe -d C:\Users\Kris\Desktop\Downloads
Task: {4454A8D0-2E4E-4A02-BF67-48DF6A7BFAB4} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask
Task: {474C979C-BD7C-44D6-BDD4-FB921C923250} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2324392281-2098655948-2250387561-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {51DD2E45-7CED-43FF-AD4D-1014E02F1DAB} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {5836D188-3464-44C3-899A-652A1AF32914} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-07-28] (AsusTek)
Task: {5D6FA184-23BA-40D8-8F70-8F1E9B0B251F} - System32\Tasks\{0E97361A-FDEE-49EC-90E5-8F380571B6BA} => Chrome.exe hxxp://ui.skype.com/ui/0/6.6.73.106.456/de/abandoninstall?page=tsProgressBar
Task: {5E5515C1-7D87-4904-B9CE-FD29EB2ADB72} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync
Task: {611C823C-437B-46E7-9683-5312DFFCFD7B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {65A9439B-C3B9-41DF-8CD3-00E534099737} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {66A08F4A-DFA8-4E7B-95ED-A104DFF17ADB} - \The weDownload Manager-enabler -> Keine Datei <==== ACHTUNG
Task: {68ECC007-5FD7-4103-9B31-3B2B9687674E} - System32\Tasks\Amazon Music Helper => C:\Users\Kris\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
Task: {697D23FF-67B3-4813-9529-6A93F5889B03} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-26] (Google Inc.)
Task: {6CF900C3-5515-44F6-A238-CB7167274D8E} - System32\Tasks\simplitec Service Provider => C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
Task: {711EE2F9-A611-4773-AF8E-D4B278A6718D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {744C9FEA-08B7-43E1-A729-0F94647D655C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {7A003965-A297-4DC6-B15B-852D798391E0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\WINDOWS\system32\MusNotification.exe [2015-08-07] (Microsoft Corporation)
Task: {7F930D11-DD77-4A64-8EA7-09BBAB9E8B72} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {848DCC36-520C-4946-BF68-C7EFFEFA2F84} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot => C:\windows\system32\MusNotification.exe [2015-08-07] (Microsoft Corporation)
Task: {87669080-A729-46E0-AB6F-0A607F58611F} - System32\Tasks\{BF8034A5-5417-4372-B7B4-0A6F3B7AD8CE} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/de/abandoninstall?page=tsWLM
Task: {8A7D77A7-F103-4707-9AD4-CA90F85F1BB4} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-07-28] (AsusTek)
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-08-07] (Microsoft Corporation)
Task: {8F767A30-3ED2-4C8B-ABEE-431F052B5EC3} - System32\Tasks\simplitec Power Suite => C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe
Task: {953EF5EF-CBAD-44EA-B725-EA022DEC73EE} - \The weDownload Manager-firefoxinstaller -> Keine Datei <==== ACHTUNG
Task: {9B4FB267-A58C-48F9-8CA6-3E95F6670A94} - \The weDownload Manager-chromeinstaller -> Keine Datei <==== ACHTUNG
Task: {A364E297-00AD-490D-900E-22AC34598C71} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation)
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {A725B55C-71A1-4AF4-B04F-603E0905DBFF} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2324392281-2098655948-2250387561-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {AA30BCC5-0991-41B7-9BCF-1184E58B5952} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {AC29E64E-3271-47BA-B8F1-914523CF379B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Automatic App Update
Task: {B5FFEBFC-4368-4CE8-8F44-72131E1ED87D} - System32\Tasks\G2MUpdateTask-S-1-5-21-2324392281-2098655948-2250387561-1002 => C:\Users\Kris\AppData\Local\Citrix\GoToMeeting\3215\g2mupdate.exe [2015-08-12] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {B73EB68E-D0AF-4FD7-9FC7-D4F80A769356} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-07-25] (ASUSTeK Computer Inc.)
Task: {B9B36D41-C776-424E-9A13-5387E17A2CEB} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2015-07-10] (Microsoft Corporation)
Task: {BE9AB3C9-9786-4891-802A-B118CB1D708D} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation)
Task: {BFE1EFD0-042E-44CD-B930-6F585689AFFB} - \The weDownload Manager-updater -> Keine Datei <==== ACHTUNG
Task: {C2162702-FFEB-48C0-AA5F-2DA3A8887D61} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation
Task: {C385AEB4-2DA1-4ABA-824A-4E56A5A5F46A} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2324392281-2098655948-2250387561-1002 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {C52CFDDE-F5EE-45FD-BA0F-3A62B0DA4470} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {D0B65B83-FDF8-4E32-8562-5999857EFA34} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {D2401052-A382-42DE-9C79-D1CF3563F654} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation
Task: {D5CD22C4-ACB4-4480-B9F6-57F4B6B759E2} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {DAF2BAE3-1C5B-4CB5-9F62-0911C031A15A} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2015-07-10] (Microsoft Corporation)
Task: {DE55E63E-2764-443C-AB91-4D7ABBD53464} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {DF3F8739-9A7B-4207-876F-3B7E9FFBFBE1} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.)
Task: {E054E324-49DD-4C98-9725-29C93074148A} - System32\Tasks\G2MUploadTask-S-1-5-21-2324392281-2098655948-2250387561-1002 => C:\Users\Kris\AppData\Local\Citrix\GoToMeeting\3215\g2mupload.exe [2015-08-12] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {E526415F-E5FC-4817-8093-017C035B2AF8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {EA3F661E-B31C-44A9-B40C-E3D5D56149D4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display => C:\windows\system32\MusNotification.exe [2015-08-07] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002Core.job => C:\Users\Kris\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002UA.job => C:\Users\Kris\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2324392281-2098655948-2250387561-1002.job => 0x000A0100C0F7C7A81FA7D94FB9DF62F7B0FF13EE46000C02000000003C000A00200000000014730F000000000013040000208021DF07080004000D000D000800000015000000420043003A005C00550073006500720073005C004B007200690073005C0041007000700044006100740061005C004C006F00630061006C005C004300690074007200690078005C0047006F0054006F004D0065006500740069006E0067005C0033003200310035005C00670032006D007500700064006100740065002E0065007800650000000000340043003A005C00550073006500720073005C004B007200690073005C0041007000700044006100740061005C004C006F00630061006C005C004300690074007200690078005C0047006F0054006F004D0065006500740069006E0067005C00330032003100350000000E004D005500450045004D005500490049005C004B00720069007300000054004B006500650070007300200047006F0054006F004D0065006500740069006E006700200075007000200074006F00200064006100740065002E002000540068006900730020007400610073006B002000690073002000720065006D006F0076006500640020007700680065006E00200047006F0054006F004D0065006500740069006E006700200069007300200075006E0069006E007300740061006C006C00650064002E000000000008000000000000000000010030000000DF0708000C00000000000000170008009F0500003C0000000000000001000000010000000000000000000000
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2324392281-2098655948-2250387561-1002.job => 0x000A0100578B22E38E053F40BABCDCE56665993F46006C02000000003C000A00200000000014730F000000000013040000208021DF07080004000D000D002400000016000000420043003A005C00550073006500720073005C004B007200690073005C0041007000700044006100740061005C004C006F00630061006C005C004300690074007200690078005C0047006F0054006F004D0065006500740069006E0067005C0033003200310035005C00670032006D00750070006C006F00610064002E0065007800650000000000340043003A005C00550073006500720073005C004B007200690073005C0041007000700044006100740061005C004C006F00630061006C005C004300690074007200690078005C0047006F0054006F004D0065006500740069006E0067005C00330032003100350000000E004D005500450045004D005500490049005C004B0072006900730000008400550070006C006F00610064007300200064006900610067006E006F007300740069006300200069006E0066006F002000700072006500760069006F00750073006C00790020007200650063006F007200640065006400200062007900200047006F0054006F004D0065006500740069006E00670020007700690074006800200079006F0075007200200063006F006E00730065006E0074002E002000540068006900730020007400610073006B002000690073002000720065006D006F0076006500640020007700680065006E00200047006F0054006F004D0065006500740069006E006700200069007300200075006E0069006E007300740061006C006C00650064002E000000000008000000000000000000010030000000DF0708000C00000000000000170024009F050000780000000000000001000000010000000000000000000000
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\simplitec Power Suite.job => C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe
Task: C:\WINDOWS\Tasks\simplitec Service Provider.job => C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-08-07 21:52 - 2015-08-07 21:52 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-07-13 20:45 - 2015-07-13 20:45 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00403968 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-08 12:18 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-08 12:18 - 2015-07-30 08:05 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-08-08 12:18 - 2015-08-02 03:37 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-08 12:18 - 2015-08-02 03:34 - 01806848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-08 12:18 - 2015-08-02 03:35 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2012-08-24 18:26 - 2012-08-24 18:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00642048 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-08-08 12:29 - 2015-08-08 12:29 - 07824896 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-08-08 12:29 - 2015-08-08 12:29 - 02062336 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2014-03-12 22:53 - 2014-03-12 22:53 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-07-03 20:00 - 2015-07-03 20:00 - 01406672 _____ () C:\Program Files (x86)\Adguard\AdguardNetApi.DLL
2015-06-03 16:07 - 2015-06-03 16:07 - 00128720 _____ () C:\Program Files (x86)\Adguard\AdguardNetLib.DLL
2013-12-11 17:46 - 2013-12-11 17:46 - 01114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
2013-10-24 17:53 - 2013-10-24 17:53 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
2013-10-22 10:48 - 2013-10-22 10:48 - 00707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-12-11 17:46 - 2013-12-11 17:46 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
2013-04-19 17:38 - 2013-04-19 17:38 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
2013-10-24 17:53 - 2013-10-24 17:53 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
2013-07-23 20:18 - 2013-07-23 20:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
2013-12-11 17:46 - 2013-12-11 17:46 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
2013-10-25 20:49 - 2013-10-25 20:49 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
2013-12-11 17:45 - 2013-12-11 17:45 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
2013-12-11 17:45 - 2013-12-11 17:45 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
2013-10-25 20:48 - 2013-10-25 20:48 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
2013-10-25 20:53 - 2013-10-25 20:53 - 01033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
2013-02-14 20:42 - 2013-02-14 20:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
2012-08-24 18:17 - 2012-08-24 18:17 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2015-07-13 20:45 - 2015-07-13 20:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-11 21:06 - 2015-08-11 21:06 - 00071168 _____ () c:\users\kris\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmobeht.dll
2015-03-04 23:45 - 2015-08-05 22:49 - 00012800 _____ () C:\Users\Kris\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-08-05 22:49 - 00779776 _____ () C:\Users\Kris\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-03 12:46 - 2015-08-05 22:49 - 00056320 _____ () C:\Users\Kris\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 23:45 - 2015-08-05 22:49 - 00012288 _____ () C:\Users\Kris\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2011-03-09 14:21 - 2011-03-09 14:21 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2011-03-09 14:21 - 2011-03-09 14:21 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2015-08-06 13:41 - 2015-07-31 08:19 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libglesv2.dll
2015-08-06 13:41 - 2015-07-31 08:19 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libegl.dll
2012-10-13 11:38 - 2012-06-25 04:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-02-05 22:57 - 2013-02-05 22:57 - 00282112 _____ () C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll
2015-03-14 18:16 - 2015-08-07 15:35 - 45066808 _____ () C:\Users\Kris\AppData\Roaming\Spotify\libcef.dll
2015-03-14 18:16 - 2015-08-07 15:35 - 01649208 _____ () C:\Users\Kris\AppData\Roaming\Spotify\libglesv2.dll
2015-03-14 18:16 - 2015-08-07 15:35 - 00080952 _____ () C:\Users\Kris\AppData\Roaming\Spotify\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Kris\Cookies:gs5sys
AlternateDataStreams: C:\Users\Kris\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Kris\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Kris\AppData\Local\Verlauf:gs5sys
AlternateDataStreams: C:\Users\Kris\Documents\desktop.ini:gs5sys
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\sony.com -> sony.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\123simsen.com -> www.123simsen.com
Da befinden sich 7777 mehr eingeschränkte Seiten.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2324392281-2098655948-2250387561-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2324392281-2098655948-2250387561-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Kris\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\v5oltkqa.jpg
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Kris\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\v5oltkqa.jpg
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Users\Kris\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\v5oltkqa.jpg
HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "Samsung Link"
HKLM\...\StartupApproved\Run32: => "CStart8"
HKLM\...\StartupApproved\Run32: => "ApnTBMon"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\StartupApproved\Run: => "ICQ"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\StartupApproved\Run: => "SkyDrive"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\StartupApproved\Run: => "Pando Media Booster"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\StartupApproved\Run: => "Power2GoExpress"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\StartupApproved\Run: => "Amazon Cloud Player"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "ICQ"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "SkyDrive"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Pando Media Booster"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Power2GoExpress"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Amazon Cloud Player"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "ICQ"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "SkyDrive"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Pando Media Booster"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Power2GoExpress"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Amazon Cloud Player"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B963D4E8-0596-49D1-A17A-ACE5734B9858}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [UDP Query User{4E7DD128-BD29-4140-8575-F4C37FCA0B96}C:\users\kris\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kris\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{843576DE-923C-49A9-9C64-51CF9A45D14F}C:\users\kris\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kris\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{6858DCA9-F18B-4022-ADD5-88AB08456E60}] => (Allow) C:\Users\Kris\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1AA0B9B5-2B86-440C-B709-4B84BF7A062D}] => (Allow) C:\Users\Kris\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{619E8464-2A1B-4D50-B676-AE96A3A7BDC9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{84923353-FA41-40E1-85A2-14627F0561E3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{85ADBE5A-98B8-4C05-A38F-0162D646A2F6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0B495A10-A142-4643-B4B9-9482AA19202E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{542FBC9B-8A81-45F5-9F2E-BEBCB7B6FAB1}] => (Allow) C:\Program Files (x86)\Adguard\AdguardSvc.exe
FirewallRules: [{B5F4FD65-3272-4F2D-90A0-0810E1E55D76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{48FB5237-8178-453C-B6B9-8C6C1290C3E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{6871A71D-86AA-401D-89C9-9D9BED287A8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{6D2B4719-30D1-4C15-B073-59263C2B7953}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{FB31179E-19B7-4987-B044-5DAB937DF954}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BB5AADD4-996F-4B75-A1BC-8307C1AAE95D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1CAD0C6E-4DCE-477A-BA20-B02D31577B5F}] => (Allow) C:\Program Files\MAGIX\Video deluxe 2015 Premium\Videodeluxe.exe
FirewallRules: [{6F17D50A-38E9-4079-A231-D29777D0AE29}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{0A95BAA1-91E5-4D14-8FCA-08A618D2AA21}] => (Allow) LPort=1900
FirewallRules: [{BC2AB512-A737-452F-9877-253EFDB51726}] => (Allow) LPort=2869
FirewallRules: [{74D988F6-1ED1-4C33-B4CF-134AC5882BD4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B6CD84DF-C4CC-4A88-900E-4FAF3499915C}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{5FFBD1C5-8DFD-456C-B898-D7155D08EA87}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{22CDEB52-072B-4737-ADAE-373C1DB83F9C}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{4CEF2C69-2BBE-4E2D-889D-501DD7BDBAD7}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{D4EF1230-78BD-4676-8F27-AED533C5E147}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{FEF113D8-F5DE-434C-80BE-A188A1ED59E2}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{9A8E6A3B-47B8-4B2E-ACAA-82C04C44A922}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{EFB540E7-5534-4738-AD62-6E76C691F19F}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [UDP Query User{50EF2ABC-F030-48CB-8F31-5AFFF8A05D21}C:\users\kris\desktop\my mobile\mymobiler\mymobiler.exe] => (Allow) C:\users\kris\desktop\my mobile\mymobiler\mymobiler.exe
FirewallRules: [TCP Query User{59420389-29C1-4656-8B43-90A7CC7D414D}C:\users\kris\desktop\my mobile\mymobiler\mymobiler.exe] => (Allow) C:\users\kris\desktop\my mobile\mymobiler\mymobiler.exe
FirewallRules: [{4F055D11-68A8-412B-B530-C366E3FAB015}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{FE5A6458-0FB7-4275-B9D7-60D567A1F391}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{0BD90C11-BF3D-44EC-A4A2-E918DB5A2BFB}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{FFE4DD29-B178-4C15-96BE-A63A900F2E69}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{3D9C31FF-290A-4AAC-9577-436FCE4522F3}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{FB767992-495F-433D-9BEE-000EEB8A2AEE}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{721A160E-E27E-40CE-8313-1653BBF27600}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{14A7C010-7E3C-410D-9FCE-4F52B012E927}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{FC41E34E-F42E-4CE1-B3EA-9B0F3BB12575}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{165BA8A6-E9A1-456E-BAC7-3D90AE1221AC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{0F66E732-F6B9-4E6D-AD0A-ED5A18CFD265}] => (Allow) C:\Users\Kris\Desktop\Steam.exe
FirewallRules: [{3D2ED212-BFFB-470C-A088-3B30FCBF4D82}] => (Allow) C:\Users\Kris\Desktop\Steam.exe
FirewallRules: [{1BD39CED-79E1-4EC7-A850-F08D152FBA36}] => (Allow) C:\Program Files (x86)\ICQ7M\ICQ.exe
FirewallRules: [{D98B604D-3142-4FF6-B06E-A627B133F2A0}] => (Allow) C:\Program Files (x86)\ICQ7M\ICQ.exe
FirewallRules: [{E0DFE5FA-3D0B-4927-B0EC-D13D1759C56D}] => (Allow) C:\Program Files (x86)\ICQ7M\ICQ.exe
FirewallRules: [{8BD34831-1DAF-4247-BDE1-A1D9382771B7}] => (Allow) C:\Program Files (x86)\ICQ7M\ICQ.exe
FirewallRules: [{1EE74EFD-C683-4D18-AE66-CE3ACB5BA4E5}] => (Allow) C:\Program Files (x86)\ICQ7M\ICQ.exe
FirewallRules: [{F9086F40-8CB7-46DC-A4E8-708871CD64A4}] => (Allow) C:\Program Files (x86)\ICQ7M\ICQ.exe
FirewallRules: [{C22271DE-228F-424E-A830-1693AE84ABD8}] => (Allow) C:\Users\Kris\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{CC8CE6E5-CC87-41A6-9486-F5C4A3644911}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{E059CE8F-ACBB-461D-9459-219D3698BF21}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{27DBFE4D-2861-41DA-A67D-D2F1FFAF6E6D}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{74F15513-63CD-493C-AF6B-9B85F20275E4}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{9F7D7D97-1C28-437E-BAF1-4B6C0FA6B0EE}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{9D6BA3FA-8390-4230-B639-0DC4E36E54D8}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [TCP Query User{2EEEB531-80FC-4709-9080-B93426F22E1F}C:\users\kris\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kris\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{72F6B3F3-563D-4291-AC38-51258375973D}C:\users\kris\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kris\appdata\roaming\spotify\spotify.exe
FirewallRules: [{27CACAA6-2EB6-42A6-AA74-4AC069C70A08}] => (Allow) C:\Users\Kris\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{C9D05B5F-3F5D-483E-B4A3-F4D441453F5E}] => (Allow) C:\Users\Kris\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{676D4C05-A020-4A67-BE87-A8BC8593B412}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0317FB8D-1A6D-4968-B06A-F19012A58BF3}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{7506BC7C-CF6C-4FCD-8FD3-B817CB2267A2}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{845F72AF-62B1-4EFF-BB87-44FA277E8A84}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.09\AllShareFrameworkDMS.exe
FirewallRules: [{8A0C58DF-0547-40A4-835F-171AA37E4E26}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.09\AllShareFrameworkDMS.exe
FirewallRules: [{A9BFFA9A-B660-4CDC-8F64-6342C6345D25}] => (Allow) LPort=8743
FirewallRules: [{3409EF46-2AF6-47BC-892B-54F4436AAA0F}] => (Allow) LPort=8643
FirewallRules: [{118505E1-A12A-4882-9643-0B424B7A07DD}] => (Allow) LPort=7676
FirewallRules: [{2727D636-2AFD-46F4-9EFC-FADBA3B3A305}] => (Allow) LPort=7679
FirewallRules: [{22EF1AAA-2526-4122-87A6-A5A3024BDE33}] => (Allow) LPort=24234
FirewallRules: [{A93F4ADE-E8A2-4D75-BE4C-148D45440E00}] => (Allow) LPort=7900
FirewallRules: [{1E7EA12A-D424-49AB-A150-083835984C42}] => (Allow) LPort=1900
FirewallRules: [{7E1FA767-8BF1-4B44-BFC2-8C2E18E74F09}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{C8D8FD9F-74C7-475C-9CC3-4A664D175EC6}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{169052D1-C4E8-46FD-AA94-6E46B907786E}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{7B0B2083-1D08-4FC3-9175-1DD14830A7DF}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{C88C9C53-41EF-4565-9145-7D7F22AD7520}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.15\AllShareFrameworkDMS.exe
FirewallRules: [{938F67F6-220B-4C8F-BB85-F8D23390394B}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.15\AllShareFrameworkDMS.exe
FirewallRules: [{D3810960-10D3-46B6-A4AE-F91DA39AE033}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{B71FE656-06B6-4D87-B8B7-2375D234AD2B}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{D1E2F964-7612-445A-BA4C-F7D45246D0A0}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{99B93DA0-9ACC-4B51-92CA-FCF7865A8219}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{5026BBEB-B474-4494-8CED-1A59C61BE372}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\AllShareFrameworkDMS.exe
FirewallRules: [{66C3F60F-5D46-420B-9CB7-46B59A9527E6}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\AllShareFrameworkDMS.exe
FirewallRules: [{8C45E5D4-21C1-465A-AD66-884CA137B78B}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{29EB4D36-0172-4367-AD72-AEB9CF454450}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{B8B5F145-4279-4843-A0FE-A52E848EF6F2}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{5B1B44FB-53E8-453C-BD99-26FD88DA4A8D}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{20481332-1393-41F1-B5CD-AC79EF294872}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkDMS.exe
FirewallRules: [{F211526D-D90B-4EC9-ACCC-AC5252970E1E}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkDMS.exe
FirewallRules: [{E7B83BD5-8527-470C-AE2B-E43BDBA84097}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{8987667C-BA27-47D2-BBCF-E7E0A5BBC79C}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{A219F493-C0F8-45BA-ACDA-FB68C06294EC}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{8331FE32-8F6A-4439-9264-46B53445B7C5}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{0B81803D-8FCF-4664-8841-87E948561EC5}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.20\AllShareFrameworkDMS.exe
FirewallRules: [{E93AC718-F501-44DC-98AB-27C1911C18AF}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.20\AllShareFrameworkDMS.exe
FirewallRules: [{9380331E-FCC2-49B3-AECA-C9AAA829D082}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{3EDAF441-01AC-4524-B741-5B64470FD09D}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{C99126D8-4683-48C0-B469-665369767333}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{1475E550-DD21-4272-8D35-01421407E95A}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{470E08A3-9031-4593-843C-1181C39B423C}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.21\AllShareFrameworkDMS.exe
FirewallRules: [{50EB759D-3CC8-4FB2-980D-E769C147C835}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.21\AllShareFrameworkDMS.exe
FirewallRules: [{B460C516-6A48-4C64-85B2-C49F62C7B825}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/13/2015 03:31:41 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5748) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (08/13/2015 03:31:41 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5748) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (08/13/2015 03:31:31 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5748) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (08/13/2015 03:31:31 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5748) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (08/13/2015 03:31:21 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5748) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (08/13/2015 03:31:21 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5748) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (08/13/2015 03:31:10 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5748) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (08/13/2015 03:31:10 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5748) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (08/13/2015 03:31:00 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (5748) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (08/13/2015 03:31:00 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (5748) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Systemfehler:
=============
Error: (08/13/2015 01:29:38 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BFE18E9C-6D87-4450-B37C-E02F0B373803}
Error: (08/12/2015 05:13:40 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: ASUS driver update for Asus Support Device
Error: (08/12/2015 04:17:55 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BFE18E9C-6D87-4450-B37C-E02F0B373803}
Error: (08/12/2015 11:12:06 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BFE18E9C-6D87-4450-B37C-E02F0B373803}
Error: (08/11/2015 10:23:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Samsung Link Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/11/2015 09:55:29 PM) (Source: DCOM) (EventID: 10010) (User: MUEEMUII)
Description: CortanaUI.AppXn73w0hsq3g4wx1h9fhf7q02vw2wta6qc.mca
Error: (08/11/2015 09:25:25 PM) (Source: DCOM) (EventID: 10010) (User: MUEEMUII)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca
Error: (08/11/2015 09:23:25 PM) (Source: DCOM) (EventID: 10010) (User: MUEEMUII)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca
Error: (08/11/2015 09:21:24 PM) (Source: DCOM) (EventID: 10010) (User: MUEEMUII)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca
Error: (08/11/2015 09:19:24 PM) (Source: DCOM) (EventID: 10010) (User: MUEEMUII)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca
Microsoft Office:
=========================
CodeIntegrity:
===================================
Date: 2015-08-08 11:12:57.202
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-08 11:12:57.139
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-08 11:12:57.068
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-08 11:12:57.007
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-08 11:12:56.919
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-08 11:12:56.856
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-08 11:12:56.794
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-08 11:12:56.731
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-08 11:12:56.669
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-08 11:12:56.606
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 62%
Installierter physikalischer RAM: 8069.53 MB
Verfügbarer physikalischer RAM: 3037.45 MB
Summe virtueller Speicher: 12026.51 MB
Verfügbarer virtueller Speicher: 1954.04 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:444.41 GB) (Free:242.34 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (Skillstraining_2) (CDROM) (Total:0.66 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B2973CD1)
Partition: GPT.
==================== Ende von Ergebnis ============================
Geändert von Itkuraita (13.08.2015 um 14:59 Uhr) |
|
13.08.2015, 15:02
| #2 |
| /// the machine /// TB-Ausbilder    | Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
13.08.2015, 15:16
| #3 |
| | Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem FRST.txt Teil 1
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:12-08-2015 durchgeführt von Kris (Administrator) auf MUEEMUII (13-08-2015 13:52:41) Gestartet von C:\Users\Kris\Desktop Geladene Profile: UpdatusUser & Kris & (Verfügbare Profile: UpdatusUser & Kris & Gast) Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Performix LLC) C:\Program Files (x86)\Adguard\AdguardSvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Spotify Ltd) C:\Users\Kris\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Performix LLC) C:\Program Files (x86)\Adguard\Adguard.exe (Dropbox, Inc.) C:\Users\Kris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Yahoo Inc.) C:\Program Files (x86)\Yahoo!\yset\{B8C70ACD-7042-6049-B8D8-12AFF758073A}\YSearchUtilSVC.exe (Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.8.3.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe (Spotify Ltd) C:\Users\Kris\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\Kris\AppData\Roaming\Spotify\SpotifyCrashService.exe (Spotify Ltd) C:\Users\Kris\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\Kris\AppData\Roaming\Spotify\Spotify.exe (Telegram Messenger LLP) C:\Users\Kris\AppData\Roaming\Telegram Win (Unofficial)\Telegram.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe ==================== Registry (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe" HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe" HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS) HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [600928 2014-03-13] (Copyright 2013 SAMSUNG) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-08-03] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2014-03-12] (Cisco Systems, Inc.) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation) HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [2015768 2015-07-05] (Performix LLC) HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [2015768 2015-07-05] (Performix LLC) HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation) HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation) HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation) HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation) HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation) HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation) HKU\S-1-5-21-2324392281-2098655948-2250387561-1001\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation) HKU\S-1-5-21-2324392281-2098655948-2250387561-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation) HKU\S-1-5-21-2324392281-2098655948-2250387561-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation) HKU\S-1-5-21-2324392281-2098655948-2250387561-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation) HKU\S-1-5-21-2324392281-2098655948-2250387561-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation) HKU\S-1-5-21-2324392281-2098655948-2250387561-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation) HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.) HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [Spotify Web Helper] => C:\Users\Kris\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-07] (Spotify Ltd) HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [GoogleChromeAutoLaunch_3E81765752FF83C4DA6B3E36D2D9EEDD] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-31] (Google Inc.) HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [2015768 2015-07-05] (Performix LLC) HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [Spotify] => C:\Users\Kris\AppData\Roaming\Spotify\spotify.exe [7675448 2015-08-07] (Spotify Ltd) HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.) HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Kris\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-07] (Spotify Ltd) HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_3E81765752FF83C4DA6B3E36D2D9EEDD] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-31] (Google Inc.) HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [2015768 2015-07-05] (Performix LLC) HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\Kris\AppData\Roaming\Spotify\spotify.exe [7675448 2015-08-07] (Spotify Ltd) HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.) HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Spotify Web Helper] => C:\Users\Kris\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-07] (Spotify Ltd) HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [GoogleChromeAutoLaunch_3E81765752FF83C4DA6B3E36D2D9EEDD] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-31] (Google Inc.) HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [2015768 2015-07-05] (Performix LLC) HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Spotify] => C:\Users\Kris\AppData\Roaming\Spotify\spotify.exe [7675448 2015-08-07] (Spotify Ltd) HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation) HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation) HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation) HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation) HKU\S-1-5-18\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [2015768 2015-07-05] (Performix LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-10-13] ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.) Startup: C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-09] ShortcutTarget: Dropbox.lnk -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => Keine Datei ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => Keine Datei ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP64E0EB6E-F346-4327-B53C-93E520419F5B&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002 -> {5548B853-707A-48C9-B81C-7B6F5BAFE839} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP64E0EB6E-F346-4327-B53C-93E520419F5B&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {5548B853-707A-48C9-B81C-7B6F5BAFE839} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP64E0EB6E-F346-4327-B53C-93E520419F5B&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {5548B853-707A-48C9-B81C-7B6F5BAFE839} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-11] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-11] (Oracle Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-10-31] (RealPlayer) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-11] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-11] (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{e85dc7f5-fdb6-417a-a0e3-22ed0cc4fa99}: [DhcpNameServer] 192.168.0.1 192.168.0.2 FireFox: ======== FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.) FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2012-10-28] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-11] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] () FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-11] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-11] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei] FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2012-10-31] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2012-10-31] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-31] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-31] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2012-10-31] (RealPlayer) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems) FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll [Keine Datei] FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002: @citrixonline.com/appdetectorplugin -> C:\Users\Kris\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-05-09] (Citrix Online) FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll Keine Datei FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @citrixonline.com/appdetectorplugin -> C:\Users\Kris\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-05-09] (Citrix Online) FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll Keine Datei FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: @citrixonline.com/appdetectorplugin -> C:\Users\Kris\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-05-09] (Citrix Online) FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll Keine Datei FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-10-31] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK Chrome: ======= CHR Profile: C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Adguard AdBlocker) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2015-03-22] CHR Extension: (YouTube) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-26] CHR Extension: (Adblock Plus) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-11-13] CHR Extension: (Adblock for Youtube™) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2015-03-22] CHR Extension: (FB Auto-Poker) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmhccgdbmajoblcbfbgmhnpiecmjiadh [2012-11-14] CHR Extension: (Google Search) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-26] CHR Extension: (PanicButton) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm [2012-11-14] CHR Extension: (iCloud Bookmarks) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2015-07-07] CHR Extension: (Avira Browser Safety) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-04-19] CHR Extension: (FoxyProxy Standard) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp [2012-11-14] CHR Extension: (Hide My AdBlocker) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihcngphjjankfngmgdkihhngndcdflc [2015-04-19] CHR Extension: (Spotify Chrome Extension) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbjmlahipheaaghllkabfkpolljilkjb [2012-11-14] CHR Extension: (LastPass: Free Password Manager) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-03-22] CHR Extension: (Speed Dial 3™) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfgjjcbbihjnpdommbepdkpfnkkapnbh [2015-03-22] CHR Extension: (Stealthy) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2012-11-14] CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-10-31] CHR Extension: (Adblock Super) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-03-22] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14] CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2015-03-22] CHR Extension: (Ghostery) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-02-21] CHR Extension: (Chrome Web Store Payments) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (Psykopaint) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2013-02-28] CHR Extension: (Gmail) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-26] CHR Extension: (SoundCloud Storm) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\plkfceapbcmjkgdffihdaebnfblcjfbf [2012-11-14] CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-10-31] CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - https://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [119832 2015-07-05] (Performix LLC) R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [Datei ist nicht signiert] S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-08-03] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-08-03] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-08-03] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-08-03] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.) R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-07-10] (Microsoft Corporation) S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-07-10] (Microsoft Corporation) R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [808856 2015-08-07] (Microsoft Corporation) R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [510976 2015-08-07] (Microsoft Corporation) S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [27136 2015-07-10] (Microsoft Corporation) S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [267776 2015-07-10] (Microsoft Corporation) S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [193024 2015-07-10] (Microsoft Corporation) S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [87040 2015-07-10] (Microsoft Corporation) S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [275456 2015-07-10] (Microsoft Corporation) S3 icssvc; C:\Windows\System32\tetheringservice.dll [148992 2015-08-07] (Microsoft Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328608 2015-07-30] (Intel Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation) R3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-07-10] (Microsoft Corporation) R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [21504 2015-07-10] (Microsoft Corporation) S2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-07-10] (Microsoft Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [296960 2015-07-10] (Microsoft Corporation) R2 OneSyncSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) R2 OneSyncSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [289280 2015-07-10] (Microsoft Corporation) R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) S3 RetailDemo; C:\Windows\system32\RDXService.dll [988672 2015-07-30] (Microsoft Corporation) S2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [609632 2014-03-13] (Copyright 2013 SAMSUNG) S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1031680 2015-08-07] (Microsoft Corporation) R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2674176 2015-07-10] (Microsoft Corporation) R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2049024 2015-07-10] (Microsoft Corporation) S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1203200 2015-08-07] (Microsoft Corporation) S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [925696 2015-08-07] (Microsoft Corporation) R3 UnistoreSvc_Session1; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) R3 UnistoreSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1420288 2015-07-30] (Microsoft Corporation) R3 UserDataSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) R3 UserDataSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation) S3 WalletService; C:\Windows\system32\WalletService.dll [504320 2015-07-10] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [918016 2015-07-10] (Microsoft Corporation) S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1149440 2015-07-10] (Microsoft Corporation) S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1019392 2015-07-10] (Microsoft Corporation) R2 YSearchUtilSvc; C:\Program Files (x86)\Yahoo!\yset\{B8C70ACD-7042-6049-B8D8-12AFF758073A}\YSearchUtilSvc.exe [151832 2015-08-07] (Yahoo Inc.) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 adgnetworktdidrv; C:\Windows\System32\drivers\adgnetworktdidrv.sys [61432 2015-06-02] () R3 athr; C:\Windows\System32\drivers\athw10x.sys [4325544 2015-06-26] (Qualcomm Atheros Communications, Inc.) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2015-07-28] (ASUS Corporation) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137288 2015-08-03] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-08-03] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG) R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys [39936 2015-07-10] (Microsoft Corporation) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3436896 2015-07-10] (QLogic Corporation) R2 EkaProt6; C:\Windows\system32\DRIVERS\ekaprot6.sys [27288 2012-03-23] (Ekahau Inc.) R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83968 2015-07-10] (Microsoft Corporation) S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2015-07-10] (Microsoft Corporation) R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-07-10] (Microsoft Corporation) S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424800 2015-07-10] (Mellanox) S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [26624 2015-07-10] (Microsoft Corporation) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( ) S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-13] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705376 2015-07-10] (Mellanox) S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76128 2015-07-10] (Mellanox) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek ) R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-07-08] (Realsil Semiconductor Corporation) R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61952 2015-07-10] (Microsoft Corporation) R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys [17760 2015-07-10] (Microsoft Corporation) S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.) S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [61952 2015-07-10] (Microsoft Corporation) S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [46080 2015-08-07] (Microsoft Corporation) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [52592 2014-03-12] (Cisco Systems, Inc.) R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106520 2015-07-10] (Microsoft Corporation) R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2015-07-10] (Microsoft Corporation) S3 WinMad; C:\Windows\System32\drivers\winmad.sys [26976 2015-07-10] (Mellanox) S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59232 2015-07-10] (Mellanox) S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [222720 2015-07-10] (Microsoft Corporation) S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-07-10] (Microsoft Corporation) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) NETSVC: dosvc -> C:\Windows\system32\dosvc.dll (Microsoft Corporation) NETSVC: DcpSvc -> C:\Windows\system32\dcpsvc.dll (Microsoft Corporation) NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation) NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation) NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation) NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation) NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation) NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation) NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation) NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation) NETSVC: RetailDemo -> C:\Windows\system32\RDXService.dll (Microsoft Corporation) NETSVCx32: NetSetupSvc -> C:\Windows\SysWOW64\NetSetupSvc.dll ==> Keine Datei NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> Keine Datei |
|
13.08.2015, 15:17
| #4 |
| | Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem FRST.txt Teil 2 Code:
ATTFilter ==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
url=www.hippsoft.com
url=www.hippsoft.com
url=www.hippsoft.com
url=www.hippsoft.com
url=www.hippsoft.com
url=www.hippsoft.com
url=www.hippsoft.com
url=www.hippsoft.com
url=www.hippsoft.com
url=www.hippsoft.com
url=www.hippsoft.com
url=www.hippsoft.com
url=www.hippsoft.com
url=www.hippsoft.com
url=www.hippsoft.com
url=www.hippsoft.com
url=www.hippsoft.com
url=www.hippsoft.com
url=www.hippsoft.com
update=www.hippsoft.com/software/hskomp.htm
update=www.hippsoft.com/software/hskomp.htm
update=www.hippsoft.com/software/hskomp.htm
update=www.hippsoft.com/software/hskomp.htm
update=www.hippsoft.com/software/hskomp.htm
update=www.hippsoft.com/software/hskomp.htm
update=www.hippsoft.com/software/hskomp.htm
update=www.hippsoft.com/software/hskomp.htm
update=www.hippsoft.com/software/hskomp.htm
update=www.hippsoft.com/software/hskomp.htm
update=www.hippsoft.com/software/hskomp.htm
update=www.hippsoft.com/software/hskomp.htm
update=www.hippsoft.com/software/hskomp.htm
update=www.hippsoft.com/software/hskomp.htm
update=www.hippsoft.com/software/hskomp.htm
update=www.hippsoft.com/software/hskomp.htm
update=www.hippsoft.com/software/hskomp.htm
update=www.hippsoft.com/software/hskomp.htm
update=www.hippsoft.com/software/hskomp.htm
type=Freeware) C:\WINDOWS\SysWOW64\hswinutil.dll
type=Freeware) C:\WINDOWS\SysWOW64\hsWindowProc.ocx
type=Freeware) C:\WINDOWS\SysWOW64\hstimerclass.dll
type=Freeware) C:\WINDOWS\SysWOW64\hsTimer.ocx
type=Freeware) C:\WINDOWS\SysWOW64\hsSysTray.ocx
type=Freeware) C:\WINDOWS\SysWOW64\hssubclass.dll
type=Freeware) C:\WINDOWS\SysWOW64\hsSplitterbar.ocx
type=Freeware) C:\WINDOWS\SysWOW64\hsServerData.exe
type=Freeware) C:\WINDOWS\SysWOW64\hsSeparator.ocx
type=Freeware) C:\WINDOWS\SysWOW64\hsMenu.ocx
type=Freeware) C:\WINDOWS\SysWOW64\hsMedia.ocx
type=Freeware) C:\WINDOWS\SysWOW64\hsLabel.ocx
type=Freeware) C:\WINDOWS\SysWOW64\hsGradient.ocx
type=Freeware) C:\WINDOWS\SysWOW64\hsfutil.dll
type=Freeware) C:\WINDOWS\SysWOW64\hsdlgutil.dll
type=Freeware) C:\WINDOWS\SysWOW64\hsCrypto.dll
type=Freeware) C:\WINDOWS\SysWOW64\hsCom.ocx
type=Freeware) C:\WINDOWS\SysWOW64\hsColor.ocx
type=Freeware) C:\WINDOWS\SysWOW64\hsButton.ocx
mail=hippsoftservice@hippsoft.com
mail=hippsoftservice@hippsoft.com
mail=hippsoftservice@hippsoft.com
mail=hippsoftservice@hippsoft.com
mail=hippsoftservice@hippsoft.com
mail=hippsoftservice@hippsoft.com
mail=hippsoftservice@hippsoft.com
mail=hippsoftservice@hippsoft.com
mail=hippsoftservice@hippsoft.com
mail=hippsoftservice@hippsoft.com
mail=hippsoftservice@hippsoft.com
mail=hippsoftservice@hippsoft.com
mail=hippsoftservice@hippsoft.com
mail=hippsoftservice@hippsoft.com
mail=hippsoftservice@hippsoft.com
mail=hippsoftservice@hippsoft.com
mail=hippsoftservice@hippsoft.com
mail=hippsoftservice@hippsoft.com
mail=hippsoftservice@hippsoft.com
2015-08-13 13:52 - 2015-08-13 13:53 - 00050195 _____ C:\Users\Kris\Desktop\FRST.txt
2015-08-13 13:52 - 2015-08-13 13:52 - 02173952 _____ (Farbar) C:\Users\Kris\Desktop\FRST64.exe
2015-08-13 13:47 - 2015-08-13 13:47 - 00000470 _____ C:\Users\Kris\Desktop\defogger_disable.log
2015-08-13 13:47 - 2015-08-13 13:47 - 00000000 _____ C:\Users\Kris\defogger_reenable
2015-08-13 13:46 - 2015-08-13 13:46 - 00050477 _____ C:\Users\Kris\Desktop\Defogger (1).exe
2015-08-13 13:27 - 2015-08-13 13:27 - 00016148 _____ C:\WINDOWS\system32\MUEEMUII_Kris_HistoryPrediction.bin
2015-08-12 17:13 - 2015-08-12 17:13 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-08-11 21:20 - 2015-08-11 21:20 - 00000000 ____D C:\Users\Kris\AppData\Local\YSearchUtil
2015-08-11 21:20 - 2015-08-11 21:20 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2015-08-11 21:07 - 2015-08-11 21:09 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2015-08-11 14:57 - 2015-08-11 14:57 - 00003628 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
2015-08-11 14:56 - 2015-08-11 14:56 - 00065456 _____ C:\WINDOWS\system32\ASGCoInstaller_x64.dll
2015-08-11 04:31 - 2015-08-11 04:31 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-10 17:48 - 2015-08-10 17:48 - 00000000 ____D C:\Users\Kris\AppData\Local\MicrosoftEdge
2015-08-10 17:41 - 2015-08-12 23:48 - 00002397 _____ C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-10 17:39 - 2015-08-11 21:07 - 00003496 _____ C:\WINDOWS\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-10 17:38 - 2015-08-11 21:07 - 00003556 _____ C:\WINDOWS\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-10 17:35 - 2015-08-10 17:35 - 00001918 _____ C:\Users\Public\Desktop\Adguard.lnk
2015-08-10 17:01 - 2015-08-10 17:01 - 00000000 ____D C:\Users\Kris\AppData\Local\NetworkTiles
2015-08-09 16:37 - 2015-08-09 16:37 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-08-08 12:18 - 2015-07-30 08:24 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-08-08 12:18 - 2015-07-30 08:23 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-08-08 12:18 - 2015-07-30 08:22 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-08 12:18 - 2015-07-30 08:21 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-08-08 12:18 - 2015-07-30 08:17 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-08 12:18 - 2015-07-30 08:17 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-08-08 12:18 - 2015-07-30 08:16 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-08-08 12:18 - 2015-07-30 08:16 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-08 12:18 - 2015-07-30 08:14 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-08-08 12:18 - 2015-07-30 08:09 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-08-08 12:18 - 2015-07-30 08:06 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-08-08 12:18 - 2015-07-30 08:05 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-08 12:18 - 2015-07-30 08:05 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-08-08 12:18 - 2015-07-30 08:04 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-08 12:18 - 2015-07-30 08:03 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-08-08 12:18 - 2015-07-30 08:03 - 01983328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-08 12:18 - 2015-07-30 07:30 - 22319520 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-08 12:18 - 2015-07-30 07:24 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-08-08 12:18 - 2015-07-30 06:29 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-08 12:18 - 2015-07-30 06:26 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-08-08 12:18 - 2015-07-30 06:26 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-08-08 12:18 - 2015-07-30 06:25 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-08-08 12:18 - 2015-07-30 06:25 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-08-08 12:18 - 2015-07-30 06:24 - 01769056 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-08 12:18 - 2015-07-30 06:24 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-08-08 12:18 - 2015-07-30 06:24 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-08-08 12:18 - 2015-07-30 06:22 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-08-08 12:18 - 2015-07-30 06:22 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-08-08 12:18 - 2015-07-30 06:21 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-08 12:18 - 2015-07-30 06:17 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-08 12:18 - 2015-07-30 06:12 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-08-08 12:18 - 2015-07-30 06:12 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-08-08 12:18 - 2015-07-30 06:08 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-08 12:18 - 2015-07-30 06:08 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2015-08-08 12:18 - 2015-07-30 06:07 - 20854776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-08 12:18 - 2015-07-30 06:02 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-08 12:18 - 2015-07-30 05:56 - 16707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-08 12:18 - 2015-07-30 05:54 - 24591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-08 12:18 - 2015-07-30 05:54 - 02415616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-08 12:18 - 2015-07-30 05:53 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-08 12:18 - 2015-07-30 05:53 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-08 12:18 - 2015-07-30 05:53 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-08 12:18 - 2015-07-30 05:52 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-08 12:18 - 2015-07-30 05:52 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-08-08 12:18 - 2015-07-30 05:52 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-08-08 12:18 - 2015-07-30 05:49 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-08-08 12:18 - 2015-07-30 05:49 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-08 12:18 - 2015-07-30 05:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-08-08 12:18 - 2015-07-30 05:46 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-08 12:18 - 2015-07-30 05:46 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-08-08 12:18 - 2015-07-30 05:44 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-08 12:18 - 2015-07-30 05:44 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-08 12:18 - 2015-07-30 05:44 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-08-08 12:18 - 2015-07-30 05:42 - 00596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-08 12:18 - 2015-07-30 05:42 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-08-08 12:18 - 2015-07-30 05:41 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-08 12:18 - 2015-07-30 05:41 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-08-08 12:18 - 2015-07-30 05:40 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-08 12:18 - 2015-07-30 05:40 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-08-08 12:18 - 2015-07-30 05:38 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-08-08 12:18 - 2015-07-30 05:34 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-08-08 12:18 - 2015-07-30 05:32 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-08 12:18 - 2015-07-30 05:32 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-08 12:18 - 2015-07-30 05:29 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-08-08 12:18 - 2015-07-30 05:23 - 13024256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-08 12:18 - 2015-07-30 05:15 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-08-08 12:18 - 2015-07-30 05:14 - 19333632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-08 12:18 - 2015-07-30 05:13 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-08 12:18 - 2015-07-30 05:13 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-08 12:18 - 2015-07-30 05:12 - 01914880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-08 12:18 - 2015-07-30 05:11 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-08 12:18 - 2015-07-30 05:10 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-08 12:18 - 2015-07-30 05:06 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-08 12:18 - 2015-07-30 05:04 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-08-08 12:18 - 2015-07-30 05:04 - 00495616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-08 12:18 - 2015-07-30 05:04 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-08-08 12:18 - 2015-07-30 04:59 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-08-08 12:18 - 2015-07-30 04:58 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-08 12:18 - 2015-07-30 04:58 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-08-08 12:17 - 2015-07-30 08:17 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-08 12:17 - 2015-07-30 08:15 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-08-08 12:17 - 2015-07-30 06:42 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-08 12:17 - 2015-07-30 06:24 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-08-08 12:17 - 2015-07-30 06:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-08-08 12:17 - 2015-07-30 06:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-08-08 12:17 - 2015-07-30 05:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-08-08 12:17 - 2015-07-30 05:49 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-08 12:17 - 2015-07-30 05:46 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-08-08 12:17 - 2015-07-30 05:45 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-08-08 12:17 - 2015-07-30 05:45 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-08-08 12:17 - 2015-07-30 05:44 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-08-08 12:17 - 2015-07-30 05:44 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-08 12:17 - 2015-07-30 05:44 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
2015-08-08 12:17 - 2015-07-30 05:41 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-08-08 12:17 - 2015-07-30 05:38 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-08-08 12:17 - 2015-07-30 05:10 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-08 12:17 - 2015-07-30 05:07 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2015-08-08 12:17 - 2015-07-30 05:06 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-08-08 12:17 - 2015-07-30 05:06 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2015-08-08 12:17 - 2015-07-30 05:06 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
2015-08-08 11:58 - 2015-08-08 11:58 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-08-08 11:40 - 2015-08-08 11:45 - 00000000 ____D C:\ProgramData\AsusMissionManagerIni
2015-08-08 10:49 - 2015-08-08 10:49 - 00000000 ____D C:\Users\Kris\AppData\Local\Publishers
2015-08-08 10:21 - 2015-08-08 10:21 - 00000000 ____D C:\Users\Kris\AppData\Local\Comms
2015-08-08 10:17 - 2015-08-08 10:17 - 00000000 ____D C:\Users\Kris\AppData\Local\TileDataLayer
2015-08-08 10:16 - 2015-08-08 10:16 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-08-08 10:15 - 2015-08-08 10:15 - 00000020 ___SH C:\Users\Kris\ntuser.ini
2015-08-08 04:15 - 2015-08-11 14:57 - 00055916 _____ C:\WINDOWS\DPINST.LOG
2015-08-08 04:09 - 2015-08-10 17:14 - 00000000 ____D C:\ProgramData\SetupTPDriver
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-08-07 21:57 - 2015-08-07 21:06 - 00000000 __SHD C:\Recovery
2015-08-07 21:56 - 2015-08-08 03:30 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-07 21:54 - 2015-08-07 21:54 - 00000000 ____D C:\Windows.old
2015-08-07 21:53 - 2015-08-07 21:53 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 12502016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 11260928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 02878000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 02462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 02224128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 02150696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-07 21:53 - 2015-08-07 21:53 - 01085776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-08-07 21:53 - 2015-08-07 21:53 - 00916800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00643616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00606392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00403968 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00242264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 03589632 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01680896 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01601024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-08-07 21:52 - 2015-08-07 21:52 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01161728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-08-07 21:52 - 2015-08-07 21:52 - 00991584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00539216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-07 21:52 - 2015-08-07 21:52 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00412672 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-08-07 21:49 - 2015-08-07 21:49 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-08-07 21:47 - 2015-08-07 21:47 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-08-07 21:47 - 2015-08-07 21:47 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-08-07 21:47 - 2015-08-07 21:47 - 00000000 ____D C:\Program Files\MSBuild
2015-08-07 21:47 - 2015-08-07 21:47 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-08-07 21:47 - 2015-08-07 21:22 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-07 21:46 - 2015-06-17 19:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-08-07 21:46 - 2015-06-17 19:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-07 21:46 - 2015-06-17 19:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-08-07 21:46 - 2015-05-29 22:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-08-07 21:46 - 2015-05-29 22:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-07 21:46 - 2015-05-29 22:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-08-07 21:37 - 2015-08-08 12:03 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-07 21:27 - 2015-07-10 12:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-08-07 21:19 - 2015-08-07 21:19 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default\AppData\Roaming\Performix LLC
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Performix LLC
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-08-07 21:10 - 2015-08-07 21:10 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-08-07 21:08 - 2015-08-13 13:47 - 00000000 ____D C:\Users\Kris
2015-08-07 21:08 - 2015-08-08 10:16 - 00000000 ___RD C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 21:08 - 2015-08-07 21:10 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-07 21:08 - 2015-08-07 21:10 - 00000000 ___RD C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Vorlagen
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Startmenü
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Netzwerkumgebung
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Lokale Einstellungen
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Eigene Dateien
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Druckumgebung
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Documents\Eigene Musik
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Documents\Eigene Bilder
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\AppData\Local\Verlauf
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\AppData\Local\Anwendungsdaten
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Anwendungsdaten
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-07 21:07 - 2015-08-07 21:39 - 00000000 ____D C:\Users\Gast
2015-08-07 21:07 - 2015-08-07 21:09 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Vorlagen
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Startmenü
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Netzwerkumgebung
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Lokale Einstellungen
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Eigene Dateien
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Druckumgebung
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Musik
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Bilder
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Verlauf
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Anwendungsdaten
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Anwendungsdaten
2015-08-07 21:07 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-07 21:07 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 21:07 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-07 21:07 - 2015-07-10 13:04 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-07 21:04 - 2015-08-07 21:11 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-07 21:04 - 2015-08-07 21:11 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-07 21:04 - 2015-08-07 21:11 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-08-07 21:04 - 2015-08-07 21:04 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-08-07 21:04 - 2015-08-07 21:04 - 00000000 ____D C:\WINDOWS\system32\NV
2015-08-07 21:04 - 2015-08-07 21:04 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-07 21:04 - 2015-07-13 19:37 - 06873744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 02558792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 00937616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-08-07 21:04 - 2015-07-13 19:37 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-08-07 21:04 - 2015-07-13 18:28 - 05096627 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-08-07 21:03 - 2015-08-07 21:11 - 00000000 ____D C:\Program Files\Intel
2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____D C:\WINDOWS\system32\DAX2
2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____D C:\ProgramData\SonicFocus
2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____D C:\Program Files\Realtek
2015-08-07 21:03 - 2015-07-30 22:45 - 00072688 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-08-07 21:03 - 2015-07-30 22:45 - 00069104 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-08-07 20:59 - 2015-08-07 20:59 - 00031060 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-08-07 20:58 - 2015-08-08 11:55 - 00011412 _____ C:\WINDOWS\PFRO.log
2015-08-07 20:29 - 2015-08-08 01:53 - 00006719 _____ C:\WINDOWS\comsetup.log
2015-08-07 15:35 - 2015-08-07 15:35 - 00000000 ____D C:\Users\Kris\AppData\Local\CEF
2015-07-30 22:46 - 2015-07-30 22:46 - 12334064 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 11905424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 11053040 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 10574976 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 04636608 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 03668768 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 01155984 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 01151832 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00467688 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00378816 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00229648 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00199080 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00194352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00169352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00040704 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 22914032 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 17846768 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 08528880 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 06512112 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 04371872 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 04368288 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 04024368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 03797960 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-07-30 22:45 - 2015-07-30 22:45 - 02508272 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 02035696 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 01994224 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 01793008 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 01766896 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 01468976 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00969120 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00865328 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00678896 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00659504 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00632816 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00616496 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00555424 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00554912 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00540064 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00443296 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00409504 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00408992 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00393632 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00392688 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00385520 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00374256 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00357936 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00329200 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00328608 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00295408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00290208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00285168 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00264176 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-07-30 22:45 - 2015-07-30 22:45 - 00261104 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00256928 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00232944 _____ C:\WINDOWS\system32\igdde64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00228848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00223792 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00204192 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00194544 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00193520 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00191984 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4252.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00191024 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00170992 _____ C:\WINDOWS\system32\igdail64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00164256 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00163824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00152560 _____ C:\WINDOWS\SysWOW64\igdail32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00141872 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00107568 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00102896 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00095216 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00078320 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00072688 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00069104 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00068080 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00039408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00019440 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00018928 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00018928 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00018928 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00013808 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00013808 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-07-28 11:28 - 2015-07-28 11:28 - 00100776 _____ (ASUS Corporation) C:\WINDOWS\system32\Drivers\AsusTP.sys
2015-07-20 22:20 - 2015-08-07 21:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hippsoft
2015-07-20 22:20 - 2015-07-20 22:20 - 00000000 ____D C:\Program Files (x86)\Hippsoft
2015-07-20 22:20 - 2011-02-10 18:21 - 00908792 _____ (Hippsoft
2015-07-20 22:20 - 2011-02-10 18:21 - 00261624 _____ (Hippsoft
2015-07-20 22:20 - 2011-02-10 18:21 - 00146936 _____ (Hippsoft
2015-07-20 22:20 - 2011-02-10 18:21 - 00101880 _____ (Hippsoft
2015-07-20 22:20 - 2011-02-10 18:21 - 00052728 _____ (Hippsoft
2015-07-20 22:20 - 2011-02-10 18:20 - 00785912 _____ (Hippsoft
2015-07-20 22:20 - 2011-02-10 18:20 - 00531960 _____ (Hippsoft
2015-07-20 22:20 - 2011-02-10 18:20 - 00290296 _____ (Hippsoft
2015-07-20 22:20 - 2011-02-10 18:20 - 00257528 _____ (Hippsoft
2015-07-20 22:20 - 2011-02-10 18:20 - 00237048 _____ (Hippsoft
2015-07-20 22:20 - 2011-02-10 18:20 - 00171512 _____ (Hippsoft
2015-07-20 22:20 - 2011-02-10 18:20 - 00155128 _____ (Hippsoft
2015-07-20 22:20 - 2011-02-10 18:20 - 00142840 _____ (Hippsoft
2015-07-20 22:20 - 2011-02-10 18:20 - 00122360 _____ (Hippsoft
2015-07-20 22:20 - 2011-02-10 18:20 - 00101880 _____ (Hippsoft
2015-07-20 22:20 - 2011-02-10 18:20 - 00089592 _____ (Hippsoft
2015-07-20 22:20 - 2011-02-10 18:20 - 00073208 _____ (Hippsoft
2015-07-20 22:20 - 2011-02-10 18:20 - 00073208 _____ (Hippsoft
2015-07-20 22:20 - 2011-02-10 18:20 - 00048632 _____ (Hippsoft
2015-07-20 22:20 - 2010-11-04 22:55 - 00659264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCT2.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00415552 _____ (Microsoft Corporation ) C:\WINDOWS\SysWOW64\COMCT332.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00258880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFLXGRD.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTL32.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00218432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RICHTX32.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCDE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00155984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMDLG32.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00127808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWINSCK.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00125712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6DE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCC2DE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wbemdisp.tlb
2015-07-20 22:20 - 2010-11-04 22:55 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FLXGDDE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RCHTXDE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGDE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00028672 _____ (Microsoft Corporation ) C:\WINDOWS\SysWOW64\CMCT3DE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00024626 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrnde.dll
2015-07-20 22:20 - 2010-11-04 22:55 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTDE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WINSKDE.DLL
2015-07-20 22:20 - 2006-11-21 22:00 - 00051868 _____ C:\WINDOWS\SysWOW64\hsdlgutil.csh
2015-07-20 22:20 - 2003-07-06 13:07 - 00372736 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IJL15.dll
2015-07-20 22:19 - 2015-07-20 22:19 - 04047094 _____ C:\Users\Kris\Downloads\hswebcam_1.09.zip
2015-07-20 22:18 - 2015-07-20 22:18 - 01259808 _____ C:\Users\Kris\Downloads\hsWebCam - CHIP-Installer.exe
2015-07-19 13:03 - 2015-08-07 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-19 13:03 - 2015-07-19 13:03 - 00001767 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-19 13:02 - 2015-07-19 13:03 - 00000000 ____D C:\Program Files\iTunes
2015-07-19 13:02 - 2015-07-19 13:02 - 00000000 ____D C:\Program Files\iPod
2015-07-19 13:02 - 2015-07-19 13:02 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-17 20:40 - 2015-07-17 20:54 - 00011112 ____H C:\Users\Kris\Desktop\~WRL0006.tmp
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-13 13:53 - 2014-05-18 19:08 - 00000000 ____D C:\FRST
2015-08-13 13:52 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-13 13:43 - 2012-10-27 11:36 - 00000000 ____D C:\Users\Kris\AppData\Local\Spotify
2015-08-13 13:43 - 2012-10-27 11:35 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Spotify
2015-08-13 13:42 - 2015-04-19 17:15 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-13 13:41 - 2012-10-26 22:08 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-13 13:39 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-13 13:36 - 2015-05-30 13:10 - 00000670 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2324392281-2098655948-2250387561-1002.job
2015-08-13 13:18 - 2015-06-20 14:08 - 00001238 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002UA.job
2015-08-13 13:08 - 2015-05-09 01:57 - 00000574 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2324392281-2098655948-2250387561-1002.job
2015-08-13 11:20 - 2013-12-28 00:42 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B59720AA-39DF-4F4D-BE50-D6B932891593}
2015-08-13 09:19 - 2015-03-22 18:19 - 00000000 ____D C:\ProgramData\Adguard
2015-08-13 08:18 - 2015-06-20 14:07 - 00001186 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002Core.job
2015-08-12 23:28 - 2015-05-30 13:10 - 00003824 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-12 23:28 - 2015-05-09 01:57 - 00003728 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-12 22:41 - 2012-10-26 22:08 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-12 18:38 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-12 17:30 - 2014-04-08 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 17:30 - 2012-11-06 21:10 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 17:29 - 2014-04-08 21:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 17:29 - 2014-04-08 21:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 17:29 - 2013-08-14 16:03 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-12 17:18 - 2012-12-13 18:02 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-12 17:15 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-11 21:19 - 2015-03-03 20:32 - 00000000 ____D C:\ProgramData\Oracle
2015-08-11 21:18 - 2013-06-29 19:42 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-11 21:17 - 2012-10-28 15:20 - 00321632 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2015-08-11 21:17 - 2012-10-28 15:20 - 00206944 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2015-08-11 21:17 - 2012-10-28 15:20 - 00206432 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2015-08-11 21:17 - 2012-10-28 15:20 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-08-11 21:17 - 2012-10-28 15:20 - 00000000 ____D C:\Program Files\Java
2015-08-11 21:16 - 2014-01-21 17:29 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-08-11 21:07 - 2015-03-29 15:02 - 00000000 ___RD C:\Users\Kris\Dropbox
2015-08-11 21:07 - 2015-03-29 14:59 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Dropbox
2015-08-11 21:04 - 2015-07-07 11:05 - 00000000 ___RD C:\Users\Kris\iCloudDrive
2015-08-11 21:04 - 2015-03-22 18:19 - 00000000 ____D C:\Program Files (x86)\Adguard
2015-08-11 21:04 - 2012-10-27 04:48 - 00000416 _____ C:\Users\Kris\AppData\Roaming\sp_data.sys
2015-08-11 21:02 - 2014-09-12 16:27 - 00000422 _____ C:\WINDOWS\Tasks\simplitec Service Provider.job
2015-08-11 21:01 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-11 21:00 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-11 04:15 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-10 17:35 - 2015-03-22 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adguard
2015-08-10 17:17 - 2013-05-11 21:33 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Skype
2015-08-10 14:05 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\appcompat
2015-08-09 04:00 - 2014-02-21 23:26 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Telegram Win (Unofficial)
2015-08-08 17:38 - 2015-07-10 13:06 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 17:38 - 2015-07-10 13:06 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-08 14:19 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-08 14:19 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-08 14:15 - 2012-10-13 11:38 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-08-08 12:18 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-08-08 12:03 - 2015-07-10 18:34 - 00772342 _____ C:\WINDOWS\system32\perfh007.dat
2015-08-08 12:03 - 2015-07-10 18:34 - 00154170 _____ C:\WINDOWS\system32\perfc007.dat
2015-08-08 11:55 - 2015-07-10 14:20 - 00460216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-08 11:51 - 2012-10-27 04:44 - 00000000 ____D C:\Users\Kris\AppData\Local\Packages
2015-08-08 10:44 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-08-08 10:42 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-08-08 10:41 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-08-08 10:26 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-08-08 04:15 - 2012-10-13 11:40 - 00000000 ____D C:\Program Files\DIFX
2015-08-08 03:03 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows NT
2015-08-08 03:03 - 2015-07-10 11:05 - 00000000 __RHD C:\Users\Default
2015-08-08 02:57 - 2015-07-10 14:20 - 00019892 _____ C:\WINDOWS\setupact.log
2015-08-08 02:57 - 2013-11-27 18:14 - 00059058 _____ C:\WINDOWS\diagwrn.xml
2015-08-08 02:57 - 2013-11-27 18:14 - 00059058 _____ C:\WINDOWS\diagerr.xml
2015-08-08 02:00 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Registration
2015-08-08 01:44 - 2013-11-27 18:39 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-08-08 01:43 - 2014-02-21 20:07 - 00003204 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-08 01:42 - 2014-09-12 16:27 - 00002854 _____ C:\WINDOWS\System32\Tasks\simplitec Power Suite
2015-08-08 01:42 - 2014-05-11 13:57 - 00003316 _____ C:\WINDOWS\System32\Tasks\{4F236E2E-E3E7-4127-B77B-21F7F0B81AE2}
2015-08-08 01:42 - 2013-07-20 21:50 - 00003224 _____ C:\WINDOWS\System32\Tasks\{0E97361A-FDEE-49EC-90E5-8F380571B6BA}
2015-08-08 01:42 - 2013-05-01 01:22 - 00003208 _____ C:\WINDOWS\System32\Tasks\{BF8034A5-5417-4372-B7B4-0A6F3B7AD8CE}
2015-08-08 01:42 - 2012-10-27 04:53 - 00003710 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-08 01:41 - 2015-06-20 14:08 - 00004292 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002UA
2015-08-08 01:41 - 2015-06-20 14:07 - 00003912 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002Core
2015-08-08 01:41 - 2014-09-12 16:27 - 00002894 _____ C:\WINDOWS\System32\Tasks\simplitec Service Provider
2015-08-08 01:41 - 2013-12-17 00:03 - 00001714 _____ C:\WINDOWS\System32\Tasks\Amazon Music Helper
2015-08-08 01:41 - 2012-11-10 13:10 - 00003652 _____ C:\WINDOWS\System32\Tasks\ASUS Touchpad Launcher (x64)
2015-08-08 01:41 - 2012-10-26 22:08 - 00004218 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-08 01:41 - 2012-10-26 22:08 - 00003982 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-08 01:41 - 2012-10-13 11:47 - 00003222 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update
2015-08-07 23:23 - 2015-07-10 13:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-07 21:56 - 2015-07-10 13:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-08-07 21:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-08-07 21:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-08-07 21:53 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-08-07 21:53 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-08-07 21:22 - 2015-07-10 18:46 - 00000000 ____D C:\WINDOWS\ShellNew
2015-08-07 21:22 - 2015-07-10 11:05 - 00065536 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-07 21:22 - 2015-07-07 10:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-08-07 21:22 - 2015-05-09 01:58 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citrix
2015-08-07 21:22 - 2015-05-07 22:25 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Inquisit 4 Web Player
2015-08-07 21:22 - 2015-04-20 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2015-08-07 21:22 - 2015-04-19 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-08-07 21:22 - 2015-03-23 13:55 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2015-08-07 21:22 - 2014-11-19 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ekahau
2015-08-07 21:22 - 2014-11-19 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek
2015-08-07 21:22 - 2014-09-26 16:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Helden-Software
2015-08-07 21:22 - 2014-09-26 16:15 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Helden-Software
2015-08-07 21:22 - 2014-09-26 13:55 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-07 21:22 - 2014-09-26 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-07 21:22 - 2014-09-09 12:15 - 00000000 ____D C:\WINDOWS\de
2015-08-07 21:22 - 2014-05-11 14:28 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-08-07 21:22 - 2014-05-11 13:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scanned Text Editor 1.0
2015-08-07 21:22 - 2014-03-25 18:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-07 21:22 - 2014-03-08 23:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-08-07 21:22 - 2014-02-21 23:26 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Win (Unofficial)
2015-08-07 21:22 - 2014-01-21 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-07 21:22 - 2013-05-29 17:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-08-07 21:22 - 2013-02-15 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2015-08-07 21:22 - 2012-11-21 21:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2015-08-07 21:22 - 2012-11-06 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-08-07 21:22 - 2012-10-31 05:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2015-08-07 21:22 - 2012-10-29 12:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX350 series
2015-08-07 21:22 - 2012-10-28 15:05 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-07 21:22 - 2012-10-28 15:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-07 21:22 - 2012-10-27 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2015-08-07 21:22 - 2012-10-26 22:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7M
2015-08-07 21:22 - 2012-10-26 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-07 21:22 - 2012-08-17 02:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-08-07 21:19 - 2015-07-10 13:05 - 00004362 _____ C:\WINDOWS\DtcInstall.log
2015-08-07 21:19 - 2013-08-22 15:36 - 00000000 ____D C:\Users\Default.migrated
2015-08-07 21:14 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\spool
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\IME
2015-08-07 21:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-08-07 21:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-08-07 21:14 - 2013-02-15 15:47 - 00000000 ____D C:\WINDOWS\SysWOW64\xlive
2015-08-07 21:12 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-08-07 21:12 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-08-07 21:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2015-08-07 21:12 - 2012-10-29 12:01 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2015-08-07 21:11 - 2015-07-10 15:19 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-08-07 21:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\InputMethod
2015-08-07 21:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\IME
2015-08-07 21:11 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\System
2015-08-07 21:11 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-07 21:11 - 2014-09-12 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2015-08-07 21:11 - 2014-05-06 21:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2015-08-07 21:11 - 2013-10-23 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-08-07 21:11 - 2013-08-23 00:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-08-07 21:11 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-08-07 21:11 - 2013-03-18 00:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotydl
2015-08-07 21:11 - 2012-12-09 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-08-07 21:11 - 2012-11-25 00:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2015-08-07 21:11 - 2012-10-26 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2015-08-07 21:11 - 2012-10-13 11:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUSDVD
2015-08-07 21:11 - 2012-08-02 15:28 - 00000000 ____D C:\ProgramData\PRICache
2015-08-07 21:10 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-08-07 21:09 - 2013-02-27 07:58 - 00000000 ____D C:\Users\Gast\AppData\Local\Packages
2015-08-07 21:06 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-08-07 21:04 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Help
2015-08-07 20:36 - 2014-09-13 17:04 - 01149954 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-08-07 20:28 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT
2015-08-07 13:40 - 2013-06-22 14:54 - 00000000 ____D C:\Users\Kris\Desktop\Dateien
2015-08-07 13:33 - 2012-10-26 22:52 - 00000000 ___DO C:\Users\Kris\OneDrive
2015-08-07 13:31 - 2014-08-14 13:43 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-03 12:33 - 2013-06-21 13:43 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-08-03 12:33 - 2013-06-21 13:43 - 00137288 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-07-20 22:26 - 2012-07-26 07:26 - 00000402 _____ C:\WINDOWS\win.ini
2015-07-19 13:02 - 2015-03-23 13:01 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-17 20:58 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-07-16 19:41 - 2014-03-25 18:15 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-16 19:41 - 2013-05-11 21:32 - 00000000 ____D C:\ProgramData\Skype
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-01-19 09:44 - 2013-01-19 09:44 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2013-06-22 14:52 - 2013-06-22 14:52 - 0000068 _____ () C:\Users\Kris\AppData\Roaming\mbam.context.scan
2012-10-26 21:54 - 2012-10-26 21:54 - 0000021 _____ () C:\Users\Kris\AppData\Roaming\my_intel.sys
2012-10-27 04:48 - 2015-08-11 21:04 - 0000416 _____ () C:\Users\Kris\AppData\Roaming\sp_data.sys
2013-12-19 01:19 - 2014-03-09 01:19 - 0000205 _____ () C:\Users\Kris\AppData\Roaming\WB.CFG
2014-11-19 20:28 - 2014-11-19 20:28 - 0000037 ___SH () C:\Users\Kris\AppData\Local\70149b02515b3bb20dd492.47983420
2013-03-18 01:21 - 2013-03-18 01:21 - 0001470 _____ () C:\Users\Kris\AppData\Local\RecConfig.xml
2015-08-07 21:03 - 2015-08-07 21:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-03-22 18:19 - 2015-06-20 17:08 - 0000263 _____ () C:\ProgramData\fontcacheev1.dat
2012-11-21 19:50 - 2012-11-21 19:50 - 0000105 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2012-08-17 02:52 - 2012-07-30 08:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-17 02:52 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2012-10-26 22:07 - 2012-10-26 22:09 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-10-26 22:06 - 2012-10-26 22:07 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\fontcacheev1.dat
Einige Dateien in TEMP:
====================
C:\Users\Kris\AppData\Local\Temp\avgnt.exe
C:\Users\Kris\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmobeht.dll
C:\Users\Kris\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Kris\AppData\Local\Temp\ytb.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-07 20:58
==================== Ende von Ergebnis ============================
|
|
14.08.2015, 08:45
| #5 |
| /// the machine /// TB-Ausbilder | Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.08.2015, 12:11
| #6 |
| | Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem Beide Scans haben nichts gefunden. mbar-Log Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.08.14.02
rootkit: v2015.08.06.01
Windows 8 x64 NTFS
Internet Explorer 11.0.10240.16384
Kris :: MUEEMUII [administrator]
14.08.2015 12:04:08
mbar-log-2015-08-14 (12-04-08).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 521185
Time elapsed: 49 minute(s), 37 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
Code:
ATTFilter 13:01:45.0104 0x050c TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
13:01:45.0120 0x050c UEFI system
13:01:50.0236 0x050c ============================================================
13:01:50.0236 0x050c Current date / time: 2015/08/14 13:01:50.0236
13:01:50.0236 0x050c SystemInfo:
13:01:50.0236 0x050c
13:01:50.0236 0x050c OS Version: 10.0.10240 ServicePack: 0.0
13:01:50.0236 0x050c Product type: Workstation
13:01:50.0236 0x050c ComputerName: MUEEMUII
13:01:50.0236 0x050c UserName: Kris
13:01:50.0236 0x050c Windows directory: C:\WINDOWS
13:01:50.0236 0x050c System windows directory: C:\WINDOWS
13:01:50.0236 0x050c Running under WOW64
13:01:50.0236 0x050c Processor architecture: Intel x64
13:01:50.0236 0x050c Number of processors: 4
13:01:50.0236 0x050c Page size: 0x1000
13:01:50.0236 0x050c Boot type: Normal boot
13:01:50.0236 0x050c ============================================================
13:01:51.0346 0x050c KLMD registered as C:\WINDOWS\system32\drivers\75457635.sys
13:01:52.0377 0x050c System UUID: {9D4BEE60-AB83-536C-A0DC-D94CF4FF169F}
13:01:53.0125 0x050c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:01:53.0141 0x050c ============================================================
13:01:53.0141 0x050c \Device\Harddisk0\DR0:
13:01:53.0141 0x050c GPT partitions:
13:01:53.0141 0x050c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {2D22DFE6-17ED-45E8-9216-EDEE25249482}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x96000
13:01:53.0141 0x050c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {863E5167-A350-4CEE-B2F0-4B87767B7123}, Name: Basic data partition, StartLBA 0x96800, BlocksNum 0x12C000
13:01:53.0141 0x050c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {32B8CFDB-011B-42BC-B40B-74B9EC526227}, Name: Microsoft reserved partition, StartLBA 0x1C2800, BlocksNum 0x40000
13:01:53.0141 0x050c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7CFAB646-CA05-42CD-942E-080BDFD6F2B7}, Name: Basic data partition, StartLBA 0x202800, BlocksNum 0x378D4000
13:01:53.0141 0x050c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {7F77E032-4931-41AF-B664-1F1F04C2F490}, Name: , StartLBA 0x37AD6800, BlocksNum 0xAF000
13:01:53.0141 0x050c \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A5850935-CE1C-4F99-8B11-C466C7E18921}, Name: Basic data partition, StartLBA 0x37B86000, BlocksNum 0x2800000
13:01:53.0141 0x050c MBR partitions:
13:01:53.0141 0x050c ============================================================
13:01:53.0157 0x050c C: <-> \Device\Harddisk0\DR0\Partition4
13:01:53.0157 0x050c ============================================================
13:01:53.0157 0x050c Initialize success
13:01:53.0157 0x050c ============================================================
13:02:53.0832 0x3280 ============================================================
13:02:53.0832 0x3280 Scan started
13:02:53.0832 0x3280 Mode: Manual; SigCheck; TDLFS;
13:02:53.0832 0x3280 ============================================================
13:02:53.0832 0x3280 KSN ping started
13:02:56.0150 0x3280 KSN ping finished: true
13:03:00.0356 0x3280 ================ Scan system memory ========================
13:03:00.0356 0x3280 System memory - ok
13:03:00.0357 0x3280 ================ Scan services =============================
13:03:00.0547 0x3280 [ 22CE801AD25C51E2553F41A076BB0CB2, 0520216417F1619FB642734EC937C59D5E79A24306C1E9B793C82FAE077851E6 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
13:03:00.0681 0x3280 1394ohci - ok
13:03:00.0712 0x3280 [ 2C49A2441EBB24C6ACFB524C1459115F, 0ABACB6F21C41C0297994E61F1BFABB3905AF6B569D0446FE8E174EB9225B8EF ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
13:03:00.0726 0x3280 3ware - ok
13:03:00.0784 0x3280 [ B87D3D07FE6F15328C6860D542F0E2BD, 46CF069EDD7DBFB4DB800BABA3081DAB363DD2CFD724AFF5916D3419F62A3574 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
13:03:00.0808 0x3280 ACPI - ok
13:03:00.0860 0x3280 [ 1E3C4EDBB7F3F668B7205E351010BB79, A3CA12F72836C4F77B671264828B370B9EBA9CD71110E2C0514994760B6B12FF ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
13:03:00.0873 0x3280 acpiex - ok
13:03:00.0897 0x3280 [ 13B1C26AEDCB40082CDD97506F968129, 883442206B4C60AA493E84CC3037B6C1568441E1F43D2B1FCBFD8D87D135D511 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
13:03:00.0928 0x3280 acpipagr - ok
13:03:00.0978 0x3280 [ B3D64FF927D611721DA73A61BF3A18B3, 96B51AFDC3078B5088AAF66F0CF3E07D2FCBBC84A19D309A25DF0A5C6CECB958 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
13:03:01.0051 0x3280 AcpiPmi - ok
13:03:01.0108 0x3280 [ 19F793B2203D94AC1F8AEDB08B494E2E, DC98CCF9935E1F1C32FA88575A9A678B74916EFF48E39A64CF1FF92232F64A52 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
13:03:01.0172 0x3280 acpitime - ok
13:03:01.0195 0x3280 [ D0B11E40EA74A98A5E133DF1F5276240, BAD5885CD8CC271D59DFA95159EFC3AC36D2BA11B6DA593AAED0C45F1C2F280F ] acsock C:\WINDOWS\system32\DRIVERS\acsock64.sys
13:03:01.0227 0x3280 acsock - ok
13:03:01.0245 0x3280 [ 8AE666DCB47977A2E9344BEFB3AB47CD, B2F79976408B9CA27D01080D7A240450CA373DEF61EE5A30319DF0FEC56615B9 ] adgnetworktdidrv C:\WINDOWS\system32\drivers\adgnetworktdidrv.sys
13:03:01.0254 0x3280 adgnetworktdidrv - ok
13:03:01.0380 0x3280 [ FE392E13FB5C8BE2CE9128449885BCB5, D5A62598B0B4348A626D92FD2FBBF9D00F593587E2AACC93BB18136662FBD8C5 ] Adguard Service C:\Program Files (x86)\Adguard\AdguardSvc.exe
13:03:01.0387 0x3280 Adguard Service - ok
13:03:01.0431 0x3280 [ 2A24E10C1A1DE0E0035E353EED494A1C, CBBFA86578BE74CAADDCA923D65E3BFFC57BC17B887936ADE5C6952530546A22 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
13:03:01.0469 0x3280 ADP80XX - ok
13:03:01.0527 0x3280 [ 6C12C7E01A4F64E0AA9C88AF66955CC9, 81A413702909341F8694823EC83FBA0089523D7EC927B80E55E0779BB83AD263 ] AFD C:\WINDOWS\system32\drivers\afd.sys
13:03:01.0551 0x3280 AFD - ok
13:03:01.0563 0x3280 [ EF09D07626820F7F89519514C17FE768, C3EC1DC163CD5946270ED876CD414889BBF2C586A8AF5DC7825FA5D77001E827 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
13:03:01.0574 0x3280 agp440 - ok
13:03:01.0591 0x3280 [ 8A289EF0721F95267BF2404BABEE146D, E263D258F03DF3BB405D49AE7230C37E7EB8F392FDEE48059C7C1E3709520D35 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
13:03:01.0676 0x3280 ahcache - ok
13:03:01.0705 0x3280 [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger C:\WINDOWS\system32\DRIVERS\AiCharger.sys
13:03:01.0712 0x3280 AiCharger - ok
13:03:01.0759 0x3280 [ C301499987AF909258774AE9DC5778BB, 3ED539C999847116AE9DB9C8C5A34AB09703BAE3018E1EAF6DBC779BB6736F32 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
13:03:01.0824 0x3280 AJRouter - ok
13:03:01.0861 0x3280 [ DD69535D379F9E40AD0D6002887AAA99, 579DD18CE2B264B4058C6069B8AEE6FD9FE6A882B7DA19E300DFE40B37A4E5BE ] ALG C:\WINDOWS\System32\alg.exe
13:03:01.0937 0x3280 ALG - ok
13:03:02.0089 0x3280 [ 5EE5E5DF9E92B3A5581B9DE7DCC05972, 6AD4D98F00C2B454807450EDB9ED3545BA91B608A853A59BDE7282808CBFF6B0 ] AllShare Framework DMS C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
13:03:02.0136 0x3280 AllShare Framework DMS - detected UnsignedFile.Multi.Generic ( 1 )
13:03:04.0472 0x3280 Detect skipped due to KSN trusted
13:03:04.0472 0x3280 AllShare Framework DMS - ok
13:03:04.0500 0x3280 [ 6763084E8322A4876D1613854640F914, 89EEEB47517A9964FA799821E5E45BDD6009EBDC628D6DADE6A7F03DE7CDA6CD ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
13:03:04.0571 0x3280 AmdK8 - ok
13:03:04.0615 0x3280 [ DE29D8AB57AD67D4940CAB4A48B3E230, 4E92AFCD9107573DAB8E65AC6318E4B8851DCCBE17E135DFF8CF5733210B52E6 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
13:03:04.0644 0x3280 AmdPPM - ok
13:03:04.0662 0x3280 [ 4C1F9BBAF5CCD76D4642F3B92B97B454, 514CCAA8B586B1019658BE101046386EB727AD48D7913AEF9A168763E91F0DE5 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
13:03:04.0673 0x3280 amdsata - ok
13:03:04.0698 0x3280 [ F8195C1A15955180DD663E7FF4C2F6DD, F3C0C6B38FB9478217EE25EBDBDF7A18F01B97655BC38373E70E71171705D5E9 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
13:03:04.0714 0x3280 amdsbs - ok
13:03:04.0733 0x3280 [ DD2F5BBCFAC4D8E48DB1A95A7EEBFF08, 619E3106072C6F785144D785C4AFB4C607CAF7ED29AAA4A1411BE262E62B7ADE ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
13:03:04.0745 0x3280 amdxata - ok
13:03:04.0825 0x3280 [ 9FE1AC875A7AD7B7FF28FEC8B754968D, EEE04D4073E49332C85028B62E8A035EAA2284526A3F3820133492C8F8CBA3D5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
13:03:04.0850 0x3280 AntiVirMailService - ok
13:03:04.0890 0x3280 [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:03:04.0939 0x3280 AntiVirSchedulerService - ok
13:03:04.0979 0x3280 [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:03:04.0995 0x3280 AntiVirService - ok
13:03:05.0099 0x3280 [ F857D22CEC14854D310C5596C8CE6006, 67448C506D3171D327A6CE3952E41BDC65587FEB45F510160A1DAFCA9491711E ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
13:03:05.0133 0x3280 AntiVirWebService - ok
13:03:05.0172 0x3280 [ 46AAF119090573A80D603745582229ED, 8D7C4AED66DD32A104965DC23D17C0815CD1BE2E3D52375C1A63863664EE174F ] AppID C:\WINDOWS\system32\drivers\appid.sys
13:03:05.0185 0x3280 AppID - ok
13:03:05.0237 0x3280 [ 24315B385F515D6D5476757EAFD62633, CE645397BF43CC54B864A0E4FCB86F76C10B9C2D2482E85DBBE15EF7BF045F17 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
13:03:05.0310 0x3280 AppIDSvc - ok
13:03:05.0370 0x3280 [ 2CE396457D5C18F034D243EC7E159010, DDF588A568DF5EAE058DF315535BD746760363E2242EF8C705F8DCBA2D5DA4A7 ] Appinfo C:\WINDOWS\System32\appinfo.dll
13:03:05.0401 0x3280 Appinfo - ok
13:03:05.0591 0x3280 [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:03:05.0598 0x3280 Apple Mobile Device Service - ok
13:03:05.0663 0x3280 [ A8AC0B8ED134888731D1A1BCEF930FA1, 917D2C99CB28C5F20BA386148B6A93541AEF900A9A99D310D732B501322945E5 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
13:03:05.0784 0x3280 AppReadiness - ok
13:03:05.0871 0x3280 [ 0D4420CD428338C5E8806DBA4063E4B6, CDBE84EC7680163BA59955A15C62ADCB45D082591B60F71F3ED197139A6AD504 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
13:03:06.0020 0x3280 AppXSvc - ok
13:03:06.0061 0x3280 [ 0756EECAC010BE449D07502DF27E7701, 6A895CA80050D021DB5E130102F626027339A22673B7C15C51A375C0401F03D2 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
13:03:06.0074 0x3280 arcsas - ok
13:03:06.0132 0x3280 [ FA713019412C061385F09BD373BF747A, 83ED108FEE95BA7CBE87C845154F97FCB4597F9D9BEC1F802B92D8994BD5931D ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
13:03:06.0139 0x3280 ASLDRService - ok
13:03:06.0146 0x3280 [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
13:03:06.0152 0x3280 ASMMAP64 - ok
13:03:06.0190 0x3280 [ 6A122B4F0E5293CACFA8A5F2CBA9B356, 9D69076B697BEE8742E32EBEF1802D829DEA6B1D93AF485D11CC89A08CA4D809 ] ASUS InstantOn C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
13:03:06.0200 0x3280 ASUS InstantOn - ok
13:03:06.0217 0x3280 [ A5792F971EFE86B7F56EE7299ED1082B, 82DCD15E2C9D8A3EA663941C9CE73020FEEF2F91354D0BB51E8A142AA1E30217 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
13:03:06.0281 0x3280 AsyncMac - ok
13:03:06.0297 0x3280 [ 8921DF6060DB5C7700AA48CB12E9EA08, 8F18841B454CDE4926C50B23F818D00ECE0AE884DB198E396445CB44CB39B2C4 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
13:03:06.0307 0x3280 atapi - ok
13:03:06.0444 0x3280 [ B9875A03DC4D9496CF84921E47BD9499, 41F9A9CD0894684A5473DD0C12BAD6F8322CA68127DDE948E31F515A521D6A53 ] athr C:\WINDOWS\System32\drivers\athw10x.sys
13:03:06.0636 0x3280 athr - ok
13:03:06.0658 0x3280 [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
13:03:06.0665 0x3280 ATKGFNEXSrv - ok
13:03:06.0701 0x3280 [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
13:03:06.0707 0x3280 ATKWMIACPIIO - ok
13:03:06.0749 0x3280 [ 9BD46423250EE6D39A2647B7BB89BFC3, 4D8499F5E170E42C22932FA519444A8A37190D7DFA0F449F016436ADEBC85865 ] ATP C:\WINDOWS\System32\drivers\AsusTP.sys
13:03:06.0758 0x3280 ATP - ok
13:03:06.0813 0x3280 [ 240FF83DD79546B26F187FAB20F83864, C4DC0159016B4A4630357131E614814C068D07BEA94AAF6393E882A78C9FCA1E ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
13:03:06.0914 0x3280 AudioEndpointBuilder - ok
13:03:06.0971 0x3280 [ 5D6D5DA39A402AE7B05047781699ABDE, E3E4A7BA6E92190F9D9D6AD9AE084E293D2E271089CA78503AD72D7F39492459 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
13:03:07.0069 0x3280 Audiosrv - ok
13:03:07.0107 0x3280 [ A900ED612B02CB3A2A8028866ED62E72, 0A93B04E8796AC6F1B6C8C858F717A4C73C11BC0C99BF285A486E57DB30D7965 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
13:03:07.0117 0x3280 avgntflt - ok
13:03:07.0133 0x3280 [ 45061BD6F11B80BF1C07A9253A659BF1, 9A1AFE963672E23F3C19FACE2CEB64766C964B165ECB26F36B6FB5730CEAFD2D ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
13:03:07.0143 0x3280 avipbb - ok
13:03:07.0216 0x3280 [ 4B3DBF1CEBE1B2346BF2F8D2251F641A, CDC5BCA35BE658007E29E94E7FBFAA499B50929E738A12904397D16268C6FBAE ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
13:03:07.0226 0x3280 Avira.ServiceHost - ok
13:03:07.0259 0x3280 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
13:03:07.0266 0x3280 avkmgr - ok
13:03:07.0314 0x3280 [ 83586138F23A4C284EB68AFC852D7AFA, 9ADE8924B4518ED0A8E3FC4CC3F9964BC05B5FF67F230A7FD0BDABCFFA0BB0C8 ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
13:03:07.0321 0x3280 avnetflt - ok
13:03:07.0362 0x3280 [ 2F7F80543129210CA75995D0DCA488E8, 353E598FF26FA363C02A2B44BA8D7D1ED97B8AC8C69F1B5C5D521BD0D5D5AB94 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
13:03:07.0395 0x3280 AxInstSV - ok
13:03:07.0443 0x3280 [ 00D64E82900E4EC9062805ED87C2D75A, 577110F9A7C6C2C4CF86FFF4F60E23F61623ED325FC950033900A5102754A677 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
13:03:07.0466 0x3280 b06bdrv - ok
13:03:07.0487 0x3280 [ 5164A66EC1565711A7B4CF2F143B4979, DA29F0FB63F3EB2BF92D51FEB4BB7D2B964553D2F634556325953927464CB3A5 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
13:03:07.0570 0x3280 BasicDisplay - ok
13:03:07.0587 0x3280 [ F4C58BBF2972BD84C73F6A14CA35AC4E, B7A226EB861B63ACF4BF9B5A331ACA6FFC9B787DCCAA7697EEFC4F634508A6D5 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
13:03:07.0605 0x3280 BasicRender - ok
13:03:07.0647 0x3280 [ 25349D0B334E528667980948ED107D89, 70EF9D3B8DCAC6E9720C6F3EBC77392FADC182A6925F9024FE30A21321E0137F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
13:03:07.0654 0x3280 bcmfn2 - ok
13:03:07.0713 0x3280 [ DF78B56EEE6004DEE8CE57763128075E, 5758CAF4B0182F3F2E2508B3BB58B0271F2689808D09675B2753FE373D1D77D2 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
13:03:07.0802 0x3280 BDESVC - ok
13:03:07.0848 0x3280 [ 1E8A9267F8886803AAE02982FC1B5BC4, 655DF84E037BD6E582A6BA89737A4388956219171AF7253D126E54A23F16BE59 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
13:03:07.0914 0x3280 Beep - ok
13:03:07.0970 0x3280 [ 7FAFFFC4C59F5010D6E7CEA152076B92, 945FD6C04E109D4E5A4164BAA9A8120EC85AB809555AAD83E61B9F179F976FD7 ] BFE C:\WINDOWS\System32\bfe.dll
13:03:08.0060 0x3280 BFE - ok
13:03:08.0114 0x3280 [ BD60F5633F6BD617D9ECCA3FFDC0D37E, 2F0DECAEB7096CD628387263381E123C883F483BD87F7F2BA6DEFBB5A184BAA3 ] BITS C:\WINDOWS\System32\qmgr.dll
13:03:08.0264 0x3280 BITS - ok
13:03:08.0304 0x3280 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:03:08.0318 0x3280 Bonjour Service - ok
13:03:08.0333 0x3280 [ C9FD65687EF89715999C582D3E568812, 42BA59A78A47C510CB2AFDC6C6080B33F9F611F84FEE5262DFF16D7633C50EB1 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
13:03:08.0406 0x3280 bowser - ok
13:03:08.0470 0x3280 [ EB4F4B88DF20C7B134F33A64EFD56BED, 7C32485FDDEEA23760DF24FC9576FBA11330C5BBA9053869FDAA9AD8A16B1610 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
13:03:08.0535 0x3280 BrokerInfrastructure - ok
13:03:08.0571 0x3280 [ 2AAD720B32904B97EDD8C3211344F79E, 41B1AEA5FAA48033B2581E18D68EFC986C3D65B383847E250C054CE3133A893C ] Browser C:\WINDOWS\System32\browser.dll
13:03:08.0649 0x3280 Browser - ok
13:03:08.0676 0x3280 [ F8DD3B0EAC1EF1D087AE47E5819540AC, 866C951B52E3202AC89552AEA72A45123367199335578F03815E2ED55DA2FDAE ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
13:03:08.0739 0x3280 BthAvrcpTg - ok
13:03:08.0769 0x3280 [ 647E2A425AD43637EAA01096A58B7089, 8F76D024FEBCBA1AC54363133DE1E0DD5B9D696E5E688EFEBC3B79F7F1B9C568 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
13:03:08.0904 0x3280 BthHFEnum - ok
13:03:08.0933 0x3280 [ B95040CAD3434D9EE003065363A0FAFF, D441E0676EA1AE1ABC305732024311CA59715E6763B3D7ADB728DEEFC403E182 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
13:03:08.0963 0x3280 bthhfhid - ok
13:03:09.0032 0x3280 [ F334BF7B0737CEB3B6822631EAD55A87, 4E5AEB1F8E109BA01A5D1CDE2E3C677FF07F2AFE8B195CB5F82AA28816D2060E ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
13:03:09.0054 0x3280 BthHFSrv - ok
13:03:09.0081 0x3280 [ 29AEE352AED4FCD2191436D263D75347, 3D21262EA26BF423BFA4A9146E53F8B036B2A1157DBE91A11C5603AF7A670B6F ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
13:03:09.0114 0x3280 BTHMODEM - ok
13:03:09.0153 0x3280 [ 26DD0127A05B333E36316E6EA9A6AAE2, A2DC4483FF5639EE8DD315AB2989865CA6A6992C578FD7F7D31698A015355941 ] bthserv C:\WINDOWS\system32\bthserv.dll
13:03:09.0229 0x3280 bthserv - ok
13:03:09.0244 0x3280 [ F34AD5A9F944D91BD285D1C29EEECB2B, 2EDA8C481B7F7F49AC8399485AE7C2D182568EE2E62394DC78C9A821ADAEA5EC ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
13:03:09.0312 0x3280 buttonconverter - ok
13:03:09.0326 0x3280 [ A10A1E05A943B10ECE5D57D131B7404D, 71BB816B6841001A4305DF1814926B639265E91895CA5D06284B0970E40CE386 ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
13:03:09.0351 0x3280 CapImg - ok
13:03:09.0390 0x3280 [ F2829DC6D292DCAC5029893BB2E9FEE3, AF2A25722D3BE37BABD1F6668786AAF39E9D6CA18CE8E845E63266E218C64526 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
13:03:09.0416 0x3280 cdfs - ok
13:03:09.0466 0x3280 [ F3A9E38AE23AD4015764AF89E4AE3519, 57ED6AC834177E128720FEC5B5793F35C7C36474E2D787F182B6730933222CC9 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
13:03:09.0545 0x3280 CDPSvc - ok
13:03:09.0571 0x3280 [ CA160E02F35A61C6F5C681FB4669C519, E6BC66156EE226F16804C4FDC8A60EB15CE6212EAFB9FB841FAC899979E140E2 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
13:03:09.0596 0x3280 cdrom - ok
13:03:09.0650 0x3280 [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
13:03:09.0676 0x3280 CertPropSvc - ok
13:03:09.0717 0x3280 [ 60D7D304DF75DFF6A46CF633F583B592, 4141D8D1C6FE829C02053DA91AC6B0628BDEB3322CAAD4AD958190F9D173340E ] circlass C:\WINDOWS\System32\drivers\circlass.sys
13:03:09.0729 0x3280 circlass - ok
13:03:09.0770 0x3280 [ FF9D4BCE19E5D36CB3A845A3286DA6C3, A0E2C38D629359EEC6F8EEC6F92A3E571AEF018BAF259F395DC497ED4827460B ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
13:03:09.0789 0x3280 CLFS - ok
13:03:09.0853 0x3280 [ 5C4648673693724C8D4A1A92E1AA06E6, 5D548241715687BFA52E40B867EF73CB45D01B7F9A9B7F00B92BF2B4C97BE1D0 ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
13:03:09.0879 0x3280 ClipSVC - ok
13:03:09.0901 0x3280 [ 8EBA63416EC166EBA6EF6D34A505D8C8, 5EB0236ABEA2277B71D9F009DA71934C618606B20BBEC07B8595195E40C12A2B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
13:03:09.0963 0x3280 CmBatt - ok
13:03:10.0014 0x3280 [ 3B64DA873CEA5BEC42570BFF1054A014, 3649B25855CB9BE5BA3B3FEE4221575381FB2D488B8B050B5DD0088386AA0F7B ] CNG C:\WINDOWS\system32\Drivers\cng.sys
13:03:10.0039 0x3280 CNG - ok
13:03:10.0057 0x3280 [ 5EEA0856000F81B3D709BC81B3AA1EF2, C04E4E31D3FC38102BA410D312F58AF848920EE37004A5C306D79229C9B6079A ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
13:03:10.0068 0x3280 cnghwassist - ok
13:03:10.0144 0x3280 [ 74CD3BF688E2B408227FE012A2F2D8ED, CC01AC79CEB9DC94FA5675D66F048928C9968B8944E34F5482A73C14B70EE8A8 ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys
13:03:10.0171 0x3280 CompositeBus - ok
13:03:10.0175 0x3280 COMSysApp - ok
13:03:10.0216 0x3280 [ D38774D1D383A2CDB9A4F64B7206913B, 6CDDC46D1D431342F00CA537FC327B23B8AA4D513CEEEE61F3E19C77975DF9C8 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
13:03:10.0266 0x3280 condrv - ok
13:03:10.0327 0x3280 [ 5C2C63BC5CE4A753C16CED512F91A04D, 4ACFA702B4CD7E30525D9595533E6B8EACBFF7F38EE7A05E8AC087BB229AD9D4 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
13:03:10.0357 0x3280 CoreMessagingRegistrar - ok
13:03:10.0476 0x3280 [ 0781DE74790BDBB9A7B9EF6CAA62B4E0, E25D6B8E35B01CD57CDE473EEB243E228B8BF314B7324A306720C12DE28EB4FA ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
13:03:10.0580 0x3280 cphs - ok
13:03:10.0615 0x3280 [ 35DB06AACD8AD5999161DA71FF0E16F0, 22AD27811AAD14666ACEF4115447B0CFAA70D1E73923059FB2A9B4C3CBE500A6 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
13:03:10.0680 0x3280 CryptSvc - ok
13:03:10.0729 0x3280 [ F038EAF73AAB72A4A89185A5A7B9FD75, 8213A60B3BEAFC1C554C5D049DFE3C6E44CEFE639EDD6A335AC18A9DAEDA2D4B ] dam C:\WINDOWS\system32\drivers\dam.sys
13:03:10.0740 0x3280 dam - ok
13:03:10.0791 0x3280 [ D06E443457FADC6B1AFAF3AA4B6936F6, 109B4D05E156604AFB3D63B380CC063B900AEB12F57A1D235B9F9399EE0909C7 ] dc3d C:\WINDOWS\system32\DRIVERS\dc3d.sys
13:03:10.0802 0x3280 dc3d - ok
13:03:10.0895 0x3280 [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:03:11.0022 0x3280 DcomLaunch - ok
13:03:11.0075 0x3280 [ 0605AB12BF1856DF21AB708F28EA91CF, 3A6A7F8F84044DC1EA490A007E6DBC52203BA237ECF1B845961D9BB95E9BF8C8 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
13:03:11.0106 0x3280 DcpSvc - ok
13:03:11.0171 0x3280 [ BABB7BB5AD3CECFF466E6080F43CFC58, 1B8FF66557EC4C749156ED6DACC4D61D5DC4E25DD58F6DB3713C356214B80FDA ] defragsvc C:\WINDOWS\System32\defragsvc.dll
13:03:11.0211 0x3280 defragsvc - ok
13:03:11.0261 0x3280 [ 63C9464B165D31ACC46B6B089AB36B41, DE38DE4E6331D07630B63224F8014C27368C29791EDB58CC5DAE7CBACD37160A ] DeviceAssociationService C:\WINDOWS\system32\das.dll
13:03:11.0299 0x3280 DeviceAssociationService - ok
13:03:11.0338 0x3280 [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
13:03:11.0357 0x3280 DeviceInstall - ok
13:03:11.0405 0x3280 [ CF3895DD260ADE05BC91D8FBE0A82907, D7D8A29E873BE5C3832C9264F0165F6CD50D42ED0E04B0FCF07F054793092334 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
13:03:11.0473 0x3280 DevQueryBroker - ok
13:03:11.0507 0x3280 [ 25435407D97419627F4B10653433BF2B, 5429B0DB7C5302E9A6AF92C046637183D4147D4A206963ABEA3A611214D6AB04 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
13:03:11.0533 0x3280 Dfsc - ok
13:03:11.0588 0x3280 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
13:03:11.0611 0x3280 dg_ssudbus - ok
13:03:11.0669 0x3280 [ E59C209F1F633C1AEAF151B2CA46BBAA, 6A4DA927418B56A228CC8D9DFA3351B2B53A9328F5C56C10F0C7B19974B2ED89 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
13:03:11.0755 0x3280 Dhcp - ok
13:03:11.0833 0x3280 [ 95AA7877FD4161BFBC8493F9279B1901, F6B7DF75D763A89901BD12454BEF92D161B392F721B8568505073929D9F419BD ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
13:03:11.0862 0x3280 diagnosticshub.standardcollector.service - ok
13:03:11.0933 0x3280 [ F96AADEF864DA2E52C45DE1498B18753, 19FF8EA929D21E4C223E5F9383DCE83E15E6815D5356A343DD6D9EACF29F1560 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
13:03:11.0983 0x3280 DiagTrack - ok
13:03:11.0997 0x3280 [ FDCD449AE9E75D7690593D16ADAF4DB4, 3366C4BDB031EB525F85850E903C46802A2AC762C0772C6F6E543DDA4AF1E9D5 ] disk C:\WINDOWS\system32\drivers\disk.sys
13:03:12.0009 0x3280 disk - ok
13:03:12.0059 0x3280 [ 8E481EDF066552D551613EC9FE7D179F, 96E955CA82B4CDEC00ED08003FDC8DD61E685F421912EDBF7B0DA740048416F9 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
13:03:12.0117 0x3280 DmEnrollmentSvc - ok
13:03:12.0154 0x3280 [ F10A8F6D036CEDD14A5471782C52F041, E0DA3C4F76DBBEAED549375E57819F8825B33A118F7674D417D294054863F648 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
13:03:12.0217 0x3280 dmvsc - ok
13:03:12.0245 0x3280 [ 7228733177F673B4D51BD1AA082D47C1, DBE155CDCFAA7C32407A207F637F252FA0CE30F1DE7E7DBEC42DB37FADB5BFA7 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
13:03:12.0264 0x3280 dmwappushservice - ok
13:03:12.0313 0x3280 [ 592E41B3C11CA12203D3708AD8FC3D37, 6C69D5D603FBF038C069EDDCE29F7C6A60CAAE58B985AB218E1497F2BA934D42 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:03:12.0339 0x3280 Dnscache - ok
13:03:12.0399 0x3280 [ 6184C7A2F12625C108AEFD3A43429967, 689153F319BB1013FF60F71317E8380A6945EEE8141EDBDD6B185A966E23BB93 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
13:03:12.0425 0x3280 dot3svc - ok
13:03:12.0445 0x3280 [ A616D8297C1BEA690BBC796736A7A78D, 9365470F4609606410AD79D98E1E77D815DC7C5AA924FB639FCF713EE8EDEA76 ] DPS C:\WINDOWS\system32\dps.dll
13:03:12.0524 0x3280 DPS - ok
13:03:12.0561 0x3280 [ 45771610FF181434073B5A0A00F20F8D, 6A17DB09AA6D021F000F7315317235E1FCF41FD58EA7DF81A7C9F5A6DE999984 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
13:03:12.0571 0x3280 drmkaud - ok
13:03:12.0618 0x3280 [ 00D9A948FB7344C62CEBED88E50EE39A, EF33FE7FB34DE571F3956C1F7AC8EFAA25BFD9F3AFA3ECD25DD34C5890873245 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
13:03:12.0700 0x3280 DsmSvc - ok
13:03:12.0765 0x3280 [ F2328181D289CE83E9979733EAB6742A, 73B1CDA6ED8C42B36126909F1335B72126A5DDC6FC7CE8BA2CA274A2B92E82FD ] DsSvc C:\WINDOWS\System32\DsSvc.dll
13:03:12.0786 0x3280 DsSvc - ok
13:03:12.0868 0x3280 [ 310334DAF2C455744703E2D582942DF3, C25C42B4C5BA3456DCB2C24546D7E38A9F5321992B81138A8BDCE021C4BE6D13 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
13:03:12.0925 0x3280 DXGKrnl - ok
13:03:12.0983 0x3280 [ 6E36BDBB46DF7F865D0DD30663AE3891, 98967B01EA450AD4D5FE8085F710359C022D783B839A51BD4A266718156B01EB ] Eaphost C:\WINDOWS\System32\eapsvc.dll
13:03:13.0014 0x3280 Eaphost - ok
13:03:13.0129 0x3280 [ 3070013B01EDA42C7EB67D731340C396, C083CA05650750876E70CB6AB51D5C047C06098C2ED86B083A74C97830247BFC ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
13:03:13.0252 0x3280 ebdrv - ok
13:03:13.0298 0x3280 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] EFS C:\WINDOWS\System32\lsass.exe
13:03:13.0310 0x3280 EFS - ok
13:03:13.0360 0x3280 [ 59EE187E333EE9914DD9BEA5F4E0D85D, E34BB8075E38FC6AEC056323C6E3B5B4E7041EE6F4D51699B706DEEA18BDB911 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
13:03:13.0371 0x3280 EhStorClass - ok
13:03:13.0398 0x3280 [ 9297F1CC486F24BDFD2874156AC5430F, 1AF8689ADE4E658FC9418F7886B6C19F7D005EAB2AEF9B0E14FC81C61A74CECF ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
13:03:13.0411 0x3280 EhStorTcgDrv - ok
13:03:13.0447 0x3280 [ 44CE3346DBB530FB4A529854CC68DBFC, D9422E07E3FB8A9895C120F720D6EB7D6484C813E6FF75DDC17B8CB95672F3A9 ] EkaProt6 C:\WINDOWS\system32\DRIVERS\ekaprot6.sys
13:03:13.0455 0x3280 EkaProt6 - ok
13:03:13.0499 0x3280 [ 9E8FF6B95FD420FA9E40BE548E5C8D92, 8825B81418335D03CFAADB792C1466023C459BE489ACACBD6686FFB544F22D30 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
13:03:13.0531 0x3280 embeddedmode - ok
13:03:13.0556 0x3280 [ DC2F91EAE9A28FA8C6610A9B7701B70D, 480DB509BF944AAC3617594F1245B4603069DE39186BC1FA7EDB8E0536B05E79 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
13:03:13.0628 0x3280 EntAppSvc - ok
13:03:13.0658 0x3280 [ F7FCCA6300485EF60CEA6D991D6C8C78, 24080D80CF1FD678DF4C9CAE70F65F8D9232F5F6A6F2B73A77B5E3C91E6505F3 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
13:03:13.0682 0x3280 ErrDev - ok
13:03:13.0730 0x3280 [ 2093F65AA84478E28C8E9D05BC413845, 086D4E0D4B993F4041AA8A9DCBEEDB53BD05B88E2BEFB218837FB10FACDF4233 ] EventSystem C:\WINDOWS\system32\es.dll
13:03:13.0783 0x3280 EventSystem - ok
13:03:13.0803 0x3280 [ DCCDC3F35F0618692117DF90800A4284, B636B2A39AE89A9C2CDE17EC52DA669DA8AA9E2B04CA5CA19926DA8009655244 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
13:03:13.0878 0x3280 exfat - ok
13:03:13.0932 0x3280 [ 435FC0D25ADFD1A2FBA8C98BD4D79E23, F89D02518923D5AAB4A63686F26EE6118584AA9641D2C0B5B1AE4A728D5C06A4 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
13:03:13.0948 0x3280 fastfat - ok
13:03:13.0994 0x3280 [ 046FC9CF53A91E2FBA498CA7B0C3B028, BCFB06DF53065706DD6287E8C47BF5047F8A1E33981E1881E6ED7510337F5BC8 ] Fax C:\WINDOWS\system32\fxssvc.exe
13:03:14.0083 0x3280 Fax - ok
13:03:14.0111 0x3280 [ 4E4B7D935DBF522B2F23D3573596181D, 9D0EC9F65920EE0FFFB2D49C58E4D5151C8CEEB7AA82543D226E4B84EEE4B3F0 ] fcvsc C:\WINDOWS\System32\drivers\fcvsc.sys
13:03:14.0139 0x3280 fcvsc - ok
13:03:14.0155 0x3280 [ 583EB1C7690E361213BBD0472155128B, 5F5871490A6DAC4A824F4428941AC86FBFA9AA349B99B5D9544E5D62EB459FA8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
13:03:14.0176 0x3280 fdc - ok
13:03:14.0221 0x3280 [ 94B1A46EDD335F0C54C7BDAFC43348E6, 58073D58D0BE7389C2A4736AFE108835E5AE9C9950FF630644F585C99B964043 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
13:03:14.0250 0x3280 fdPHost - ok
13:03:14.0261 0x3280 [ BC855BB7DFE06F27F78E0EB2A8CCB70D, D16C3DAB99C16B077BA5DA5E9E0646B0B9237B00ABAE867D9F81A2D072D583B1 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
13:03:14.0282 0x3280 FDResPub - ok
13:03:14.0296 0x3280 [ F1125F20D56F28DDCD1A6F3E81EB4F5F, A6620ECCB15FAA70E4A43ADA4CE82CF97D708B6FA07F3FAED276359E7F92FD0F ] fhsvc C:\WINDOWS\system32\fhsvc.dll
13:03:14.0326 0x3280 fhsvc - ok
13:03:14.0369 0x3280 [ CDFD81CACE0E11596A3BB61EC4CF6467, 569FA86A215B054131AA9AFEECFEE7FD7143DCFFE275B84196004AEA538B2476 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
13:03:14.0389 0x3280 FileCrypt - ok
13:03:14.0407 0x3280 [ 3F02FEDAE894CBF4BAADDF8C8E1D53A8, DA32ABB1CDA867B8456C46F8581FA7F3A8D8B89D9F6E7422F51941D5FFA15B13 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
13:03:14.0420 0x3280 FileInfo - ok
13:03:14.0467 0x3280 [ 2824933386E30DE5BA089DF539CE19A3, 7B33E514576C68B444AE99CBA1360EBFAE8A46EEE5C01F4EE4CF471A712AB148 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
13:03:14.0499 0x3280 Filetrace - ok
13:03:14.0510 0x3280 [ 6A598249640F8BEDD79EC73917E1664F, A675238EA19E6632CDEB4EEFF7CF509EAAEF76AD8DFD247664E5607555D9CEE1 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
13:03:14.0525 0x3280 flpydisk - ok
13:03:14.0536 0x3280 [ 44B6A6832134DF651E887E941478CA35, FCF4EB726D00F5A17DD66C81CFDA49427281C94CF9CA2008397D591AEA61AE05 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
13:03:14.0554 0x3280 FltMgr - ok
13:03:14.0643 0x3280 [ C197284A9D565A38497733AF2BDFA111, C6615AF0D366C2DD6D431B073901EED02D49AA3F252230735DBB52A90BCFA833 ] FontCache C:\WINDOWS\system32\FntCache.dll
13:03:14.0766 0x3280 FontCache - ok
13:03:14.0925 0x3280 [ 109AACC7FB0170535F71491F673AFD38, 212B6761ABBAC29993DA0A47C3DDE8074EA9E5A8FFA8FF6EAB95AC69D8FDD5A0 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:03:14.0935 0x3280 FontCache3.0.0.0 - ok
13:03:14.0973 0x3280 [ 3F3B9E8CECD5604BC7746EF3A852EB67, 51AF62A9563379266C0C873E82F55427900032DFD7AC3EBDCDF77F8F8DE91A5D ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
13:03:14.0984 0x3280 FsDepends - ok
13:03:14.0998 0x3280 [ A60583221C7BB7CEC35C63285A297BE1, 3C842FBEAD1FA2BD8D37B2B0E8EDF77F4F50508C56FB25DFA81DE9679090D51D ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:03:15.0010 0x3280 Fs_Rec - ok
13:03:15.0057 0x3280 [ 58013A50225174EEF1410E37795D7908, F8E557CA4110ABB203192DEAF59D91A5FEF2A5EA394637276DAB7F4D2E7BFA39 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
13:03:15.0094 0x3280 fvevol - ok
13:03:15.0114 0x3280 [ 0DAAE3EFCE00133AB3E383A36C47CDAF, 9145665F4F0575F951803AAFAA1A7DC0FAA35430CAE7D90E902074D60D6F4C62 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
13:03:15.0126 0x3280 gagp30kx - ok
13:03:15.0173 0x3280 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
13:03:15.0179 0x3280 GEARAspiWDM - ok
13:03:15.0217 0x3280 [ F59155B95D01C08F9ED774B626B504A1, EF0FCF35AD9CD5E5D695F0C064244D2B327E7FB10FD7CBB0586253EC75562918 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
13:03:15.0248 0x3280 gencounter - ok
13:03:15.0291 0x3280 [ AE24452F55C6F1784CBD7489D0CDDB02, 4E13C51CBF30A8662B1180AC74E968CFC428B6EA7931F09357E7D120063D4823 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
13:03:15.0358 0x3280 genericusbfn - ok
13:03:15.0370 0x3280 [ 96F0D3A583A91B634EE2AC2507356EDC, 43D2575F33D28F61C13D2DCF358BFA9DCEAE276C83152DBE7AE2020A66929CD9 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
13:03:15.0385 0x3280 GPIOClx0101 - ok
13:03:15.0457 0x3280 [ E50CE978F571B900D9A7E2F1C5BCC070, EA14873A5F1B700D7CDBE55B9D214DC457262866A90D80B3E8325A8EB7932CE7 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
13:03:15.0514 0x3280 gpsvc - ok
13:03:15.0527 0x3280 [ BA2455D93BD57989A04FE4094AA6F941, B579FB367C063EA30C034381148410D49D38E183A5A4D51D2334A81DAEE95CEC ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
13:03:15.0555 0x3280 GpuEnergyDrv - ok
13:03:15.0645 0x3280 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:03:15.0653 0x3280 gupdate - ok
13:03:15.0657 0x3280 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:03:15.0664 0x3280 gupdatem - ok
13:03:15.0677 0x3280 [ C277A49F8A8295840DEBC9240B75A282, 8B2BA0E6A8300323765D95ECD843105B0FC4B80B85EE2220E677C4E9A760C9D8 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
13:03:15.0695 0x3280 HDAudBus - ok
13:03:15.0706 0x3280 [ D5A57EF4822A0388352FFF9F5CD53495, 509F365386859157E9078821FAA56D2A3C0BA296CA129E0D42453428A14687A5 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
13:03:15.0725 0x3280 HidBatt - ok
13:03:15.0751 0x3280 [ 39575B53EB80C77FF2A3F1449D00B7F5, 37E66B38BACE00AFEF7093F990A234399D8451A9D2C2C8CBECAB69C664E63EA6 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
13:03:15.0789 0x3280 HidBth - ok
13:03:15.0821 0x3280 [ 35C3B602664116E737FF729F9A7156AD, 7A3C5CAD716E819CC53405971F3ACD135BCF023EC2228C1095E2116BCC384E62 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
13:03:15.0846 0x3280 hidi2c - ok
13:03:15.0859 0x3280 [ C4ABE526BBF2A18E8AF70177FBAD9C6E, 4DA06B563A08AC15D949F4599F73F172B3BFCB5D23B34240D1E2114438A11929 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
13:03:15.0870 0x3280 hidinterrupt - ok
13:03:15.0905 0x3280 [ 348416C7D7EB05BC3099FE2F2B27985C, F30E8682E9DD731A1AD7328FB8A48A2BB7D6E52780AE1FDE839D26E84B4FA7B5 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
13:03:15.0941 0x3280 HidIr - ok
13:03:16.0012 0x3280 [ 5576DF399CF2D3B63608F7F282151249, 04939E79B8B8035547CE6FFE9001252CA810BAD46D8DB75FF5C13EB10EEB5C57 ] hidserv C:\WINDOWS\system32\hidserv.dll
13:03:16.0025 0x3280 hidserv - ok
13:03:16.0069 0x3280 [ 7222DC0F811BBD1B4B4A7C28B7C31AE5, B161D32B2EDD4BB110C80918A36B05D7990CE76567BE59FD1C3C07D53C3AFE03 ] HIDSwitch C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
13:03:16.0101 0x3280 HIDSwitch - ok
13:03:16.0140 0x3280 [ 01F732724AF6EFE69886DA95A4E51820, E048A480F9396418BDE9659596E7EDA5FF97D3CE029D186048609B47575BEAE1 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
13:03:16.0210 0x3280 HidUsb - ok
13:03:16.0273 0x3280 [ 7433A8D28EE11A661C7A45AF28BA7987, 8A73DB423924E84CD3629BF6C7298CD093D2437B73B3F4520D39330923DDA2D6 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
13:03:16.0351 0x3280 HomeGroupListener - ok
13:03:16.0401 0x3280 [ 3FDBFBE5AE639996EB8D482C16BA7EA9, 7E48304818AABB4C5B0CB7FD32D96D6F90F4180AB0F668A2FE653A7097A40673 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
13:03:16.0450 0x3280 HomeGroupProvider - ok
13:03:16.0471 0x3280 [ 3844CE7DD23530CAD59D8CABA57CCB05, A44BB60686A0E98FF370D9DED5B32C3F34F0352ACFA3B3052BA4023922B53DB7 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
13:03:16.0482 0x3280 HpSAMD - ok
13:03:16.0519 0x3280 [ CA6EADBB8731CA27BDA4037BF290AC14, 31EC9397D55D4EEC416AD722134E2D6B5D14E46D2150CB94889C4BFDAACBF421 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
13:03:16.0553 0x3280 HTTP - ok
13:03:16.0567 0x3280 [ 8841D927EB1F7FFC8B1805BC0CF190ED, B063E686380EEF582CF736E33751812F0041C593C7F30EE97D13DEDC9B246AB5 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
13:03:16.0577 0x3280 hwpolicy - ok
13:03:16.0670 0x3280 [ 53436C3835E80F4421652A67F44D6313, 8731091945A839713348DF3060A4C96033874E2B3DC7E099BEEC8C65B07F98CF ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
13:03:16.0708 0x3280 hyperkbd - ok
13:03:16.0732 0x3280 [ B2DC6C2F313EBB967B556B4E73A75451, B1816A0AE15705F0325F167EA76166779607D6086EC36A4A960E3BA47B4EBC4B ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
13:03:16.0755 0x3280 HyperVideo - ok
13:03:16.0768 0x3280 [ D4CDEE4A62BDFFF6E8558A9552148EA7, 55306786CB45082AE374937EBA256FF9CD640BB2E8C19DC6C704489D4743F5CC ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
13:03:16.0840 0x3280 i8042prt - ok
13:03:16.0863 0x3280 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
13:03:16.0871 0x3280 iaLPSSi_GPIO - ok
13:03:16.0948 0x3280 [ F1DF87463AC308047B089E9F0456B4C8, DFFF3C63D3124C2B879B888104042406FE326D4E7C8C1881A269BD4287B9CD33 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
13:03:16.0958 0x3280 iaLPSSi_I2C - ok
13:03:17.0008 0x3280 [ 0FE66A51D81A25AACEAAE4C26308121D, C5553F7ABA74A8EB71A4ED0E8F2A6AA2892F871D164F2D4FADB035BE7D1A8C44 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
13:03:17.0026 0x3280 iaStorA - ok
13:03:17.0056 0x3280 [ 9FDD4763A115D04F565C38183DE4646F, A8B0653E7C5F5B3CB2A1B642F502269FB1BB1E35DBB1CBABDBDADF92C9815727 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
13:03:17.0082 0x3280 iaStorAV - ok
13:03:17.0118 0x3280 [ 4E69EE8F8E5DA036535D433C544AF9E2, 2ADE9B97CE1C19FF984D8BB99CF31415872C2D9628864BD78C0E44D21CC94EE3 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
13:03:17.0139 0x3280 iaStorV - ok
13:03:17.0161 0x3280 [ 15C59DF20F74A0C2C764B991FED7F4A5, 6E9804775E815F32A4D73C346E627D64A3096525E78FAE3B6E43CFECAE270428 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
13:03:17.0181 0x3280 ibbus - ok
13:03:17.0223 0x3280 [ 2268D73AECBE7E5953E2C6169238CCB4, CB07A720047DB2187E6E17BD26408D9F375715D2174CCE4BFB40465831088072 ] icssvc C:\WINDOWS\System32\tetheringservice.dll
13:03:17.0314 0x3280 icssvc - ok
13:03:17.0318 0x3280 IEEtwCollectorService - ok
13:03:17.0459 0x3280 [ 3F8B046C0839FDB879FE179C07A1A6A4, 95B4567B1DD185FE0895C3CDE96DD3BE236A50B3098835EE48224C6817A2AD81 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
13:03:17.0616 0x3280 igfx - ok
13:03:17.0672 0x3280 [ 1DBE918F1EDE43C8D49B6D9A7DEA25F3, 62D0CA581F53EBA39F11864DFA15B533EB8A0A987962BEE70D6372C51ACD40FD ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
13:03:17.0686 0x3280 igfxCUIService1.0.0.0 - ok
13:03:17.0754 0x3280 [ 6F9C31435DD3E3D3BC247212EA144EBF, 05C4A0BD4BABD27783CEFEE6108C1A05911A212189233F09AF1A56BDC60F60F8 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
13:03:17.0827 0x3280 IKEEXT - ok
13:03:17.0852 0x3280 [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
13:03:17.0870 0x3280 intaud_WaveExtensible - ok
13:03:18.0014 0x3280 [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
13:03:18.0162 0x3280 IntcAzAudAddService - ok
13:03:18.0212 0x3280 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
13:03:18.0307 0x3280 IntcDAud - ok
13:03:18.0421 0x3280 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
13:03:18.0439 0x3280 Intel(R) Capability Licensing Service Interface - ok
13:03:18.0520 0x3280 [ 30E9FAC23E2537D82F2836CB81AEE186, 03E5072D43ECED70EF004D2E6E654B4CCCE059825CC3C641C0534E4C0BC0C7E8 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
13:03:18.0527 0x3280 Intel(R) ME Service - ok
13:03:18.0568 0x3280 [ 498759139F71142888CF7EFA1ABE18C8, 9CD0CD748B143F947B4DEDE39344A8C284717CC8AC97E25827EB73CF10831419 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
13:03:18.0578 0x3280 intelide - ok
13:03:18.0617 0x3280 [ DC270DDCDDC2EF65D484A65CC5166222, A88BEAD819ABEFE28B6F9A10586ADCB0EE2A5ED9273F176E9313750609C7892F ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
13:03:18.0628 0x3280 intelpep - ok
13:03:18.0647 0x3280 [ B4D9C777762B1F7356958B9C0AA93BEB, F11B07FE939A107AB4EED4857854DF269C2D86A80C8507C8B1E95F7805975EDB ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
13:03:18.0677 0x3280 intelppm - ok
13:03:18.0681 0x3280 [ 22BD83268B80A8C89AAC0BDF46E4EB5D, E7DC0C2E4104B51EA545BA8D0CFF11FD6A15BFD8EE16E546E8FC220853402CB3 ] IoQos C:\WINDOWS\system32\drivers\ioqos.sys
13:03:18.0750 0x3280 IoQos - ok
13:03:18.0755 0x3280 [ A49E47A6E1429123F46A7CA9C05AEFC1, FFD68CA46DFAA4954FD76145808E2C74BDC34FFD6979BB3FB6A3EE4DC33CDC78 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:03:18.0777 0x3280 IpFilterDriver - ok
13:03:18.0833 0x3280 [ 8FBA61B7CB44F136226BE3B346FC6D19, 2190A523AC948B18C2C7B6DC96ABB654DAB471AD5E5E13F79899416E91777AED ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
13:03:18.0892 0x3280 iphlpsvc - ok
13:03:18.0913 0x3280 [ E0C276985AF968CE295B8E09C121321F, 07B54165E80D4254C29A6CF00CC634E70F190EF0EB8EEF73EC14F38B841087A5 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
13:03:18.0986 0x3280 IPMIDRV - ok
13:03:19.0009 0x3280 [ 5D3744E6FDEC1A6FB3FA9B1DD4AF0694, 209BE9FC25C8BF8CE058B7E993B6A902B881380DADC69F5208733077DA7F4382 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
13:03:19.0039 0x3280 IPNAT - ok
13:03:19.0093 0x3280 [ 2208D673C5D4B22EB0235EA1EC6269CC, 3E73032D67B3B740E11CEA0748CDFFBE35619CBF1AC1C3D86EF089CA326D7918 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:03:19.0110 0x3280 iPod Service - ok
13:03:19.0152 0x3280 [ B18202D72C0EF4B53CEC6F59E3E1B955, 6DA244E6485372C16CF0B38838DC90B48079A85F5D22B0F2F197C8DA37F0A293 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
13:03:19.0174 0x3280 IRENUM - ok
13:03:19.0208 0x3280 [ CD04CBCCCB4C0E4BB06B98E0F45C888A, 106B3E823C188BD14328F2BEA28559D2F637C270064B2FD214522FAC4E616F4C ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
13:03:19.0218 0x3280 isapnp - ok
13:03:19.0243 0x3280 [ 5D90E942C94B20E0F321015C0ABF3EEA, 4110551B172D4A5524DD857D7CB65FAF2594310BE7883D5641BC0DF5EF49C82C ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
13:03:19.0260 0x3280 iScsiPrt - ok
13:03:19.0299 0x3280 [ 56D480702478880805F4E74F2BA02382, D1292175BBC38D105E298F7E62C7E113DB540C1878892F1D4E1E2602DECDCAA0 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
13:03:19.0310 0x3280 iwdbus - ok
13:03:19.0335 0x3280 [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
13:03:19.0343 0x3280 jhi_service - ok
13:03:19.0394 0x3280 [ 4192DFE6CA143C0AD8AF42C51A82BECA, 31FB3A261D0D5241CC87EF7DFF8BFC1A1EACE8CEC42138918EC5958DAEE100CD ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
13:03:19.0405 0x3280 kbdclass - ok
13:03:19.0421 0x3280 [ B63C0DB341DCB46CF7AA259333A737DD, F1B43BA68707F3F99CD31AB2035F5E86CD967AE4E5393928C69861785E960872 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
13:03:19.0462 0x3280 kbdhid - ok
13:03:19.0507 0x3280 [ A8080BEBCDB7A16495CE1205921DCAC5, D4B0EF97B75BF75934A0BEEE48CACD20E8F505600C3A07243DF7627680EE8552 ] kbfiltr C:\WINDOWS\System32\drivers\kbfiltr.sys
13:03:19.0581 0x3280 kbfiltr - ok
13:03:19.0604 0x3280 [ 53C79A7FABDAAFD11EAB31963FB2CED7, 357418645DDCEFA5546AE78EDCAE86D50928710CA7A3F65F01CF721AADA36623 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
13:03:19.0672 0x3280 kdnic - ok
13:03:19.0687 0x3280 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] KeyIso C:\WINDOWS\system32\lsass.exe
13:03:19.0699 0x3280 KeyIso - ok
13:03:19.0732 0x3280 [ 1E99B26BDB9B9C9BC775ED4543558560, 890870A6737B4910735D1B23F714AA73FCCD1C131D135FACBA6909F06D31B3FF ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
13:03:19.0745 0x3280 KSecDD - ok
13:03:19.0751 0x3280 [ 6198A79011C67497B324798B3D4272CE, C587F7D86837550D07918F6AACF26BF65EBAF7FF57475DC9196B4D011E83AE47 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
13:03:19.0764 0x3280 KSecPkg - ok
13:03:19.0768 0x3280 [ 503597D9B72DBD9998F722F12A51ACFC, 9B3585282191163AA70243BAD921ED8725A98454E0D3879E0F671E0E4F56AB4F ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
13:03:19.0787 0x3280 ksthunk - ok
13:03:19.0834 0x3280 [ ED5AE20C27F27F293C6C61AEC9881054, 4D5BE394D129BD559B0A9D237F3F59CB3D24C15ABDD97AE2E64931D6B9D14FF1 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
13:03:19.0926 0x3280 KtmRm - ok
13:03:19.0966 0x3280 [ C529DA0AD5A21878E318801B024AF8E7, A14E8ADCA33C37B1D256CB4926A19F56D2D19B94EDF314A4ED34A8B5AB62CA5A ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
13:03:19.0993 0x3280 LanmanServer - ok
13:03:20.0049 0x3280 [ D6D9F4CAFD3F1A7E30AD02E508552CD2, F0D225E5951CFE1D8349F634CC91BDD5B3F9DCF6233CCB965E99BFEAFE642265 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
13:03:20.0077 0x3280 LanmanWorkstation - ok
13:03:20.0119 0x3280 [ 24881F16D2829764681F5FAE7B86D7D3, 290348CFAF3165847E4B53965D22E9D417EE20FFD23293B5C1855C57E6328599 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
13:03:20.0188 0x3280 lfsvc - ok
13:03:20.0218 0x3280 [ 6ED675774BDC3735AB6DA12D29F825CF, 4317C7CF491F4E806975E7A973CFF11CFEE9E94730DDABCC67C3D693691DDDE5 ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
13:03:20.0311 0x3280 LicenseManager - ok
13:03:20.0336 0x3280 [ DB789F57CE94C827FBFF709CA5ABD29E, 4CA4DD079A63649C36F76A31C4081F11F5CF6574AC573B63EF930DB19B1D1C95 ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
13:03:20.0351 0x3280 lltdio - ok
13:03:20.0391 0x3280 [ FECBC6C4981772E5D0F517B34A5496EE, 15DB097BFB221B91E580E5CD1DD6B34A9A2C78A1A6FCE4162A855BB4AFE673E9 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
13:03:20.0432 0x3280 lltdsvc - ok
13:03:20.0475 0x3280 [ 24C87BDC66AB192FEB273BEE5FD5AA38, BFAAE1F2450DEBD1A14877C046C6EBA91014DB0B5D0FB95EC14CB714B773B3C0 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
13:03:20.0526 0x3280 lmhosts - ok
13:03:20.0559 0x3280 [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:03:20.0568 0x3280 LMS - ok
13:03:20.0608 0x3280 [ 3BB39166E446D456C277C17DFEA3DAC6, 1A08E1D017BBCE91E508D876835FA7AD2DA0859A8CFE8F8F31B4F12B48E2573D ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
13:03:20.0620 0x3280 LSI_SAS - ok
13:03:20.0629 0x3280 [ 25CF625E46307A5D6674C8DFA1A289AA, 1D00EB70B6B0157013A7C15EF194F51B8596612066EF31B337D8134D6BD0BBBE ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
13:03:20.0642 0x3280 LSI_SAS2i - ok
13:03:20.0647 0x3280 [ 722C52B12EA4C198D56994934C9DDAB6, 5F4AB818251C770821BAF41C19B1C483A31CCC28EB96F2084D4092E33EAF906B ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
13:03:20.0659 0x3280 LSI_SAS3i - ok
13:03:20.0663 0x3280 [ 3371FF1D5D745C3306C6A2C4E99C25A9, DD6F0099001501BAEDDF8411FBCD930BD6472662D209199249203CB2FDAA23FB ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
13:03:20.0675 0x3280 LSI_SSS - ok
13:03:20.0728 0x3280 [ E2EEF074F5260378F9AAFBCD592319A3, DC56674A08FA03FA7AF7DD8B3CC55D8324D1CB51546092A990A935FF9AB48A3C ] LSM C:\WINDOWS\System32\lsm.dll
13:03:20.0817 0x3280 LSM - ok
13:03:20.0832 0x3280 [ C692B9C0352315417CF49FFA664957A3, C2D4F9A936B809889F7C51FE48214A1923175913A6C5D0B72D3BA469214B5174 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
13:03:20.0864 0x3280 luafv - ok
13:03:20.0907 0x3280 [ 6A4C75FD28F60062FEA3DF3B15D956C0, 4FC58F3320D33BDACCF759A50C623A3E58E4320749E6691B397DF0C8EAAA8A6F ] MapsBroker C:\WINDOWS\System32\moshost.dll
13:03:21.0045 0x3280 MapsBroker - ok
13:03:21.0079 0x3280 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
13:03:21.0086 0x3280 MBAMProtector - ok
13:03:21.0190 0x3280 [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
13:03:21.0230 0x3280 MBAMScheduler - ok
13:03:21.0284 0x3280 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
13:03:21.0314 0x3280 MBAMService - ok
13:03:21.0354 0x3280 [ 8F22037D3F5A6BB676525D825A1388B9, 2AAC748D46136DFA1BE45150BF0AB7707D45391CAC1F63B964D341D11B135C91 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
13:03:21.0362 0x3280 MBAMSwissArmy - ok
13:03:21.0378 0x3280 [ 85CFE7AB85B43B6B7AC7961AA3983A9F, 4E88B75818FD00C0ABBDF8E02EBFB550A67B46E5E13D3B3DF52611793F7DA0DD ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
13:03:21.0385 0x3280 MBAMWebAccessControl - ok
13:03:21.0421 0x3280 [ B2ED9A7A5587A128A0EFD0DBE7662E95, 63070AAFD44E3CD2A4B262DF27222B103455A4D8C2E45914502BFA03D84D32C9 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
13:03:21.0432 0x3280 megasas - ok
13:03:21.0465 0x3280 [ 083F71488E6780A67290273180256EA5, 5F43CE66F5A48850BABB70F4D219FDD002F9BC2B2F0E58E66FE2C492AA335E50 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
13:03:21.0489 0x3280 megasr - ok
13:03:21.0526 0x3280 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
13:03:21.0533 0x3280 MEIx64 - ok
13:03:21.0627 0x3280 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
13:03:21.0636 0x3280 Microsoft Office Groove Audit Service - ok
13:03:21.0747 0x3280 [ 5907A10D46747A2B6DBFD6A198254DC2, 6C283E9DC75C7ABFD270D6FABBF4F54628A1786E7CE2F603BF664CBB9E4FE583 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
13:03:21.0774 0x3280 mlx4_bus - ok
13:03:21.0814 0x3280 [ 91ED6F0EDF4158D63C52194F17D4F42E, ACF543978E253650C167C6C370699AEA7340EBCECF7CAB904CBDD334D1BD6928 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
13:03:21.0880 0x3280 MMCSS - ok
13:03:21.0896 0x3280 [ 2C4CC9F6ADBED5A6D131FDB97A78FF68, 04DC76E3F0959C0A9B00DF2133B075194FB7DCBD76832B9D25B0E37223D300DC ] Modem C:\WINDOWS\system32\drivers\modem.sys
13:03:21.0927 0x3280 Modem - ok
13:03:21.0968 0x3280 [ D8DB13529C8AD6FBAF8E2F382024374F, 13025035C479E2EF76EDCB90D83BE65B4ADD9F7000AD31FEAD628D5DDFE69158 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
13:03:22.0040 0x3280 monitor - ok
13:03:22.0077 0x3280 [ 2DAAF1EE1C30F2FCF59851A64ADA0422, 08CD801E63E2862DE058CD732C3DB3D87B1A2898732365440E3F8919932E96FC ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
13:03:22.0087 0x3280 mouclass - ok
13:03:22.0104 0x3280 [ D30FE074503283829ED194BCAE6239C3, A3A127381ECC798417D01F6B8A1894EED7D71989047BC4D1D74D0E7C8394AD65 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
13:03:22.0166 0x3280 mouhid - ok
13:03:22.0207 0x3280 [ D5EC9413527B286CFEEB0294C53ABB95, B094C611F5A7E33D2F8667B2A4D6260E1D57BD135867F984EE5B674C7EE72B95 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
13:03:22.0219 0x3280 mountmgr - ok
13:03:22.0257 0x3280 [ 989A1BBD9C49B107B4A47D06E6827A69, 62D90B22AE13AC84324DFD5FEBA595813AD07469B7FEC41380CE223D93020CCA ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
13:03:22.0324 0x3280 mpsdrv - ok
13:03:22.0394 0x3280 [ 51D4584BC245AF1B679CAF01669ACE23, AA0BE0D216A00113F5C07DD95CBC15C4448BF2CBD4954CF16D1E9689455447DB ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
13:03:22.0534 0x3280 MpsSvc - ok
13:03:22.0556 0x3280 [ C1E74DD1D84861D8F12FF8BC0BA11975, 5912A0455C840F5C8AD6383823C9C7DE6FF8B5CAF1B72EA181864999891EAF30 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
13:03:22.0596 0x3280 MRxDAV - ok
13:03:22.0622 0x3280 [ 1DF2C5FD2710A13B07E663A12F0E0EEA, 8EBCA9269F52A5CF602F5DE2B0C2AB2BFD82F415465DBB74C73D43F321D9FD46 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:03:22.0663 0x3280 mrxsmb - ok
13:03:22.0671 0x3280 [ 185932B1149BD707F8A13174CDAB365B, BC26CB10DD6E81A94477564444E91F76D47E685E897BD77B9C1393F0D31AB718 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
13:03:22.0747 0x3280 mrxsmb10 - ok
13:03:22.0768 0x3280 [ 99E24D4DBACBC569833B9A67710D65E7, 93BC765E7B6E19E83AFF783DE8080A80A1D69A406B496F1E36C47AE6E86AFB76 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
13:03:22.0807 0x3280 mrxsmb20 - ok
13:03:22.0841 0x3280 [ 6F8BE4FB6262012E61BBADB5444628DC, E87489207AA48106C08E4BADDD8D66D14BC9DD6AD2A4CDD880BA655932CDDE60 ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
13:03:22.0878 0x3280 MsBridge - ok
13:03:22.0923 0x3280 [ 283BDF3602F442336DAF242BDD07FB98, 185F046B6AA24FFD1567F00AA70357C82002FF627E329CEF9B926645A6DDB172 ] MSDTC C:\WINDOWS\System32\msdtc.exe
13:03:22.0959 0x3280 MSDTC - ok
13:03:22.0988 0x3280 [ 7C55F1751CAC199680D4489D1EE46544, 967EC8137D321F6139C3382D19A338FD97A3023EB654747AC57C2008BE4AF677 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
13:03:23.0006 0x3280 Msfs - ok
13:03:23.0038 0x3280 [ 988588C16A53C2581488C15FF18934BF, F021FD31163CB5C7012CF96EF642C5E551708C835039075268F4CBED002D441D ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
13:03:23.0049 0x3280 msgpiowin32 - ok
13:03:23.0070 0x3280 [ 09622DBC24D0178F15DB8461BB6970DF, C0B3F9B2219AAF87E417EE9FF54C64B8AD9944E101EA79B5DC81D99E8C2ECF30 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
13:03:23.0110 0x3280 mshidkmdf - ok
13:03:23.0148 0x3280 [ 34BB07495C0159BE4189841E16F3BC2F, 264B5735D9A68C85BEDE363D4C0AE1FCC381B39EA884B4BAEE185EB8A873184A ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
13:03:23.0159 0x3280 mshidumdf - ok
13:03:23.0166 0x3280 [ 7BF3F0DA362C053918F5F2EC43CE39E2, AA773FA3F83C0C572160D3D0286A697DC628FF4F3655EF21D01C6D1B7BE5DF1C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
13:03:23.0176 0x3280 msisadrv - ok
13:03:23.0209 0x3280 [ 669DA2006C0B9D882D2014617E1E88F5, 090F558818806CAEF6C81D369F8BFFE4A8240295EF37CAA7102A18F4CD20D868 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
13:03:23.0247 0x3280 MSiSCSI - ok
13:03:23.0251 0x3280 msiserver - ok
13:03:23.0264 0x3280 [ B2D0FD21FE67D6434769CC6F7A7883CA, B2368BD72952C6EE6DAF1AA006DF575A3019E4721BEFB108D3DF1B9E07B2BC5D ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:03:23.0285 0x3280 MSKSSRV - ok
13:03:23.0299 0x3280 [ FB3801F176376286A3F8F20FFB8CDC53, EEF89081665B9BBA93AE9F5912C40C1698E8BA8DBBCCC3BBE0BAB5A86B7E05D4 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
13:03:23.0320 0x3280 MsLldp - ok
13:03:23.0324 0x3280 [ 8CBDF0E7A6CD824352F37A682A33DF7E, 4567FF4C73648FF26EA68EAE2B524B767099789086C158875C97768C77B81359 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:03:23.0345 0x3280 MSPCLOCK - ok
13:03:23.0389 0x3280 [ 33E5B6261D69ACD4948A5C64B9D8F29F, 1D32340640312372E52E59AFB5DB872E6F9DFE3AC16B56F9D928AE230DA02B8A ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
13:03:23.0401 0x3280 MSPQM - ok
13:03:23.0417 0x3280 [ 557DF8C0DBBBF518AC395C6EB1B179AE, B294B5A7882C0C60D91FB853FC87505B6E7638D25E360FDAE002AEBB714ED471 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
13:03:23.0435 0x3280 MsRPC - ok
13:03:23.0441 0x3280 [ 0A29AFA668F5DD50482A98ECE70C77A7, 4C1F23B062361D97B1C8D864AB227E5F398F774A99B5E60A1149A4F78D5BEC20 ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
13:03:23.0453 0x3280 mssmbios - ok
13:03:23.0456 0x3280 [ 30CE30877FD5BFADE74FA27D7829BF89, B5EA1F8C91E75722DB1E3E2172C8607FEDBF35BDC4141258A3E6D29D8B0E193B ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
13:03:23.0474 0x3280 MSTEE - ok
13:03:23.0515 0x3280 [ 13D88C0B8A2FA001CD72D454955A6974, 19DD5C8BBD07B64F355737436BF702FFC209D84A8855D2224D3377E233D4BB34 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
13:03:23.0545 0x3280 MTConfig - ok
13:03:23.0560 0x3280 [ 00C7F0F06A0A48B9CDB6B3AC3BE288F0, BF469A2DDF495ACB9FEE9063C6680C95BCC8686682C9EDAE6D1893D4058E8AA6 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
13:03:23.0573 0x3280 Mup - ok
13:03:23.0590 0x3280 [ 8E237527CA260C71D39ED4081BDF3419, CA52DD174C756A404B1FAD3F2A70E50085C2820BF12369259F61DA649101A179 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
13:03:23.0601 0x3280 mvumis - ok
13:03:23.0656 0x3280 [ 48D0587A8302FD3302CFE6F59F7345B0, 26D48AF3F7FF4867E179347CD635055DEA9A751C6C61CE2C391A7F74FC0DC1DE ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
13:03:23.0738 0x3280 NativeWifiP - ok
13:03:23.0792 0x3280 [ 11BE8117653C542D264788A700AC5BFE, 87EAAC2DF62BB26619DA72950F5EE41DCA1DBDF93F098647F9D200D588F14003 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
13:03:23.0846 0x3280 NcaSvc - ok
13:03:23.0865 0x3280 [ 286C6276B2BA86F29A0F687D05466277, AC8551536F37717A0ACE4A260F5696D1276F7AC62F669E8F12AA158DD86F71A5 ] NcbService C:\WINDOWS\System32\ncbservice.dll
13:03:23.0938 0x3280 NcbService - ok
13:03:23.0960 0x3280 [ C55DA734ED2A831E0BACAAFA01CEB7FF, 9D989B03D07BBAD287B317D238691664B0694331D6A69B7A1AA3D8AB7D1323FC ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
13:03:24.0033 0x3280 NcdAutoSetup - ok
13:03:24.0051 0x3280 [ CF8296427834CF8BBB3EE1444C17362D, 6EFBE1F015DFFA0704C66DF5C88089DD5771E1542018E4AE98389CFF3D0B2309 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
13:03:24.0063 0x3280 ndfltr - ok
13:03:24.0129 0x3280 [ D43EAFF4887321A07D9F9A9DD7225E07, CF29073BBABE12D56744B041118F15C6C08CB89EF12413E359A6875C90FA383F ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
13:03:24.0189 0x3280 NDIS - ok
13:03:24.0200 0x3280 [ A0719D1EBA971DFC5DF5F7CC010385F8, A982487D3A74E66F3C29AAA5B46CE9A0969F07F267DDEFE58C58573573AB0024 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
13:03:24.0265 0x3280 NdisCap - ok
13:03:24.0308 0x3280 [ 0C557932CCCC65AEB37326DD36504527, C0AF3066DEE4BCC32DB30CCC16B7A91442A8383BB36C7C4E3CC0A5EFE0FAAA9B ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
13:03:24.0329 0x3280 NdisImPlatform - ok
13:03:24.0366 0x3280 [ 56F9345D1945826135FBAB7589592B1F, 6BC2A5900076B917823C7392C582A2648D0C8000F2F65D309D5B48E36D4FB4D6 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:03:24.0386 0x3280 NdisTapi - ok
13:03:24.0404 0x3280 [ AADFC340939D99E5D756E713E1D452EB, EFEFDBB2188DE82C2C5E67929861B269FD4C127D34D1DE6D0596ABC33E2C2B51 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
13:03:24.0421 0x3280 Ndisuio - ok
13:03:24.0425 0x3280 [ 312DFD787D99D3BF1427B0388BC04F71, C082CA1F332AD57FF2100748518D3D7B3D0F1B042F69BD7401C44B77AFE97462 ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
13:03:24.0439 0x3280 NdisVirtualBus - ok
13:03:24.0465 0x3280 [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
13:03:24.0503 0x3280 NdisWan - ok
13:03:24.0510 0x3280 [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:03:24.0529 0x3280 ndiswanlegacy - ok
13:03:24.0566 0x3280 [ 6E98F16983C4AE8703FF9F90AB4B31DD, BB8BD5DB4B5FB31F3A257747C27CBEFA4B7837EC5C0CF3D4F408E626E4003F4C ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
13:03:24.0590 0x3280 ndproxy - ok
13:03:24.0613 0x3280 [ F1B7CC77F412C8D45B2DDCF76EDA4F9D, 25F2AA76E675D9BCC0B1FD47AFEC6DF2D0B47E7B1C8AF6FB27C1ED2FB902961A ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
13:03:24.0694 0x3280 Ndu - ok
13:03:24.0716 0x3280 [ 824FDC990A3F79069BE468A132EB6888, D09F7A9EC04E37DA504CE54EEC25C312B407B6A8B214CBB074BEB50DE420F52A ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
13:03:24.0726 0x3280 NetBIOS - ok
13:03:24.0736 0x3280 [ F0D791348AD254360CC3C3E501CCB745, E4CAB4D3C2CD3169731283B00DEBFE26438BB66A3F0D78BDB68E876A14FC7070 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
13:03:24.0785 0x3280 NetBT - ok
13:03:24.0798 0x3280 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] Netlogon C:\WINDOWS\system32\lsass.exe
13:03:24.0809 0x3280 Netlogon - ok
13:03:24.0855 0x3280 [ 7C8A7380CBE45DFD3DF118D8601499A7, C137280B7696F8CF4258BDC8B241C66BB3AA5708C5410D85255E46C7E8284826 ] Netman C:\WINDOWS\System32\netman.dll
13:03:24.0886 0x3280 Netman - ok
13:03:24.0941 0x3280 [ BBE9D72EFC7BD66B28309C3607683DBA, FC372EFBC650CE0BDB117858D840A1FB361947B1C67D1DD16BABA95D0286856A ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
13:03:24.0985 0x3280 netprofm - ok
13:03:25.0031 0x3280 [ 24B38B871128BB08849701CEA722DA1B, 7E62AE8570E7DE83F79012B4D1492DD03496C0678F0BD98DC9C0EFF66D1B8D13 ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
13:03:25.0107 0x3280 NetSetupSvc - ok
13:03:25.0156 0x3280 [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:03:25.0195 0x3280 NetTcpPortSharing - ok
13:03:25.0261 0x3280 [ 46E862DA2CF8F351375EF537276B69B5, AC0FE0977E56380849DCE668AC0F5AF183AAB115ED84ADD964E390CC0BEDF6D3 ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys
13:03:25.0307 0x3280 netvsc - ok
13:03:25.0372 0x3280 [ 88CE4AC85F36B6347C1D820FA373B998, E10B5DF8883928A2062FC6180DE4CF0DE33C68622C2E3E4E1AFC56A0682F8E75 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
13:03:25.0430 0x3280 NgcCtnrSvc - ok
13:03:25.0443 0x3280 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] NgcSvc C:\WINDOWS\system32\lsass.exe
13:03:25.0457 0x3280 NgcSvc - ok
13:03:25.0512 0x3280 [ D5B50FCE0B749FC82BD8FD3A79FF623E, DB5E21011E020C08A5BE2B250BDEF9ACEA9891D6B7022BB9AAA5C6B92A4C87F8 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
|
|
14.08.2015, 12:12
| #7 |
| | Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem Teil 2 Code:
ATTFilter 13:03:25.0621 0x3280 NlaSvc - ok
13:03:25.0646 0x3280 [ 41557BE174E9EC6AC703A8A4ADBC6650, 8CF6DF3FDC3C7C44B32851538A67BF86A54AB6444A424D7A20B7A9A94B4158D8 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
13:03:25.0684 0x3280 Npfs - ok
13:03:25.0730 0x3280 [ AC3F70FCFBCE97AA2F12BA43EE13B86E, D0AC50FB022C0F3031531CEE210D47FC3244C6FB55FAAD4AAB04081F0A21DAE4 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
13:03:25.0800 0x3280 npsvctrig - ok
13:03:25.0858 0x3280 [ 0AF4872D3D6FD3A030E836DAC2B3EF2D, 03EE7B6FAFC0BB5C26793BC5FF8BD1019AC96B3104688009C1E062C3F4F34D6D ] nsi C:\WINDOWS\system32\nsisvc.dll
13:03:25.0908 0x3280 nsi - ok
13:03:25.0924 0x3280 [ 66A98C407085B8920DF1E6D722F1ADB8, 3FE307E4A9E41B08E0453507E50D6D0C67FA6F4245A863D90181463C749C83B5 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
13:03:25.0943 0x3280 nsiproxy - ok
13:03:26.0031 0x3280 [ 466EC5659C02ED53DBD47DC1BC2B8086, 1F35DE75386F7D029C01D67B09D5E5157141C6892858885C11972CE73D6078AC ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
13:03:26.0094 0x3280 NTFS - ok
13:03:26.0134 0x3280 [ 383E546EF4982262A0EF6CC2B6E9D525, 3C6C90B62E8EB094E6928C388E5081A3F73DF87B0F34F716B72EA7B6EF71FBB7 ] Null C:\WINDOWS\system32\drivers\Null.sys
13:03:26.0155 0x3280 Null - ok
13:03:26.0455 0x3280 [ AEEA2EC9CEEB8ADE8284583BBB98AB0D, AB629C047EFB8F5CF13FF923C332A05CD3F510A8C07D2EA6D3C493E2533DB1E0 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
13:03:26.0785 0x3280 nvlddmkm - ok
13:03:26.0807 0x3280 [ 96C8DE2AE83B2633B937D7121EC9A96F, 8C2F367592116E328AF91A345DA446480731632813C210E0AF75EFEF85B5D8DE ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
13:03:26.0827 0x3280 nvpciflt - ok
13:03:26.0863 0x3280 [ 466F875F1D4C6ABB46AF28007009237C, 26F5A5579737A7CF2267F79DDE5A551149C682D5FD24663B53FCEC5AA6B448CE ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
13:03:26.0877 0x3280 nvraid - ok
13:03:26.0920 0x3280 [ 76F19EAE7A52CBAF7B8EC428BE6E0DA0, CF1E55D92FA32744A20AB75D466A3E05E6FACF4694F9265C41F5C27C1E7243DC ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
13:03:26.0934 0x3280 nvstor - ok
13:03:26.0989 0x3280 [ 1B44B5244EAF26BEC315AE84B0AFFC66, 760F376FFF7665E32718E890387CA2404D70DED2D2694A1647483722287D01B8 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
13:03:27.0013 0x3280 nvsvc - ok
13:03:27.0129 0x3280 [ C63E582366EAD77978BFFD959A66DBB8, BBAC11300AFED29291A08EEC8A740DA67C8C003AF89D06F9E0671CCF0E7908A0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:03:27.0166 0x3280 nvUpdatusService - ok
13:03:27.0195 0x3280 [ 0D0CB77D74B38E0EC62341C19E469D8D, A05D3CC67FEEB2FD219BFAA34BF98CB3F3718042124AF28F0E9FDFB9F132DD76 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
13:03:27.0208 0x3280 nv_agp - ok
13:03:27.0306 0x3280 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:03:27.0322 0x3280 odserv - ok
13:03:27.0366 0x3280 [ EA3FFE8617B9FCA1620AD9876E92F4F1, 68D5143CA71D10A2BB44E29B3C76580596669D0624076BCF6CCBA7AF3140538E ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
13:03:27.0403 0x3280 OneSyncSvc - ok
13:03:27.0460 0x3280 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:03:27.0472 0x3280 ose - ok
13:03:27.0528 0x3280 [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
13:03:27.0592 0x3280 p2pimsvc - ok
13:03:27.0657 0x3280 [ 3612CE3432E0A2BE0081E6B488ACF84C, F1A641735FD374CA293FB98FADA2C41E2033B17FECCA3B6D225D0E591AFFF413 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
13:03:27.0683 0x3280 p2psvc - ok
13:03:27.0709 0x3280 [ 38F1AE32339731F6E5A7281AE8042545, 308954518C45D29FC199525F0CC7FE4EA805322EC0B871DDDCBEEC15355514C8 ] Parport C:\WINDOWS\System32\drivers\parport.sys
13:03:27.0738 0x3280 Parport - ok
13:03:27.0748 0x3280 [ 707889D2F95AAE8C9DD254D8767AD908, BE7BD94728D7629F8B7567523FFB42B8979941CEA2EA03E11BFCD51CF119FC27 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
13:03:27.0761 0x3280 partmgr - ok
13:03:27.0812 0x3280 [ A09B0D8F9F0FC17EBCE6481AC9FD5CDF, 8E8D68992D98CF3DBC4B70C7902B3EC28A1E2DA8D4DB38F0AD9D52B1A5A1D40F ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
13:03:27.0835 0x3280 PcaSvc - ok
13:03:27.0887 0x3280 [ 2834089EA4E550FF3B96E61FB4AA34ED, D25DAB47F9778675E984E0738D2014024C2758D52D7E071167A12FF466B7898E ] pci C:\WINDOWS\system32\drivers\pci.sys
13:03:27.0904 0x3280 pci - ok
13:03:27.0947 0x3280 [ 3D587E4295B11B8480F7ACB09A89D718, 8C3BD62B3451E1B2E7197EDAE381785406DF86C03BEEC486602C642FDD37DBC1 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
13:03:27.0957 0x3280 pciide - ok
13:03:27.0990 0x3280 [ B8F07002B5F1DA23CFF979C2806B09F3, AD5C589A02BB8185AA070420BF30E78BC8BE3C6F9B0F66319A8CA05B70A5ED32 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
13:03:28.0002 0x3280 pcmcia - ok
13:03:28.0026 0x3280 [ FF588077D0C6AC2EA3FCBF1903CE08D0, 64BE1646FB6D8CC902B6F386255F7C0420E3C334E14DECD527DD541B43A1DCD6 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
13:03:28.0036 0x3280 pcw - ok
13:03:28.0041 0x3280 [ 5A4426450501534666F9E6157E258A0B, 2735EE7C5581D2FF5454662623BE94D08043C894580D540F0E5D3E21C7D7EC45 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
13:03:28.0053 0x3280 pdc - ok
13:03:28.0108 0x3280 [ 688F47C342E1BBC87A48AB71D316233E, CE99AB67C7E7A11AC69C2F4513AEBDACA385BA7F8CC49BE6313CE04ED404A0E7 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
13:03:28.0150 0x3280 PEAUTH - ok
13:03:28.0161 0x3280 [ 189265498945593D5256CFF7FEBB9665, 9CB88CC3C726BFE6EDCE8D9E4544306AACD3FB9E969E3A438D9FD533F25C1281 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
13:03:28.0172 0x3280 percsas2i - ok
13:03:28.0186 0x3280 [ 9B86965114F6831A5130EFE6657B17D9, 4C5B657DB9A9F96BFD3EAFA756ED60D911EB58857C439F5FA6E495A473ED1145 ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
13:03:28.0197 0x3280 percsas3i - ok
13:03:28.0306 0x3280 [ 8A5A52C855FB5BFEF019AE9938AEA8AE, 77CB8A09B209DB5895319BA9D073A67148926E22C47836343050DFC178AFAEEE ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
13:03:28.0384 0x3280 PerfHost - ok
13:03:28.0435 0x3280 [ 42172DDE99D9F2AB3B0739506699A566, 6B0FAD656A24787E9429EA89F7DC03CC535D8E5D093378F93164ECADCEE5CFDF ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
13:03:28.0520 0x3280 PimIndexMaintenanceSvc - ok
13:03:28.0655 0x3280 [ 82FDEC2A262728F62F2111A84CC04B16, A1FCE38D4F55F10BB9B3BFB7D9E3EF7C27D499D9C8882218C8A9A73487798188 ] pla C:\WINDOWS\system32\pla.dll
13:03:28.0718 0x3280 pla - ok
13:03:28.0761 0x3280 [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
13:03:28.0780 0x3280 PlugPlay - ok
13:03:28.0818 0x3280 [ F1E9C35A8DFD4D64382CFB9019A950F9, 24E0381C6909F9876D6DC4697DC6405FE18DF91531891B2CCA6DB0191B9C6DF4 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
13:03:28.0858 0x3280 PNRPAutoReg - ok
13:03:28.0884 0x3280 [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
13:03:28.0910 0x3280 PNRPsvc - ok
13:03:28.0966 0x3280 [ 62C0BD179961132EF2C5B952210C11F5, 2473FBB3619D0DDA229D4BEC30CEFE7497C27ED3844A5B7655F6F2D328FEAF61 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
13:03:29.0005 0x3280 PolicyAgent - ok
13:03:29.0018 0x3280 [ 6390391EDFC43DD11CE9E6AADCAC20EA, C8BC222FFBB9E47489D16BB5248E0E2E594011C46CFF71F5DBCC4D5CC6788098 ] Power C:\WINDOWS\system32\umpo.dll
13:03:29.0033 0x3280 Power - ok
13:03:29.0068 0x3280 [ 1433EB7908E5E1E20FFD50E4126C3484, 34D81680C8F2F2C5892FC0E0A6DFCBB241AFF493267A1FE182ED28AE9F712456 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
13:03:29.0160 0x3280 PptpMiniport - ok
13:03:29.0361 0x3280 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
13:03:29.0715 0x3280 PrintNotify - ok
13:03:29.0762 0x3280 [ 22DE54C3974E4FD98F61D095C22C59B7, 64E78D6DEC4A28ABB0A23F2CF078459D81796EC79235AE45976ABB4F72B1D1E6 ] Processor C:\WINDOWS\System32\drivers\processr.sys
13:03:29.0792 0x3280 Processor - ok
13:03:29.0838 0x3280 [ 27D0B024BB356C6BEB1214B61E47DE02, 8CBDD62E243CC652F2197AE83DEDD21D91D2792558A6D7D1CC680B37607DEF4B ] ProfSvc C:\WINDOWS\system32\profsvc.dll
13:03:29.0861 0x3280 ProfSvc - ok
13:03:29.0905 0x3280 [ EDD52C352CBAAAD13FD7BD5DCEA309B3, EC7D294B23FD5C309E5C4C455896937B85DC615E1B36C9F8F3BDC90E75EBF9CF ] Psched C:\WINDOWS\system32\drivers\pacer.sys
13:03:29.0918 0x3280 Psched - ok
13:03:29.0969 0x3280 [ DD3FF2053356D11C785999BBC633F3E0, E9A5B7C657F4523E5DEF7AEE7ECFCC94E911FC65F1D491BEF01239F357B8D8E0 ] QWAVE C:\WINDOWS\system32\qwave.dll
13:03:30.0037 0x3280 QWAVE - ok
13:03:30.0080 0x3280 [ 51590F442C6E5D43244BA30DDB0CE79D, 9C7FD0A19753C13FD4A27EBFD60703A2414D5A2F6F451F0B32769C8D7C953980 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
13:03:30.0091 0x3280 QWAVEdrv - ok
13:03:30.0139 0x3280 [ E951E70019865B06126AF850BCCA2026, C590DE38C7603149AFA0271D57EEBAF956F18F50584FCF04BC2C8D8CEC5C5932 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:03:30.0161 0x3280 RasAcd - ok
13:03:30.0185 0x3280 [ 0BF8607133AE264BC3C41A5BAA5FFB7B, 9A4F6AC6013AB5C2A99BCFC2CCF161DD225DE8D85D61579655ADBF04A4383A61 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
13:03:30.0222 0x3280 RasAgileVpn - ok
13:03:30.0270 0x3280 [ FE0976379F9E7DB6F7945FCEB88C7E29, BA331CE55C02E86478714DA87FAC547B50D53BC7D02BCA5A64D484DED44BFAA5 ] RasAuto C:\WINDOWS\System32\rasauto.dll
13:03:30.0299 0x3280 RasAuto - ok
13:03:30.0323 0x3280 [ CA60F6C03611AF1710BC903ED9F566FB, B5C9E8BAC631738761E11168AB68EB1ECC5EC96BF9A8248B9127DCF744CA4691 ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
13:03:30.0351 0x3280 Rasl2tp - ok
13:03:30.0389 0x3280 [ 586A17C10D417D889F1FF7D8636E2F34, EEDA4EE8D2BC5C8C7756AB79F1F19AF8B1C4057996748FAE4E3F37844DB0EB33 ] RasMan C:\WINDOWS\System32\rasmans.dll
13:03:30.0426 0x3280 RasMan - ok
13:03:30.0451 0x3280 [ E5FA41160F5A3D78D8F7765E5C5F6BB0, 31BA423FFFC3206717DC34B482149421EE28B27A4A3BA2DC78C3B3A9EE0C1365 ] RasPppoe C:\WINDOWS\System32\drivers\raspppoe.sys
13:03:30.0488 0x3280 RasPppoe - ok
13:03:30.0513 0x3280 [ DF0834AE921E633E05D1FDC55C318957, 851A00961224DACBEF9DA427122F6B4B73BB99849D5ECB55DBBD311B2EA84C33 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
13:03:30.0529 0x3280 RasSstp - ok
13:03:30.0553 0x3280 [ FC9B7AC6E2B837EF7CD6C64F7068D41D, 9B0DD842033E82BC7EE80416A62B084BF5200923EB7A6C80415BB28004E9B5E3 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:03:30.0596 0x3280 rdbss - ok
13:03:30.0608 0x3280 [ FB7375657F8A5932C35EAA45E9B4B416, 99594708BFD6DC9F8CECBF092058D4D0D4F1BC3204E86F9FDAD5207ED5ECF194 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
13:03:30.0678 0x3280 rdpbus - ok
13:03:30.0704 0x3280 [ A32AED8C644734B283A7C9D08D76064D, A12F67C57E43B6A2FE6449EA3822B1108FE70C66AF9911798777F85D760E384C ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
13:03:30.0726 0x3280 RDPDR - ok
13:03:30.0758 0x3280 [ 37CC7E41243EFBB4FBC0510E5CA32A02, 634E2F81D61F937F30E5ECE01FB581E090C6DA073EF7B1A3F6083ECAF363CB46 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
13:03:30.0768 0x3280 RdpVideoMiniport - ok
13:03:30.0807 0x3280 [ DAF957B25A35757E9D814611FAE8FE3B, 5244A427B2DEB5349B9F336A4A39A6834A6E8118A8EDA00738C6CE09F2452C24 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
13:03:30.0822 0x3280 rdyboost - ok
13:03:30.0874 0x3280 [ 2C72E029C153D25325CA182A669E4ADE, 5CE0E04A6B53A1F11E8159DFD1E59F2AE6631E3B5BD27BAAEC4A35BC02A55722 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
13:03:30.0911 0x3280 ReFSv1 - ok
13:03:30.0982 0x3280 [ BABEE4A896D005BD0D205F1C932DA25E, 269FDF65BE3A226FA2A5CA25085366E32ADAD30A020484FE844962E8C61CB1D2 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
13:03:31.0014 0x3280 RemoteAccess - ok
13:03:31.0065 0x3280 [ 066062967A77867BDCF665960EFDAD32, 68143DBDFA7C68786C22F5CC4E80200255C663A844069C080E7816F423ABB1F4 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
13:03:31.0097 0x3280 RemoteRegistry - ok
13:03:31.0160 0x3280 [ B0511B21366DA51DB2D7813B7E76D776, 99D7FCC6B0DDF9EE475252966BA5F926C9FE9856EB72582473CFA573F4B9DD96 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
13:03:31.0263 0x3280 RetailDemo - ok
13:03:31.0301 0x3280 [ 6451FE42C35FDE3862D99579444F4A8F, BD56A1120AACF6143E6EB739E12BEE86DF142F1159865608BDF1BBE54B66AFCE ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
13:03:31.0321 0x3280 RpcEptMapper - ok
13:03:31.0359 0x3280 [ F24131EAD1D0B73463052BB042A37B6C, 43B5772310B200DF1914C8E4D10401A0BCE9082BDEAC34736AFB2920B39D7956 ] RpcLocator C:\WINDOWS\system32\locator.exe
13:03:31.0371 0x3280 RpcLocator - ok
13:03:31.0440 0x3280 [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] RpcSs C:\WINDOWS\system32\rpcss.dll
13:03:31.0477 0x3280 RpcSs - ok
13:03:31.0512 0x3280 [ DC66C1D262D64E30A30B68E9F21AC74B, A5ED3D31BCD68DBC00A956787517ACA167C86F5FFDAF7C9A85505FA2B705C6CB ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
13:03:31.0541 0x3280 rspndr - ok
13:03:31.0593 0x3280 [ 179E6BCF8D16AD39C137CB4FCFE015C5, A1DF499AA378BDB1CB7F95ACC0C7D6929358AF4596A47FDEDFAE115461563CD5 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
13:03:31.0635 0x3280 rt640x64 - ok
13:03:31.0680 0x3280 [ E377E1F54FDA4BAFF4414E8364C760FE, C11E8BCC424A0FE3B4CDF29C3AC0145F4A086E9C99F7E380F17890542F3E1C66 ] RTSUER C:\WINDOWS\system32\Drivers\RtsUer.sys
13:03:31.0695 0x3280 RTSUER - ok
13:03:31.0728 0x3280 [ 88F7703F2A4677C828124AE2110D3EBC, 529F6A5815806F2EA2235802BD28AF8D7A40E7799356BD3EC337C9E71B6B53E6 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
13:03:31.0761 0x3280 s3cap - ok
13:03:31.0798 0x3280 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] SamSs C:\WINDOWS\system32\lsass.exe
13:03:31.0835 0x3280 SamSs - ok
13:03:31.0945 0x3280 [ AE406EB8F94C1048AFC42B1B125410E0, 4E16668436C84C9BF5E6CE204EE9693C060C1041DC50F007EB8E815F69197BE8 ] Samsung Link Service C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
13:03:31.0961 0x3280 Samsung Link Service - ok
13:03:31.0982 0x3280 [ B467E932FE4E16E201DC7E56870CB559, 6FCE9A2DFC5D222BBEA4AA271A17B830FCF8EAE44B07BEE5FF34AE50CABCBB6A ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
13:03:31.0994 0x3280 sbp2port - ok
13:03:32.0068 0x3280 [ 3E115C63649402D321D396F8D606C9B0, F4BA7FE0E89D563A57B6865E4CF1334998987D11A0D70FF7491726A507B40DF4 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
13:03:32.0098 0x3280 SCardSvr - ok
13:03:32.0105 0x3280 [ 67EFFD3D1BB6D2B67DF7F8FDCB1A51FC, DE41539FAC730F5CFF6C8754ECFF1253AFDC1C86743AE71B61D716B7A84E85FD ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
13:03:32.0134 0x3280 ScDeviceEnum - ok
13:03:32.0179 0x3280 [ 31DDA0716EC265CA57DAF9D2295FD76F, E6F39C1B3CF81918277DB8C6E3DF9A82812E1C9063DEB1FB85FE433DC9A16CBA ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
13:03:32.0207 0x3280 scfilter - ok
13:03:32.0263 0x3280 [ 2EA574C3DCFCD47502946B85B342AA0C, F6DA375BE13FBCF20755C766E19159CC44A0B16163CF297B8AE49DD0602AEE73 ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:03:32.0404 0x3280 Schedule - ok
13:03:32.0451 0x3280 [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
13:03:32.0473 0x3280 SCPolicySvc - ok
13:03:32.0537 0x3280 [ CC41D16FB823F9BE167BE773F225CD1F, 97020D419CFC161A4EEF238F8580ADC2D026221217BF41728C54F52ACDBB9FCB ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
13:03:32.0555 0x3280 sdbus - ok
13:03:32.0625 0x3280 [ A906C527B838A4922611C63EBD250F91, 6BB0054A9C2408138BDF49D834FF99B5B9764E7747ABC15016F54FBA1D28394F ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
13:03:32.0721 0x3280 SDRSVC - ok
13:03:32.0743 0x3280 [ F4BF50A7D16A97A887BFA0F193693C42, EEBF5AAC149C72F490BAC954B25BB6882B10FC38F93CA4F4829A06702B1ECEF9 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
13:03:32.0757 0x3280 sdstor - ok
13:03:32.0800 0x3280 [ 648A299839E8F48A946C41DE270D28F5, EEC9A5FCBE3FF78FB5E0452FF1932A8B0C7399688041E22555703CB1977A4428 ] seclogon C:\WINDOWS\system32\seclogon.dll
13:03:32.0870 0x3280 seclogon - ok
13:03:32.0940 0x3280 [ 29452A9DA3E3482F0C2963312F979053, E1782D36C336C4B4C261AD665C1E9051905AA86020E08FC94069972AF4C4DB4B ] SENS C:\WINDOWS\System32\sens.dll
13:03:32.0970 0x3280 SENS - ok
13:03:33.0034 0x3280 [ 919BA7E3054E4F1D61A3524ADCE6A970, 3C382673DF5AF2F38A5AE4A268F5856B0CC9E65D52213DE6D2C06E252753B73C ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
13:03:33.0193 0x3280 SensorDataService - ok
13:03:33.0234 0x3280 [ 01C2EEA7870FE26A4A6CCBA5421CC7E5, 9E643AB6BCBECE4F2A5FD4C96547A4E3F2BDFEFC5FE24B802467718EC69929F8 ] SensorService C:\WINDOWS\system32\SensorService.dll
13:03:33.0308 0x3280 SensorService - ok
13:03:33.0362 0x3280 [ D2FEE824B4AA0BE377F1353E5F915BF4, 00D754C62F3482BBD0EA72C896139C39D15192B2D9FCC7B755D1FB9DF9FCFD9B ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
13:03:33.0442 0x3280 SensrSvc - ok
13:03:33.0478 0x3280 [ 9DB0BBE3ABE1F49651AE51EC5BCABE58, 0B46C1F231F41766AB73EE7E9834D3CDACA602D12E702D9277E28B47417D9CA4 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
13:03:33.0492 0x3280 SerCx - ok
13:03:33.0506 0x3280 [ C4AF79C37334D995D95C22C14FDBF7FD, 4D4985921261909F2123467A22EDB102B490710F60AB935624435E5BB808A0E9 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
13:03:33.0520 0x3280 SerCx2 - ok
13:03:33.0546 0x3280 [ FC541A272F47BE03E67A9FCB87FA8C3E, 730A3616FD67E9F2832442144B2655A8EF78B9AFCB204113E73E257256491354 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
13:03:33.0578 0x3280 Serenum - ok
13:03:33.0583 0x3280 [ 2A5F5F95FCA123DCBF53B5F603B64789, DE5C9E1D88B2C180B137DA7839F3EF6C936A171ABA49F89C10EE9C73A2226F3F ] Serial C:\WINDOWS\System32\drivers\serial.sys
13:03:33.0603 0x3280 Serial - ok
13:03:33.0646 0x3280 [ C8738887228B7BFA3B1A906816A8BB12, 328283569201791891D5E9FB3028DB5B9FD93A7BEFC00C7DEBC2CC5731DE64D5 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
13:03:33.0690 0x3280 sermouse - ok
13:03:33.0756 0x3280 [ B1CB58853153397DFFA2D13A81451D09, CC9B3B064711E9B5CB38DC1C84DC410033939848BD31BB0D12F990E8154F357E ] SessionEnv C:\WINDOWS\system32\sessenv.dll
13:03:33.0797 0x3280 SessionEnv - ok
13:03:33.0814 0x3280 [ 67832B68752CDF7FDE56949E4A2E70BF, A72320EA8575A751DF86A1EE7969AD9D548D6185F2520197262E11B79FF8222B ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
13:03:33.0843 0x3280 sfloppy - ok
13:03:33.0892 0x3280 [ F10E5536E1C753E01CF19FA4F466CE90, C9897F22B176D84CA233F864078895E3DAD4DAD090FACBB01BD6E59EE337B47C ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
13:03:33.0929 0x3280 SharedAccess - ok
13:03:33.0980 0x3280 [ 4AC12D495B3CB4275F74C68A7A017561, DC53EBD606ECCD8BCF6D618C0EB58B03F5C20F09E0F0AEDE9B8082D6B208B19A ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:03:34.0024 0x3280 ShellHWDetection - ok
13:03:34.0043 0x3280 [ ED058030296CF9B79C8D48BF43724323, 01DC7C2590DF48116CD1A126F207FE5DE439A53286BAE3736E22EE3D1CA80BE3 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
13:03:34.0054 0x3280 SiSRaid2 - ok
13:03:34.0084 0x3280 [ 633D3D1581E9DCCD5A2D8F039104C9A5, C44B5097016C2AEC8B41F77425FE44413562F9DCF0C0C11CA69D8178970B4706 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
13:03:34.0096 0x3280 SiSRaid4 - ok
13:03:34.0186 0x3280 [ 0B70786BD1062CD4C6B58E412B9C3E55, 60ED027642FFF97BFFA55AE3EFFCCBB6D6AD8196D35E9ED06F9AF431E3C0402A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:03:34.0203 0x3280 SkypeUpdate - ok
13:03:34.0263 0x3280 [ 35B8FC714C2E7F07F7DC7C64452153F8, 6D45EB01B5F972ED0E5520E771F007FFEE892054FABDB3DD00D3E9915D3A0A31 ] smphost C:\WINDOWS\System32\smphost.dll
13:03:34.0289 0x3280 smphost - ok
13:03:34.0346 0x3280 [ DE3A5C27EC842A113F68A2705FF63B00, B134EF63708A892B673B539F544F7980FF72838D822E8E4CCDDB359B22CB8805 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
13:03:34.0409 0x3280 SmsRouter - ok
13:03:34.0444 0x3280 [ CD1056818A6FCEF4D32BD1D6E34070D5, F5BFB61ACB220A73B0DC4487B049F52E9F9FA2D4188C001E7A5838D47CEA6343 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
13:03:34.0465 0x3280 SNMPTRAP - ok
13:03:34.0509 0x3280 [ 187B4AD4446C59F8FCC4A10F473EE3D1, 0AAD961B3D7B3484DC89CB86F3EC96CEBFABB7224A5BFB48083DE8F1805EA7B4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
13:03:34.0530 0x3280 spaceport - ok
13:03:34.0551 0x3280 [ 2799FCA215919FDC9A87C5FCAB530828, BDE968BF26693AA4D70AB669896BCA49C6F533EA226386B35B0EA589A55227B5 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
13:03:34.0562 0x3280 SpbCx - ok
13:03:34.0619 0x3280 [ 58C17D92AD61EC7A98B05F4FAD0D205A, B881134A1BD9194145A9D18BDB34D57E2C167F06C2A9368459D0C33E6E0D6501 ] Spooler C:\WINDOWS\System32\spoolsv.exe
13:03:34.0680 0x3280 Spooler - ok
13:03:34.0902 0x3280 [ 5C31E109943E67CFC801810C00AB63EE, 9A80D7CDA1135EBCE10E753986A59CFA3D8D49F9B0BE38FDF99880B1DD88C41D ] sppsvc C:\WINDOWS\system32\sppsvc.exe
13:03:35.0147 0x3280 sppsvc - ok
13:03:35.0200 0x3280 [ AA1F23501511EFE9CF9771F6B20E8D45, E786852D9877CCFD35444F8FC694467132F868D87A8C344FD1016FFDE74695A5 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:03:35.0247 0x3280 srv - ok
13:03:35.0263 0x3280 [ F5B169EDF9D5E3C7200D89D30E065D13, 12BAF3A3CB76F0900FA53681C9AD16F40308F493BA22C0F60E1E268D0D6AF825 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
13:03:35.0294 0x3280 srv2 - ok
13:03:35.0313 0x3280 [ 2E142E027F0AA698BA4DCE49CBDB43CD, A21027BBBC75A55A8B302D028113A0683016E4C72790A8C561DDB1AE7FDB4289 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
13:03:35.0345 0x3280 srvnet - ok
13:03:35.0392 0x3280 [ BF71B3FB5B7557CB740CDB09C5FB50D9, D6F9E65FDC9C4ADAFE82D94F71A1F5960DB3BEEBF4FE5B2D087515C4FAA5F287 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:03:35.0429 0x3280 SSDPSRV - ok
13:03:35.0478 0x3280 [ EF1BC04215C201ADA3F7F5A2F034EA21, E1A7A0FA2032B9E7D3951100E74C04D93CD848C88D23D57FBA0BFA2816B29C61 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
13:03:35.0506 0x3280 SstpSvc - ok
13:03:35.0524 0x3280 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
13:03:35.0550 0x3280 ssudmdm - ok
13:03:35.0669 0x3280 [ C26E2C89EFB4BB39CD135B5DED804B78, 99288C6023DC6AC6554521EA671AB387ACE2AE2BCDE145C7012202842FF40841 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
13:03:35.0815 0x3280 StateRepository - ok
13:03:35.0887 0x3280 [ 25C16F7D749F1BA7D573756338658727, 4A4056F34C0D34D793E0A24D37842F8122A5C072F9A2ED9192763FB0CC8FDADC ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:03:36.0179 0x3280 Steam Client Service - ok
13:03:36.0197 0x3280 [ DDE064A4298FD1FBF804D3ED691E7EDB, B0D117B1FC0DA2CB76F5F63699E2F108930B6C6721AC443111D48215ED624278 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
13:03:36.0207 0x3280 stexstor - ok
13:03:36.0267 0x3280 [ 60F04DF1AB55D6D4BDA02052DD20537E, 52996EDF2C06968DADC9BDF24E4039929B81643493C7193B8CC4A6BD1A3AE761 ] stisvc C:\WINDOWS\System32\wiaservc.dll
13:03:36.0311 0x3280 stisvc - ok
13:03:36.0353 0x3280 [ 32C95F44108C3E7DB58F773346E3C9D0, F852D8ECA06080EA6DE1A90509071965A750D9CFC9627F0D4DB8ECC57133B0B5 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
13:03:36.0366 0x3280 storahci - ok
13:03:36.0382 0x3280 [ 8883C8CE4942A99B84E1CC6EFA19738E, 60C1CDA4382F8EE70D810DBB1BCAF5F389433563FF23EEB84859612F396D8CE6 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
13:03:36.0392 0x3280 storflt - ok
13:03:36.0429 0x3280 [ 7042792AC7045D1EE8CC9FE743FD5194, F0CF2E542A51C887B476FAAFFA35504A85C3D127CCBD03C13C24984AEDCF506D ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
13:03:36.0440 0x3280 stornvme - ok
13:03:36.0455 0x3280 [ 63513EF3121689B3A59BD217618A2E42, DE9B89732801DEC60BD116D58CFB427F7E37F093BE8A9F6E0CAC729B5346B314 ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
13:03:36.0543 0x3280 storqosflt - ok
13:03:36.0619 0x3280 [ CC96FF061C772340F2ED89ABBA567ADC, 028CD44405B7FAFC7BF331DD729E44E0594A63386F48CF39D7725A58B3DE22D6 ] StorSvc C:\WINDOWS\system32\storsvc.dll
13:03:36.0715 0x3280 StorSvc - ok
13:03:36.0759 0x3280 [ 000F5CFCEF0F06DC8FD1D2F568E48AE4, C1FE485E57A1B912CE79556E0EFF03CC11362E7966D250E3AA4962DCCB8F8EE6 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
13:03:36.0770 0x3280 storufs - ok
13:03:36.0782 0x3280 [ 7415087F9006D6818F85F3CBD79B1A50, C768EBB2263375D285D689FEEF546147D42D7376977424A4D6FD655CC78EA7CD ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
13:03:36.0792 0x3280 storvsc - ok
13:03:36.0831 0x3280 [ E49858EA5865A015EB78B7F7C1C07DE2, 1ADBBAC2D2E2E3C40AB0BDDE068001E76A8DAB79C54F06479F7A4567DAD7A7A8 ] svsvc C:\WINDOWS\system32\svsvc.dll
13:03:36.0918 0x3280 svsvc - ok
13:03:37.0011 0x3280 [ 802278EE4ACCE9EA1F1481DF20EB1667, E78F0DA2CA0B2C2DF3B7E3B2A22C03380FE649813EE6EB31067C5FB6727DB7BD ] swenum C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys
13:03:37.0021 0x3280 swenum - ok
13:03:37.0046 0x3280 [ 313D2C0DBA0B23A8302254FD317D2EC8, 20B98D6F33FEC7ACBCEED9757A3FEAD837FA7BA378BA25575A33EA45E076FC6B ] swprv C:\WINDOWS\System32\swprv.dll
13:03:37.0083 0x3280 swprv - ok
13:03:37.0120 0x3280 [ 12D0CB1DCAE6725B6CA54CC2038C4C8C, 7D224298E440B8C5FDD99A52485A6245DE5109C9A02E65AD38F1EC6DBF4AEEF2 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
13:03:37.0153 0x3280 Synth3dVsc - ok
13:03:37.0218 0x3280 [ 4EF908A86E6866783D66E2DF97666269, 4FF31CC0AEB36FF55D442E8C12DE3F311CF959D3094013609A177BEE31BA5CF9 ] SysMain C:\WINDOWS\system32\sysmain.dll
13:03:37.0315 0x3280 SysMain - ok
13:03:37.0374 0x3280 [ 8863F06F520C1C76254B7DB45057BADA, EE8DA20185FBE37F64E8FE2A6FB477D602159AD6B63FFDD807981E6D28629888 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
13:03:37.0420 0x3280 SystemEventsBroker - ok
13:03:37.0456 0x3280 [ 95875059929EF91B55EA612D7967DD3D, 5F734209C8C9725376F7C146ED84999CC6D019C4C10B1795F53E72BE8853E2DD ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
13:03:37.0572 0x3280 TabletInputService - ok
13:03:37.0609 0x3280 [ B39168AC9C2A035FE2467BCF951D98FA, 509909092A9E3DB80D1AA8647BE11F3C155022ABE12A4DEE15E8A139864F17DE ] taphss6 C:\WINDOWS\system32\DRIVERS\taphss6.sys
13:03:37.0616 0x3280 taphss6 - ok
13:03:37.0666 0x3280 [ FE33F417DFD9847CB571D3C7EE5FA7E3, B3C7BE7998B9B093DD969A2588EE8CEBD9771331A63D4B1D86A188317B5EE71C ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
13:03:37.0699 0x3280 TapiSrv - ok
13:03:37.0793 0x3280 [ BA8CDF0FC9469005A84453A128EEB6AE, 5E037452DAB8B9004BCB761FD2161477E1D22D6F398CE97665F95FD0D6DD26B5 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
13:03:37.0860 0x3280 Tcpip - ok
13:03:37.0910 0x3280 [ BA8CDF0FC9469005A84453A128EEB6AE, 5E037452DAB8B9004BCB761FD2161477E1D22D6F398CE97665F95FD0D6DD26B5 ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
13:03:37.0969 0x3280 Tcpip6 - ok
13:03:37.0994 0x3280 [ D378A1AF58AFA84BB6AC753F2C1BE9F4, 8BBA623193D51E6A8DD0627FA08C93B918EF1BA2EEBA46CDBB86FE6A1007FDEE ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
13:03:38.0018 0x3280 tcpipreg - ok
13:03:38.0060 0x3280 [ 28E1E63A1AC65E17B3194238FA2CF3BF, 9A52D6DD14BEBB7B407B2703A111D1B302F1B84AA40A14D21FCA554F395E935D ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
13:03:38.0072 0x3280 tdx - ok
13:03:38.0110 0x3280 [ CCDBD2817C10A4F631280CBB3AE44FFB, A022DEF4D3CF75F41FA26275347F4BA38A513AD32FF18385C2E756DECB61D404 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
13:03:38.0121 0x3280 terminpt - ok
13:03:38.0213 0x3280 [ A0608264209A836821D6AB8C67B108AB, 7912C75F72BCAB7426A2E00C597C8D94C185B5DD31BD6C4BE5D56FECD5B0D9EA ] TermService C:\WINDOWS\System32\termsrv.dll
13:03:38.0266 0x3280 TermService - ok
13:03:38.0307 0x3280 [ 261830B1E3650E4471E1F98850B929B7, D281B8A93315E64C7AF5002E5BFBE6AFF8B35FD6AA747AE07D7AA96F4AFAA613 ] Themes C:\WINDOWS\system32\themeservice.dll
13:03:38.0338 0x3280 Themes - ok
13:03:38.0385 0x3280 [ 79431E9EEAE85C3E579D28265D2E3F21, 4C4A5CCCA8754D15737EC6E838E9F8A2B0D044F1FEB435B332EC70BB0CFA7DE1 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
13:03:38.0461 0x3280 tiledatamodelsvc - ok
13:03:38.0519 0x3280 [ 354DAA630928CD4DA2BC84A0DA4ADA9D, AFAE4948EA4F899267DC52DF9A06450FC3E77083B563E541581DA90685C7E98C ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
13:03:38.0536 0x3280 TimeBroker - ok
13:03:38.0558 0x3280 [ F4AEDABC8F3A9D632F8206D0C7F8CA09, 6E76749CD4B857B4D930267E3CF448AF4D14FAC851873C5E71572E62CAD2FA36 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
13:03:38.0573 0x3280 TPM - ok
13:03:38.0595 0x3280 [ 2D0338A3009075FCCB119CB7F3280F82, F42F3B8DA0F8B2C99892E66CDEF471A1CD30A30CF437ADFF464A2C786A6B87A6 ] TrkWks C:\WINDOWS\System32\trkwks.dll
13:03:38.0624 0x3280 TrkWks - ok
13:03:38.0699 0x3280 [ 62D6A900C5DFF2ECF131384E5A5C85AB, 1AF1FB868C59DFF452E3351EE5070B2C746DE606B9E2F1834CE2256F41ABE7A9 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
13:03:38.0758 0x3280 TrustedInstaller - ok
13:03:38.0778 0x3280 [ 676C801CAA61AADD0C918CC536A74B78, DB5DEC9445272E46D32DC2A9A99A9AE45729E424E61C679ECFD973AA88457BE6 ] TsUsbFlt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
13:03:38.0853 0x3280 TsUsbFlt - ok
13:03:38.0877 0x3280 [ 2BB6CC0DD1CEE86330743B56FA9FE91F, EE71E3DEECA7599947AB09E8967FE8066348D82B4C17D8CBE800FCDE9CF4989D ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
13:03:38.0910 0x3280 TsUsbGD - ok
13:03:38.0957 0x3280 [ 14B46248612DF1B1A695040FFFBCFAFC, 8C373A3C416FC9AB3872A187E64AC7A6E69FF605BD8784E8F2B1C28C293A0495 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
13:03:38.0987 0x3280 tunnel - ok
13:03:39.0019 0x3280 [ D0BE5EA1652D55029C9A898FB8ACFCE0, 80C4BC30B967C79B3457F43EB9B530CA2571C6158958879AC55E5A81F71CFF15 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
13:03:39.0031 0x3280 uagp35 - ok
13:03:39.0046 0x3280 [ 13C15E4B238895FE4731DB1D612EEB5F, 211E4B05AA09F7FBE2487C3241A98D1F970FEE5B9B1BAED2788B57233BFC4104 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
13:03:39.0057 0x3280 UASPStor - ok
13:03:39.0080 0x3280 [ BEBB8B55C5F99B69EEE39A9D7BADB21E, 08A094EA38AB58CC70108A3BDFDD3251897DC4B13FDDAD54C1B063137836EF34 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
13:03:39.0150 0x3280 UcmCx0101 - ok
13:03:39.0198 0x3280 [ DE3EDAF609D00EA2E54986E6459796A6, 61A9AB51869F38300CC5CC5D302B962FB966F54CBB2E393954F36372B3A479FE ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
13:03:39.0321 0x3280 UcmUcsi - ok
13:03:39.0346 0x3280 [ FB1C1D8B96A482F3581338D6752E1D6C, 0FFAEE3E088614B3483C459513BB9D78EB76B574696FD877A3CDF6A11378F46C ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
13:03:39.0360 0x3280 Ucx01000 - ok
13:03:39.0407 0x3280 [ 4E1543ACE2F6E2846713E5123D9D4159, 1A6AFC525A80D1F19B14CDAD38790DF7293911C4D0E8301161D92201B934C3D4 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
13:03:39.0459 0x3280 UdeCx - ok
13:03:39.0483 0x3280 [ CDCA9CC1D8293E75218D8FF85F2337A4, 173086C08DDC7625E026E425F1E2B5D6C795771BEAE9BFF6093E3592FBEBD323 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
13:03:39.0507 0x3280 udfs - ok
13:03:39.0518 0x3280 [ BC683E19307C533C7161DB7A58051347, 5553BE3421986FDD9992EBFD883CDA151F7166C01BBFA3E9183A3C93E41D79B6 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
13:03:39.0529 0x3280 UEFI - ok
13:03:39.0552 0x3280 [ D14B42C26DE402F316D49667D15446F0, 61CC9FF03EF78631C800EFD8D587975CB94D53DB80E6F60BD13BA52EC5690D3D ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
13:03:39.0567 0x3280 Ufx01000 - ok
13:03:39.0585 0x3280 [ 192470BE4321791FBB25F379D0141D6F, AD120F8F98BD99014471CE60630B5FEE7555AB261C98B7D9819FE23C386655F7 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
13:03:39.0598 0x3280 UfxChipidea - ok
13:03:39.0638 0x3280 [ F7BD838E84E6B286DBCE068EFB8C0800, A55188C8F8BDC739A7ED7D29CDCB2A17468BBB158E13D804963B31ED73449520 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
13:03:39.0649 0x3280 ufxsynopsys - ok
13:03:39.0681 0x3280 [ C844E39B900FFA46CA8DD2BBA670A077, 0CB6232BCE47C59821DF25D6ED33E85C3E32DDAB101AA8A2C22B5401E73F5D5B ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
13:03:39.0698 0x3280 UI0Detect - ok
13:03:39.0713 0x3280 [ A25842AC180F0E8B02380ECB8ADA1AF5, AF22E7559C5EF8DC22A2B9E27FFFFF075B1D1B68A8307266BD9473E0FAF36BEF ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
13:03:39.0724 0x3280 uliagpkx - ok
13:03:39.0748 0x3280 [ 21088F43172525C7E02D335A3327F46C, B04AD471A7DFE83AB557DB4540616B7DF4A1904F8BDDCB920D449FCEE6F36FD5 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
13:03:39.0766 0x3280 umbus - ok
13:03:39.0786 0x3280 [ 294A291B5D48FE8F38DD94B7272442C5, 66C9139636760C92C1E04FCF440C432FF6C5A94E1577CAFE1D61FCF2D30472ED ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
13:03:39.0818 0x3280 UmPass - ok
13:03:39.0876 0x3280 [ 3427889AECC3B6912A0A01D095E32B98, 322AE14B74295ACFC124719BBEF8809201150A184E262EC55E26D2B45787BF9D ] UmRdpService C:\WINDOWS\System32\umrdp.dll
13:03:39.0909 0x3280 UmRdpService - ok
13:03:39.0981 0x3280 [ A4A5FF89F65D8D1AA3A769654AD8DBC0, 9C792595F7E90C6074BC0FF5A63C9A19449E2F2E2780087BBF12A72658437EE0 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
13:03:40.0127 0x3280 UnistoreSvc - ok
13:03:40.0284 0x3280 [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:03:40.0295 0x3280 UNS - ok
13:03:40.0339 0x3280 [ BD693208673F40BA21AA70B69F1D439C, E324947C2DD34386A83B09E73668F1CCED127AC91194B8BF7EC4C8E36CF8203E ] upnphost C:\WINDOWS\System32\upnphost.dll
13:03:40.0381 0x3280 upnphost - ok
13:03:40.0404 0x3280 [ A7A52EDDC3FAF183D6AC4774690ADF13, 630A0331F2EFA2DC7EFDACD08D8DF5C85BFDA30FF1525050FF54E069AFA45F6C ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
13:03:40.0415 0x3280 UrsChipidea - ok
13:03:40.0428 0x3280 [ 2EEA0897DD9E30E958B508D557F0B5E4, BE051A3AA5DFF56310FAB67AD19AC0443A3580542886EF3554EBE18F1323596F ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
13:03:40.0439 0x3280 UrsCx01000 - ok
13:03:40.0443 0x3280 [ DC54D775A3A61E4CDE871B4E38A1459A, CC996A9D293201BBD285E7B629B12EE88574702B8AC7BB4149439D6A25A07F7E ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
13:03:40.0453 0x3280 UrsSynopsys - ok
13:03:40.0479 0x3280 [ 18B63A0980F4AA1E6D7879B253980E37, 05F96DBE0A3DE2A685DEEBA8B6838A47AEB7CE2EBE8EB6BAD67B36DCF7E73589 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
13:03:40.0493 0x3280 usbccgp - ok
13:03:40.0522 0x3280 [ 1C60A1A3C8E1E819E16F12BAEB1C83F8, E255BD173DBF091C5EA07381862E23C1FD761489EC396E312974FBC124E1F33A ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
13:03:40.0554 0x3280 usbcir - ok
13:03:40.0569 0x3280 [ 9A3E39F85DC6E3B9F792F1095ACFF788, 66B8E137A5232E9F717907CFD49FE624AE101F4DE14E2960849DABF7A877E87A ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
13:03:40.0580 0x3280 usbehci - ok
13:03:40.0630 0x3280 [ 15FE07A404C8A0CD306661433027FFE4, 250C5B4624EF062C88F49DCFEA00BFF1771EFE8B095EC4F0B51C99BB3F80EC66 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
13:03:40.0651 0x3280 usbhub - ok
13:03:40.0701 0x3280 [ 7E51F2AD1D729F5CDBB6BE21CB58FEB7, 4C9CBC7BE52EE80E3734ACF9AA6FC106FBAA9AE15FCDACB7E5100ED5CC041E80 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
13:03:40.0723 0x3280 USBHUB3 - ok
13:03:40.0763 0x3280 [ 72EA850B59F40C25A4FEDDA5FE84EFEB, FB4801AA1FB72FC1C41024916368823E88D53E338640E3BEA865B0F0E7B8EE91 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
13:03:40.0872 0x3280 usbohci - ok
13:03:40.0899 0x3280 [ 47B2B2DE152E25546944049CA1170BB1, DDA0A806D3108B2475AB13F584EA8CE6F0932C5E394C2C3FA691DFAB8A2BCAC0 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
13:03:40.0979 0x3280 usbprint - ok
13:03:41.0015 0x3280 [ 1F72E1A7E1858B7B3FF81522FCEBDE95, 4FAD243DA73C45CD5CA5E50F824F30EF0DC777D83957FD21FF43D8C89EC15AAC ] usbser C:\WINDOWS\System32\drivers\usbser.sys
13:03:41.0111 0x3280 usbser - ok
13:03:41.0150 0x3280 [ CD35467670DF1E6FBF36DA308F0C872B, E1F4F9B1EBD476394CBD0C934842AEE2502B030D97351B0A1E751FF23B011B57 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
13:03:41.0163 0x3280 USBSTOR - ok
13:03:41.0179 0x3280 [ DFA92EA105DD1073B43FB210EEB03DD4, D940432458F0A04F5013B48197CEA0412C8A909C50605AA21DD08271C90E2FE3 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
13:03:41.0196 0x3280 usbuhci - ok
13:03:41.0216 0x3280 [ B1484D4BBC6B7B424F1CD1554B0AFB84, C9432978603360182AAA983248FFA97576B3C59BE5DA45473DFA17E2940479C8 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
13:03:41.0245 0x3280 usbvideo - ok
13:03:41.0269 0x3280 [ 0728504F9863774E56A54AE66C3F1E6B, 5BA3CC6D98A573AF10B56AF1748B39C83C92FC13E9D5CBF5B344C404A67D52DC ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
13:03:41.0288 0x3280 USBXHCI - ok
13:03:41.0381 0x3280 [ FD38DDBCC1699BAB0446B93C1245FE17, 0AADBE137FE4372C3FFF2E98CAB4522CBC16CA1CE9564FB3C53A896A1B4E6EC2 ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
13:03:41.0490 0x3280 UserDataSvc - ok
13:03:41.0547 0x3280 [ E9E2B5FFBEFC2CDF14A6E55DD94CC823, A10C011835A65601B8FE3A30F361C224C60084A78085842ADCDA248047530CD1 ] UserManager C:\WINDOWS\System32\usermgr.dll
13:03:41.0592 0x3280 UserManager - ok
13:03:41.0648 0x3280 [ 0CFEA30C0217EE74FF853B2B0CC0BE6D, 1F0856D2D94F46D7B24B7EE18ED868C9EFAE972039D35D1FAA9058A12CF40493 ] UsoSvc C:\WINDOWS\system32\usocore.dll
13:03:41.0762 0x3280 UsoSvc - ok
13:03:41.0788 0x3280 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] VaultSvc C:\WINDOWS\system32\lsass.exe
13:03:41.0799 0x3280 VaultSvc - ok
13:03:41.0810 0x3280 [ 26223003DDFB347B5CF3EC0B56DB066B, 78848BE1334C05F28FA431B08225EAE8345B2C66E7D677F9936892FC941EA961 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
13:03:41.0821 0x3280 vdrvroot - ok
13:03:41.0921 0x3280 [ 0C3F4E7684C1D72E85A98689E65A98A1, F7928D3EFC1A83125887ADA5F8E008022B58F0DBA8A711B4D60975D8CE82B595 ] vds C:\WINDOWS\System32\vds.exe
13:03:41.0984 0x3280 vds - ok
13:03:42.0025 0x3280 [ A417284BC6B5C2EEF63F2C5154473530, 55146660CDDD829630C216038E6500CFAC906E67C82881047B665BFEEB286D10 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
13:03:42.0039 0x3280 VerifierExt - ok
13:03:42.0073 0x3280 [ 4C39C05A72EB14C0567501C7E087E564, D3DC122B7E4A5BD345517FE3A9E9E58CD3C78887F9F327AB782BADCAD0F8F2EB ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
13:03:42.0099 0x3280 vhdmp - ok
13:03:42.0125 0x3280 [ C42206A15078596FDE8E89BB629DE342, B95F9EC2413ADE658A7CE4A9BB57A0E125C29205C24BBB120153DACAF4CF9482 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
13:03:42.0155 0x3280 vhf - ok
13:03:42.0171 0x3280 [ 248D9F911A5C94CF8477125DD0C3A291, 418C7285184BCC9DE4E56175960585867A5DB21FEF761C49FF6F1AF1C07D8088 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
13:03:42.0185 0x3280 vmbus - ok
13:03:42.0205 0x3280 [ 3E98DD4E0CBD6B4F9CBD0E9E0EDF541E, 2B5CF364F4D1D3359FBEA8BB2E72A1FCE1277E8D893977B751D9AC10A27DF018 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
13:03:42.0217 0x3280 VMBusHID - ok
13:03:42.0297 0x3280 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
13:03:42.0329 0x3280 vmicguestinterface - ok
13:03:42.0352 0x3280 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
13:03:42.0377 0x3280 vmicheartbeat - ok
13:03:42.0389 0x3280 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
13:03:42.0414 0x3280 vmickvpexchange - ok
13:03:42.0426 0x3280 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
13:03:42.0450 0x3280 vmicrdv - ok
13:03:42.0461 0x3280 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
13:03:42.0486 0x3280 vmicshutdown - ok
13:03:42.0498 0x3280 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
13:03:42.0523 0x3280 vmictimesync - ok
13:03:42.0535 0x3280 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvmsession C:\WINDOWS\System32\ICSvc.dll
13:03:42.0560 0x3280 vmicvmsession - ok
13:03:42.0572 0x3280 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
13:03:42.0596 0x3280 vmicvss - ok
13:03:42.0634 0x3280 [ 91F165C5D71D9DCB18D4661CF10D1084, 1D55C1FF0F5D860E6DB60EEFE303C0797C98BB0B053ECC255F9B316872288818 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
13:03:42.0645 0x3280 volmgr - ok
13:03:42.0655 0x3280 [ 17042748AC05862A0283D32575220080, A85B480CB969CB7678545D2A9EE99CBD2ADFF210FA016A43E092D0711FBB633D ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
13:03:42.0674 0x3280 volmgrx - ok
13:03:42.0684 0x3280 [ 823A237D871CD652C6BFD47BECB6810A, 99310521451CB54C29A5DEA54C3A666F95E2A1FF0979D5F9792885A161E90C65 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
13:03:42.0702 0x3280 volsnap - ok
13:03:42.0735 0x3280 [ 78727FA284C2095EED660D71CD3C9AEF, 323F0BD5A624DF77973F28C7CF31EC6B3A525496EBF063666623A62B1DB0EA65 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
13:03:42.0746 0x3280 vpci - ok
13:03:42.0792 0x3280 [ 78836108CF5AC6A0B365AC50A72F16D6, 53130B29A84E1CB5E96B81137DF7CFA69BF2A3C7E884ED45069BA9F5438776C1 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
13:03:42.0807 0x3280 vpnagent - ok
13:03:42.0852 0x3280 [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva C:\WINDOWS\System32\drivers\vpnva64-6.sys
13:03:42.0873 0x3280 vpnva - ok
13:03:42.0896 0x3280 [ 2415961D561E02F5E46B7C1C687A6788, 68A54B9595A0D15D410D5F1656B6EBE3B913A4BA5F71C658C9B99420E6ED327A ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
13:03:42.0909 0x3280 vsmraid - ok
13:03:42.0968 0x3280 [ 16419CBDB04DB9FF298169AA93413822, 743AD26F08AF5EFF5DD353E75C3D659B10C3FEC2FEDABB76387B87721B5B98F8 ] VSS C:\WINDOWS\system32\vssvc.exe
13:03:43.0039 0x3280 VSS - ok
13:03:43.0090 0x3280 [ 6AE9A843AE979F2DCCA5A25C07C7A5F8, 3CEC26DE2EEC97929A0FBBD87FF75F8DC387C0988B2047074C8F069ACBEF2587 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
13:03:43.0107 0x3280 VSTXRAID - ok
13:03:43.0148 0x3280 [ BD232C761C59FA8D8EF626CA630E2D2E, E494EFDCE8F6343F49F33F1F03DCD5DEC9CB6F349B1AD302B4D3333B5F6BD8E5 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
13:03:43.0209 0x3280 vwifibus - ok
13:03:43.0227 0x3280 [ 3039687AB65CEE26CF478C1F42FFCD7D, 40E140C6F94B6203767A1493DF8CAE6BA1FB67FBD0C13789444F72410D0E6FF1 ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
13:03:43.0252 0x3280 vwififlt - ok
13:03:43.0256 0x3280 [ 37C868DDE3103130B00AD1313DAB5ACB, BF9C30817A3502F5C0673FD462B18FE1BF37963B29DF09D84B66BDCBF8ECBA81 ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys
13:03:43.0303 0x3280 vwifimp - ok
13:03:43.0356 0x3280 [ EC9B6544C569E8D7FAB91772BD7D23F2, 06CC5F21E9A9DD35099CB3E44C3E2BF2F944CE5B71284E6A85E1B681F12BD31B ] W32Time C:\WINDOWS\system32\w32time.dll
13:03:43.0394 0x3280 W32Time - ok
13:03:43.0410 0x3280 [ FC40A7527D39F06D032A6553D22E4BF6, F572FCB5EB3DE16FD6222A5B6A43C81E3A1F838890667D9F0453F82FFCA772FF ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
13:03:43.0433 0x3280 WacomPen - ok
13:03:43.0490 0x3280 [ 2CFE8CBE358CC4D5715E010E3B13559F, 54E9BFCE202FA123EB261C226094054950429AAFA304AA714F461B003E070BD9 ] WalletService C:\WINDOWS\system32\WalletService.dll
13:03:43.0569 0x3280 WalletService - ok
13:03:43.0594 0x3280 [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:03:43.0622 0x3280 wanarp - ok
13:03:43.0625 0x3280 [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:03:43.0640 0x3280 wanarpv6 - ok
13:03:43.0716 0x3280 [ CF9EF65FA66B0F4982FD1FACAB3009B6, 681C1CD5DCAF87EF436B907534E98B0AB4F66BD62E46B8977A7880B854766A27 ] wbengine C:\WINDOWS\system32\wbengine.exe
13:03:43.0844 0x3280 wbengine - ok
13:03:43.0888 0x3280 [ 8F2B0ED6FCA72B34BEEA37E32D0EE106, A86C641A13FDF056B7BA13641551582199DDB08E9490003C74D999518B097C00 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
13:03:43.0974 0x3280 WbioSrvc - ok
13:03:44.0018 0x3280 [ A598CECB1834C9B1798D0D2CD1910F30, 6124F421C8D0AAC60A1F47DC4A3638934665E51852BC00BBE582F0CB89D844A8 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
13:03:44.0116 0x3280 Wcmsvc - ok
13:03:44.0169 0x3280 [ 8E7FD07D2C82ACBCA52C4100C20F6542, FB2CD88557ABB5EBE6555CD4E41BF4BDC6FE6BCF26288338F2FB034B966FCBD3 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
13:03:44.0202 0x3280 wcncsvc - ok
13:03:44.0242 0x3280 [ 9C776ED423CD03F8ABD54C2557E34416, 282C1208977070EC0280D5ABA0E03A847AEAEE31F35CDAA3C7A02D8477614EB1 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
13:03:44.0320 0x3280 WcsPlugInService - ok
13:03:44.0340 0x3280 [ C8BA574B3BA6AE88741AC86B1FE3C1DC, B2422CDE3A6A27B52D270D24298FF69D91D389C68456EC1805BA30AA59BAB839 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
13:03:44.0351 0x3280 WdBoot - ok
13:03:44.0417 0x3280 [ 796D1C95894BC15B3FEF090C107CBA31, 97917C543CBC13288F2194CB09C3A2759012B74F0D72DDB0896EF42C87348C6D ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
13:03:44.0445 0x3280 Wdf01000 - ok
13:03:44.0485 0x3280 [ C5BB7C612B4C852836BEA39593BA5F46, 1E2B123F34500C2A8E983AAAF7F14E409B88DC396A655F19F3E7F15D0C51A762 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
13:03:44.0502 0x3280 WdFilter - ok
13:03:44.0543 0x3280 [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
13:03:44.0568 0x3280 WdiServiceHost - ok
13:03:44.0574 0x3280 [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
13:03:44.0592 0x3280 WdiSystemHost - ok
13:03:44.0650 0x3280 [ 9B2039C5673EEBF1D4E34ABC0AFB88C7, BBC85546BD86B9027426DAF148194CFE992B80FF89311B28BE0BD82C88630E8C ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
13:03:44.0713 0x3280 wdiwifi - ok
13:03:44.0753 0x3280 [ BD193A7BD34B2E829FAF56306FEE3B09, ADD746D198E21242CEFA01840952B792074EFC473113CD3E7F1ABBA6A4E26AF6 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
13:03:44.0765 0x3280 WdNisDrv - ok
13:03:44.0810 0x3280 WdNisSvc - ok
13:03:44.0856 0x3280 [ 6A3B5013D5C7840E8CABD63DD021C112, 371CCEEAC7816CFE79ACA8A218CDA16469D9567CB63CC9D18C55FF047011EF25 ] WebClient C:\WINDOWS\System32\webclnt.dll
13:03:44.0888 0x3280 WebClient - ok
13:03:44.0897 0x3280 [ EED4043BC3C2D00067411730EE118354, 5E268DA4DB78C06D8F181E9408B4769F8A12C38DA52C1E986EE0CEE1101E9485 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
13:03:44.0930 0x3280 Wecsvc - ok
13:03:44.0967 0x3280 [ 6ECD7A49AFC6533821BEEA1876CEB21D, 2E972245F56F589EF1AB9DABB9214B9DE6E290878735476323A3357D8CDFC71F ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
13:03:44.0990 0x3280 WEPHOSTSVC - ok
13:03:45.0001 0x3280 [ 09B434867028AF4895A87959EA668686, 26A7DB82E42DCBF3A77092D58AC6392754FD7C538B9EAAEFA88E9AF81DFE8E96 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
13:03:45.0068 0x3280 wercplsupport - ok
13:03:45.0103 0x3280 [ DE4E417B867841EE55114E588098B8D5, 878708C93FC1D919E2B9E1C5F94A0EAFC5F28BDAA58D3F29DEEDC8EC3F72D9ED ] WerSvc C:\WINDOWS\System32\WerSvc.dll
13:03:45.0137 0x3280 WerSvc - ok
13:03:45.0141 0x3280 wfpcapture - ok
13:03:45.0156 0x3280 [ DBF5255B759212E5217A2748567A0B5C, 5E81A9289EC39702179038B686A35FADF9974651E74222F3354B4CBE919887B0 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
13:03:45.0170 0x3280 WFPLWFS - ok
13:03:45.0222 0x3280 [ 4CD8826BB8320741842A9E53E48AF2BC, 97B22D9DCD0FD31D3A801946173369B0E70B1850576682C8A8180874A61CAD1A ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
13:03:45.0244 0x3280 WiaRpc - ok
13:03:45.0279 0x3280 [ 4375BCBA419D19695CF566082CEF27D3, 6F86FA14B41A03F2BA51B8702F3D59B85FD488405601FA177495E4B7C576850D ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
13:03:45.0290 0x3280 WIMMount - ok
13:03:45.0292 0x3280 WinDefend - ok
13:03:45.0311 0x3280 [ 037BC6DE5F58D4A74A5BB0C12DCECDCA, 92921A2615A41C434BADEB33594DABC166FC9418FBD311A3B2022410B14BFDAC ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
13:03:45.0324 0x3280 WindowsTrustedRT - ok
13:03:45.0334 0x3280 [ 70BCD70BD53F2FE660ED94B025A043EB, B23B96DCAB30C62CB1651B3A2292155AEE8217CE3120574F5158D5E7DA09DE56 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
13:03:45.0344 0x3280 WindowsTrustedRTProxy - ok
13:03:45.0402 0x3280 [ 8921ECEC2C7D1B1333D77325C60D3AEA, 67C6B6A92B34D99165B5591D0730322C31E967E599BA44924249BF5AD505C132 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
13:03:45.0506 0x3280 WinHttpAutoProxySvc - ok
13:03:45.0549 0x3280 [ 7792AE5403BF8975B6460DFC3428D129, D88F77E973D58C2CA629CC9249877A34ABF31CA1DC2A570666921A8A0DC8DEC7 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
13:03:45.0560 0x3280 WinMad - ok
13:03:45.0632 0x3280 [ 73B5230F03DC7002A70F11EA1B0BAA37, DFE8BBE52B58589686E402ACED51021E298A491F907EBA5689DF9DAFC3002BA5 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:03:45.0696 0x3280 Winmgmt - ok
13:03:45.0798 0x3280 [ 2FE85D6AFF90F56A78743CC93B9CA684, B515765C4EE64E7EC16BD6AF037C084CCA6E81180AEF59E18F260406ABE6DF58 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
13:03:45.0903 0x3280 WinRM - ok
13:03:45.0937 0x3280 [ 811F30EB6EE8318C4171CB95AE30B9BD, 765F6BEA3D35D523B5D7ED7356EC0C97A48066A5C4D77C1E6EDAC6F220153385 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
13:03:45.0970 0x3280 WINUSB - ok
13:03:45.0991 0x3280 [ DF00381AB8665D48DE3FF794BC6760AB, 749AC7048601061A34BFF507B574AF028FC662C0A98692E7331E667D105EC09D ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
13:03:46.0002 0x3280 WinVerbs - ok
13:03:46.0105 0x3280 [ 11F106F92BCE6521878066C8D374BE4E, 4D72D686B3D8EECCDA13F318CA84D8747337B1A3612E17B0A2D5F422AE7C05AA ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
13:03:46.0192 0x3280 WlanSvc - ok
13:03:46.0281 0x3280 [ 043048A604EC6642B30676AE27E728FA, 82A095873CFB9DAFE985EFBEAD74C46090A2B6BE5B380EAA194A036AD8D292A8 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
13:03:46.0413 0x3280 wlidsvc - ok
13:03:46.0423 0x3280 [ 623ED8E10DFEEAB7AE2CD11A0451DB79, 7DDE15F22FD24556D4765F6CFD0F8E2F27370A89A962919646DE2613B33D43D6 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
13:03:46.0453 0x3280 WmiAcpi - ok
13:03:46.0500 0x3280 [ B2BB87531C4127ED4120E9BF5566827F, 1DDC0F00F215D77D3698F81B56D4488F384E9D017267840EDFA4846742B99B6A ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
13:03:46.0551 0x3280 wmiApSrv - ok
13:03:46.0580 0x3280 WMPNetworkSvc - ok
13:03:46.0631 0x3280 [ 78CA1FF6FE37EEFAFF99DD1C956AF60A, 883C7890C83BAB3B846A0C969D7B67031BD2EF65FA58A0620DD0CD1655C5B2C5 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
13:03:46.0645 0x3280 Wof - ok
13:03:46.0733 0x3280 [ B2D8EDBBC339D903BF4073FF7A8D251E, 989F3B94F084720A094C89FD5AF02B5D5BCE5FB127F323E1ADA2890B6AAB3535 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
13:03:46.0861 0x3280 workfolderssvc - ok
13:03:46.0893 0x3280 [ 388F2A3C771B8BEE76FD1AAF9614D08E, C064EC6136CC20C4EE19C86E91CA071974933BB52C9EF8521DF4AFD060FED4A2 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
13:03:46.0904 0x3280 wpcfltr - ok
13:03:46.0966 0x3280 [ A6FCFE1F691B4A4D266F5D487FADB9FE, 2135D0C13C1295A2F76885E380CD72CB71CEB8E0D9F1C183A35935B27737D423 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
13:03:47.0040 0x3280 WPDBusEnum - ok
13:03:47.0082 0x3280 [ 37DCE976B3935380F2F6E39ABB6BF40D, B14E875F6D6503DF0DB6D9D2363316073AEEF394D830EA2270A0DCDA56E1CEC4 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
13:03:47.0092 0x3280 WpdUpFltr - ok
13:03:47.0139 0x3280 [ 80F0154FD4293E562D54E97811E03499, EDE920F7F95EFBE542FE3CE066B6F7CDE3B9A37DDF3411DC86EACE9EEF294C1D ] WpnService C:\WINDOWS\system32\WpnService.dll
13:03:47.0226 0x3280 WpnService - ok
13:03:47.0267 0x3280 [ 3CD22DD5A790CF7C24D65455E565EA83, 49DB06DF6F38940E7F8691C16586A78BB20E702FD48A34E50987C06B08BDF4DB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
13:03:47.0291 0x3280 ws2ifsl - ok
13:03:47.0335 0x3280 [ EBA916109A176714E6A7BD152387F13C, 7B38B1708B83271ADA8D1CEC7F5F0A75C7F2572185C0961EFC749D5DF16A03F0 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
13:03:47.0366 0x3280 wscsvc - ok
13:03:47.0370 0x3280 WSearch - ok
13:03:47.0468 0x3280 [ 9EB85802AB625970E05879D15DE56335, B7DCE5E1924A5CEE76CC07FF3B8CEDBBD0DDBB4C4ED0A3BFB8D1ABCAD7C0AA23 ] WSService C:\WINDOWS\System32\WSService.dll
13:03:47.0604 0x3280 WSService - ok
13:03:47.0699 0x3280 [ A2C3482A6535792F5DD22C144261B170, 6C47BFD03E81C7998CF14AFC8CB850C2951D60FAFD4DB244AFBAF938F6A3B7AA ] wuauserv C:\WINDOWS\system32\wuaueng.dll
13:03:47.0883 0x3280 wuauserv - ok
13:03:47.0915 0x3280 [ 835F60262E7E310080EA05F6752BF248, 3010B731DF3D52B56EA16FD29B66F5D3AB9412E49CA4C547BAAECA3225C5DC40 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
13:03:47.0939 0x3280 WudfPf - ok
13:03:47.0987 0x3280 [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
13:03:48.0023 0x3280 WUDFRd - ok
13:03:48.0074 0x3280 [ 44CF3130AEC8914705487C4AEF756A19, 30B09E32DEC02141F9B99ED012E441056C1663A72E4130EF4221ECC0ED87BF4B ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
13:03:48.0098 0x3280 wudfsvc - ok
13:03:48.0170 0x3280 [ E818494D2C23282CCAA4EB4C0FCCF138, 6F975AF4DECB39D09DA8945473C69ECD451AB83039742FFC95D839EA29827B90 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
13:03:48.0299 0x3280 WwanSvc - ok
13:03:48.0358 0x3280 [ 9BDC2AFCEF4CF1C630D728DE1DBD495A, 5CE19974380CCEC46C181315B349E9A7CE757E19118EC5978A2293D63268BA66 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
13:03:48.0400 0x3280 XblAuthManager - ok
13:03:48.0426 0x3280 [ 3EDB6162310EA223890C2DF44C68358B, 12053291809CA9C38A30EA4B2DE7115F535531F0925220C63B0312979F9CC707 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
13:03:48.0521 0x3280 XblGameSave - ok
13:03:48.0545 0x3280 [ 30021D1E0407B71E8D5D4F8DAE4E656A, EE2E366A1CC033C068176C7E9F876FFA0EF86A15A482B6964E170DE863CFF542 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
13:03:48.0627 0x3280 xboxgip - ok
13:03:48.0682 0x3280 [ 729B70C81F207541BC6A4ABAE3A8D594, 31F9BC41169D28B397C0D988C367C32FA9A95289E68AB8F38061DA478752A765 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
13:03:48.0789 0x3280 XboxNetApiSvc - ok
13:03:48.0809 0x3280 [ 6851673B90D8CB332439E0339F81A6B6, 4E95F1A63E6DD58BB5BD6FC1D9784837D5E6F5BCF870C7ECC92DCA1AF20B6A4C ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
13:03:48.0860 0x3280 xinputhid - ok
13:03:48.0917 0x3280 [ CA8CEE913C0B177F85DDDB16622563C5, 46E389A2AE66AC238C965C663C9FBCA4CB6819AD61CBDAD98EE3405E0CC754CE ] YSearchUtilSvc C:\Program Files (x86)\Yahoo!\yset\{B8C70ACD-7042-6049-B8D8-12AFF758073A}\YSearchUtilSvc.exe
13:03:48.0926 0x3280 YSearchUtilSvc - ok
13:03:48.0926 0x3280 ================ Scan global ===============================
13:03:48.0972 0x3280 [ C6BC6E49A7F76AA2BBA58CD08196755F, D02B6B285899E966D19323566A4780D51303D00E66674D7FF4B61991430A69A6 ] C:\WINDOWS\system32\basesrv.dll
13:03:49.0023 0x3280 [ 70EC9717DC3A1CDF79C703A145E0E5B7, D5ABF42063DFF799FD4099D8A347256CC79B89582B987B3DEE240AFA5BA421BE ] C:\WINDOWS\system32\winsrv.dll
13:03:49.0073 0x3280 [ F435AFA375ACBAEE44324DD464EDCC11, 815DE470439AE5D96348BEBF971A14FBDCA1D36F31CA0D25F69E5F41817D43D5 ] C:\WINDOWS\system32\sxssrv.dll
13:03:49.0091 0x3280 [ BB3D8E1C108F7244613FF3993291A922, 1642AF23F200D46F54239C3BA743F1D5ADDC6A32D5F6481264D0C1D7F3E9D533 ] C:\WINDOWS\system32\services.exe
13:03:49.0098 0x3280 [ Global ] - ok
13:03:49.0099 0x3280 ================ Scan MBR ==================================
13:03:49.0110 0x3280 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:03:49.0187 0x3280 \Device\Harddisk0\DR0 - ok
13:03:49.0187 0x3280 ================ Scan VBR ==================================
13:03:49.0218 0x3280 [ EEDA77E72D1DC409785370764A7EF6C2 ] \Device\Harddisk0\DR0\Partition1
13:03:49.0234 0x3280 \Device\Harddisk0\DR0\Partition1 - ok
13:03:49.0249 0x3280 [ DDA67136E3671C5E2B2178388AEE2EFB ] \Device\Harddisk0\DR0\Partition2
13:03:49.0260 0x3280 \Device\Harddisk0\DR0\Partition2 - ok
13:03:49.0270 0x3280 [ BE8FE5389A153F6BF3ECC293F604C397 ] \Device\Harddisk0\DR0\Partition3
13:03:49.0270 0x3280 \Device\Harddisk0\DR0\Partition3 - ok
13:03:49.0285 0x3280 [ CA535759C9507FC91DEF1247448C039E ] \Device\Harddisk0\DR0\Partition4
13:03:49.0299 0x3280 \Device\Harddisk0\DR0\Partition4 - ok
13:03:49.0327 0x3280 [ 16373F986529EEFFB9CB33EF14C9E23A ] \Device\Harddisk0\DR0\Partition5
13:03:49.0341 0x3280 \Device\Harddisk0\DR0\Partition5 - ok
13:03:49.0362 0x3280 [ 447E185D48785B0F74A10C6EF9E8965F ] \Device\Harddisk0\DR0\Partition6
13:03:49.0375 0x3280 \Device\Harddisk0\DR0\Partition6 - ok
13:03:49.0376 0x3280 ================ Scan generic autorun ======================
13:03:49.0817 0x3280 [ 65E8545F1297CD83534C354A7BED1848, 19B3F3C17A335837454DC1851C6436D0BB2D8B1595AEB4DC71265FB20868B48F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
13:03:50.0060 0x3280 RTHDVCPL - ok
13:03:50.0122 0x3280 [ 97BB6425C86F46C2B21E0861421B6AE5, F8438C726672B20690B4CACA1E62C0D2460E5E886761E836CB56F221A348F72A ] C:\WINDOWS\system32\igfxtray.exe
13:03:50.0137 0x3280 IgfxTray - ok
13:03:50.0139 0x3280 HotKeysCmds - ok
13:03:50.0140 0x3280 Persistence - ok
13:03:50.0219 0x3280 [ B7BCA8A30CE13A283CDBDECEF5616C39, C734A8C3633653E0C903E7F14F574DEED763613F9E6A5CE7862D547CAE9AEDDB ] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
13:03:50.0226 0x3280 ACMON - ok
13:03:50.0300 0x3280 [ 7C92202C43FF457EF2CEE7301973E3BA, DD89F47243DC84CBCDA6624A1CCEC22822EA4F3B8B75260D062713AB22A03FF4 ] C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
13:03:50.0390 0x3280 Samsung Link - ok
13:03:50.0473 0x3280 [ 320681DF28D82CDCA7E3EED0846625DB, 7F709ADFB0FE36BEC857A928E9CB29BB5B6C0BAD98824D0302C7BB7185100CB9 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
13:03:50.0488 0x3280 AdobeAAMUpdater-1.0 - ok
13:03:50.0565 0x3280 [ 02A27FC0972181EF743160BE9F62F2B4, 0E5B5684E892B1CE83C8A50A23F8478E8D01E2DD283337B5B263FDA4C2654E9F ] C:\Program Files\iTunes\iTunesHelper.exe
13:03:50.0573 0x3280 iTunesHelper - ok
13:03:50.0611 0x3280 [ E97140424C378ACBD47DF493A6AB7235, 00F26F670AD6B03C465C4FC834DC993B551B8A8E73B603FE7B9CFFA893094A3D ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
13:03:50.0618 0x3280 Adobe Reader Speed Launcher - ok
13:03:50.0676 0x3280 [ FE821F6FA60E9DF9FDEE69A23488BBAB, 98D9926152FDA45705F5E208D7236E467CAEEF83D756A14B4104EBF804644B29 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
13:03:50.0703 0x3280 Adobe ARM - ok
13:03:50.0742 0x3280 [ B7995C675014EEBE77A0BEB7AFCCFC08, 41D186C63273301CF0A1C1EE7B6EB0BB75A251DD441532C5CEB7A4095FB103CD ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
13:03:50.0749 0x3280 RemoteControl10 - ok
13:03:50.0873 0x3280 [ FF3ADE2620DD221C3E011DC614EA71EF, 572A0D40E30A1F8B2121B5B4AE9B46301CEF0E370318EAF1F8FC7916DE7470F2 ] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe
13:03:51.0054 0x3280 ASUSWebStorage - ok
13:03:51.0129 0x3280 [ 35048D8E8A0BF7A797CD5757ACD7EED0, 890FCF24869614B3990B575A588ECB35C25A5B896F21BF9C66D43C93787FDD7A ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
13:03:51.0136 0x3280 CLMLServer - ok
13:03:51.0230 0x3280 [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
13:03:51.0237 0x3280 GrooveMonitor - ok
13:03:51.0321 0x3280 [ 28DEF0EFB36D172EAA5A08EB09CF75DF, 62D07A28167AEBFB9511830BFBBEAAB17CC24D57FF8D07F1414D921135BC9024 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
13:03:51.0343 0x3280 avgnt - ok
13:03:51.0365 0x3280 [ 5603A481CDEFF6733EA1759384117A61, 79189E198675D4B3B2E91C737AB596264FE15C16A54512D1117C70729CE88546 ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
13:03:51.0383 0x3280 Cisco AnyConnect Secure Mobility Agent for Windows - ok
13:03:51.0450 0x3280 [ F2BC40E35AB242AA27BCD8FBA9D0B5CB, 4F89E1F57E8E4897D1614DAA852B0CBF7C1FD705641895E874C52377DC3F3403 ] C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
13:03:51.0458 0x3280 Avira Systray - ok
13:03:51.0530 0x3280 [ 4F9DD96AECDC12373D4203253D665C6D, 871FF2367ACD5F9A378FED53574BF28A8129224C4B7C4AF074809ED7CF870904 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
13:03:51.0542 0x3280 SunJavaUpdateSched - ok
13:03:51.0815 0x3280 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:03:52.0065 0x3280 OneDriveSetup - ok
13:03:52.0271 0x3280 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:03:52.0492 0x3280 OneDriveSetup - ok
13:03:52.0760 0x3280 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:03:52.0978 0x3280 OneDriveSetup - ok
13:03:53.0077 0x3280 [ 9615F77B42907587DEBD6CA487317830, 71CB9484D079BCAD70C69D50C188A8BC07A3ED6D7EB90BE2749859E506FE696D ] C:\Program Files (x86)\Windows Mail\wab.exe
13:03:53.0151 0x3280 WAB Migrate - ok
13:03:53.0240 0x3280 [ 4016CE43255F0BE4FBE4A54F4500B021, 125A4BA4F0EF844F8320829ECED5D5CB1503A066E0D1A9D17702220F4C32F1E3 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
13:03:53.0247 0x3280 iCloudDrive - ok
13:03:53.0478 0x3280 [ 005B2B63719E6B3E8E2E1446A9278F8E, 0A34046B0205A2FEEE5E2867765D171D7BA420A1527E49472A35B484219BD377 ] C:\Users\Kris\AppData\Roaming\Spotify\SpotifyWebHelper.exe
13:03:53.0530 0x3280 Spotify Web Helper - ok
13:03:53.0642 0x3280 [ F820401D0D2754C3A78C707927058A41, EF7544448D6AD8C8B41F71E767101ABF7A496B84130CFCD9004836F46C1D7D18 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
13:03:53.0662 0x3280 GoogleChromeAutoLaunch_3E81765752FF83C4DA6B3E36D2D9EEDD - ok
13:03:53.0791 0x3280 [ 1036A5756F04CBA6C7F01DEEEECF8AC6, A753557051177A292C07E936952558E266A3038FC60C324EDF7333B32E635F19 ] C:\Program Files (x86)\Adguard\Adguard.exe
13:03:53.0831 0x3280 Adguard - ok
13:03:54.0045 0x3280 [ 1714D2B9D03CD71541AFD1FA0ED23759, B8CA2496B250A5257BEF290445FC998560317D9851A0D75CE9BBA4243D002CD5 ] C:\Users\Kris\AppData\Roaming\Spotify\spotify.exe
13:03:54.0193 0x3280 Spotify - ok
13:03:54.0402 0x3280 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:03:54.0645 0x3280 OneDriveSetup - ok
13:03:54.0721 0x3280 [ 9615F77B42907587DEBD6CA487317830, 71CB9484D079BCAD70C69D50C188A8BC07A3ED6D7EB90BE2749859E506FE696D ] C:\Program Files (x86)\Windows Mail\wab.exe
13:03:54.0749 0x3280 WAB Migrate - ok
13:03:54.0750 0x3280 Waiting for KSN requests completion. In queue: 264
13:03:55.0751 0x3280 Waiting for KSN requests completion. In queue: 264
13:03:56.0751 0x3280 Waiting for KSN requests completion. In queue: 264
13:03:57.0762 0x3280 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.12.402 ), 0x40000 ( disabled : updated )
13:03:57.0780 0x3280 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.10240.16384 ), 0x61100 ( enabled : updated )
13:03:57.0788 0x3280 Win FW state via NFP2: enabled ( trusted )
13:04:00.0143 0x3280 ============================================================
13:04:00.0143 0x3280 Scan finished
13:04:00.0143 0x3280 ============================================================
13:04:00.0150 0x329c Detected object count: 0
13:04:00.0150 0x329c Actual detected object count: 0
13:04:16.0671 0x29ec Deinitialize success
|
|
15.08.2015, 06:07
| #8 |
| /// the machine /// TB-Ausbilder | Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.08.2015, 13:48
| #9 |
| | Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem Adw Cleaner Code:
ATTFilter # AdwCleaner v4.201 - Bericht erstellt 16/08/2015 um 14:16:27
# Aktualisiert 08/04/2015 von Xplode
# Datenbank : 2015-08-16.1 [Server]
# Betriebssystem : Windows 10 Home (x64)
# Benutzername : Kris - MUEEMUII
# Gestarted von : C:\Users\Kris\Desktop\adwcleaner_4.201 (1).exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
Ordner Gelöscht : C:\Users\Kris\AppData\Local\YSearchUtil
***** [ Geplante Tasks ] *****
Task Gelöscht : simplitec Power Suite
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo
Schlüssel Gelöscht : HKCU\Software\OCS
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.10240.16412
-\\ Mozilla Firefox v
-\\ Google Chrome v44.0.2403.155
*************************
AdwCleaner[R0].txt - [11873 Bytes] - [10/03/2014 21:10:12]
AdwCleaner[R1].txt - [1949 Bytes] - [18/05/2014 19:37:26]
AdwCleaner[R2].txt - [1554 Bytes] - [09/07/2014 19:37:47]
AdwCleaner[R3].txt - [1814 Bytes] - [22/11/2014 16:28:27]
AdwCleaner[R4].txt - [2133 Bytes] - [21/03/2015 17:31:22]
AdwCleaner[R5].txt - [3573 Bytes] - [09/04/2015 11:28:52]
AdwCleaner[R6].txt - [2964 Bytes] - [18/04/2015 21:57:34]
AdwCleaner[R7].txt - [2965 Bytes] - [18/04/2015 21:58:04]
AdwCleaner[R8].txt - [2906 Bytes] - [19/04/2015 20:44:40]
AdwCleaner[R9].txt - [2050 Bytes] - [16/08/2015 14:13:23]
AdwCleaner[S0].txt - [10400 Bytes] - [10/03/2014 21:11:47]
AdwCleaner[S1].txt - [2010 Bytes] - [18/05/2014 19:40:25]
AdwCleaner[S2].txt - [1875 Bytes] - [22/11/2014 16:33:48]
AdwCleaner[S3].txt - [2138 Bytes] - [21/03/2015 17:35:13]
AdwCleaner[S4].txt - [3024 Bytes] - [18/04/2015 21:58:56]
AdwCleaner[S5].txt - [2965 Bytes] - [19/04/2015 20:45:51]
AdwCleaner[S6].txt - [1924 Bytes] - [16/08/2015 14:16:27]
########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [1983 Bytes] ##########
JRT Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.6 (08.10.2015:1)
OS: Windows 10 Home x64
Ran by Kris on 16.08.2015 at 14:32:30,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_3E81765752FF83C4DA6B3E36D2D9EEDD
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] C:\Users\Kris\AppData\Roaming\my_intel.sys
Successfully deleted: [File] C:\Users\Kris\AppData\Roaming\sp_data.sys
Successfully deleted: [File] C:\Users\Kris\Appdata\Local\google\chrome\user data\default\local storage\hxxp_lyrics.wikia.com_0.localstorage
Successfully deleted: [File] C:\Users\Kris\Appdata\Local\google\chrome\user data\default\local storage\hxxp_lyrics.wikia.com_0.localstorage-journal
~~~ Folders
~~~ Chrome
[C:\Users\Kris\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Kris\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Kris\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Kris\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.08.2015 at 14:36:36,18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:12-08-2015
durchgeführt von Kris (Administrator) auf MUEEMUII (16-08-2015 14:42:05)
Gestartet von C:\Users\Kris\Desktop
Geladene Profile: Kris (Verfügbare Profile: UpdatusUser & Kris & Gast)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe"
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [600928 2014-03-13] (Copyright 2013 SAMSUNG)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-08-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2014-03-12] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation)
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [Spotify Web Helper] => C:\Users\Kris\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-07] (Spotify Ltd)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [Spotify] => C:\Users\Kris\AppData\Roaming\Spotify\spotify.exe [7675448 2015-08-07] (Spotify Ltd)
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [GoogleChromeAutoLaunch_3E81765752FF83C4DA6B3E36D2D9EEDD] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-08] (Google Inc.)
HKU\S-1-5-18\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177088 2015-07-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-13] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-10-13]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-09]
ShortcutTarget: Dropbox.lnk -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP64E0EB6E-F346-4327-B53C-93E520419F5B&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002 -> {5548B853-707A-48C9-B81C-7B6F5BAFE839} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-11] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-11] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-10-31] (RealPlayer)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-11] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-11] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{e85dc7f5-fdb6-417a-a0e3-22ed0cc4fa99}: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2012-10-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-11] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-11] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2012-10-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2012-10-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2012-10-31] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002: @citrixonline.com/appdetectorplugin -> C:\Users\Kris\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-05-09] (Citrix Online)
FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll Keine Datei
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-10-31]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR Profile: C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adguard AdBlocker) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2015-03-22]
CHR Extension: (YouTube) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-26]
CHR Extension: (Adblock Plus) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-11-13]
CHR Extension: (Adblock for Youtube™) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2015-03-22]
CHR Extension: (FB Auto-Poker) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmhccgdbmajoblcbfbgmhnpiecmjiadh [2012-11-14]
CHR Extension: (Google Search) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-26]
CHR Extension: (PanicButton) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm [2012-11-14]
CHR Extension: (iCloud Bookmarks) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2015-07-07]
CHR Extension: (Avira Browser Safety) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-04-19]
CHR Extension: (FoxyProxy Standard) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp [2012-11-14]
CHR Extension: (Hide My AdBlocker) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihcngphjjankfngmgdkihhngndcdflc [2015-04-19]
CHR Extension: (Spotify Chrome Extension) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbjmlahipheaaghllkabfkpolljilkjb [2012-11-14]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-03-22]
CHR Extension: (Speed Dial 3™) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfgjjcbbihjnpdommbepdkpfnkkapnbh [2015-03-22]
CHR Extension: (Stealthy) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2012-11-14]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-10-31]
CHR Extension: (Adblock Super) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-03-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2015-03-22]
CHR Extension: (Ghostery) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-02-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Psykopaint) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2013-02-28]
CHR Extension: (Gmail) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-26]
CHR Extension: (SoundCloud Storm) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\plkfceapbcmjkgdffihdaebnfblcjfbf [2012-11-14]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-10-31]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-08-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-08-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-08-03] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-08-03] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-07-10] (Microsoft Corporation)
S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-07-10] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [808856 2015-08-07] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [510976 2015-08-07] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [27136 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [267776 2015-07-10] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [193024 2015-07-10] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [87040 2015-07-10] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [275456 2015-07-10] (Microsoft Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [148992 2015-08-07] (Microsoft Corporation)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328608 2015-07-30] (Intel Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-07-10] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [21504 2015-07-10] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-07-10] (Microsoft Corporation)
S2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [296960 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R2 OneSyncSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [289280 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [988672 2015-08-03] (Microsoft Corporation)
S2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [609632 2014-03-13] (Copyright 2013 SAMSUNG)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1031680 2015-08-07] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2674176 2015-07-10] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2049024 2015-07-10] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1203200 2015-08-07] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [925696 2015-08-07] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UnistoreSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1420288 2015-07-30] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
R3 UserDataSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [504320 2015-07-10] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [918016 2015-07-10] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1149440 2015-07-10] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1019392 2015-07-10] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 adgnetworktdidrv; C:\Windows\System32\drivers\adgnetworktdidrv.sys [61432 2015-06-02] ()
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4325544 2015-06-26] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2015-07-28] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137288 2015-08-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-08-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys [39936 2015-07-10] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3436896 2015-07-10] (QLogic Corporation)
R2 EkaProt6; C:\Windows\system32\DRIVERS\ekaprot6.sys [27288 2012-03-23] (Ekahau Inc.)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] ()
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83968 2015-07-10] (Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2015-07-10] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-07-10] (Microsoft Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424800 2015-07-10] (Mellanox)
S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [26624 2015-07-10] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705376 2015-07-10] (Mellanox)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76128 2015-07-10] (Mellanox)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-07-08] (Realsil Semiconductor Corporation)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61952 2015-07-10] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys [17760 2015-07-10] (Microsoft Corporation)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [61952 2015-07-10] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [46080 2015-08-07] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [52592 2014-03-12] (Cisco Systems, Inc.)
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106520 2015-07-10] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2015-07-10] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [26976 2015-07-10] (Mellanox)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59232 2015-07-10] (Mellanox)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [222720 2015-07-10] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
NETSVC: dosvc -> C:\Windows\system32\dosvc.dll (Microsoft Corporation)
NETSVC: DcpSvc -> C:\Windows\system32\dcpsvc.dll (Microsoft Corporation)
NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation)
NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation)
NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation)
NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation)
NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)
NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation)
NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
NETSVC: RetailDemo -> C:\Windows\system32\RDXService.dll (Microsoft Corporation)
NETSVCx32: NetSetupSvc -> C:\Windows\SysWOW64\NetSetupSvc.dll ==> Keine Datei
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> Keine Datei
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-16 14:36 - 2015-08-16 14:36 - 00001651 _____ C:\Users\Kris\Desktop\JRT.txt
2015-08-16 14:32 - 2015-08-16 14:32 - 01791580 _____ (Malwarebytes Corporation) C:\Users\Kris\Desktop\JRT.exe
2015-08-16 14:25 - 2015-08-16 14:25 - 00002063 _____ C:\Users\Kris\Desktop\AdwCleaner[S6].txt
2015-08-16 14:22 - 2015-08-16 14:22 - 00016148 _____ C:\WINDOWS\system32\MUEEMUII_Kris_HistoryPrediction.bin
2015-08-16 02:28 - 2015-08-12 10:57 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-16 02:28 - 2015-08-12 10:22 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-14 19:04 - 2015-08-16 14:25 - 00001865 _____ C:\Users\Kris\Desktop\chrome - Verknüpfung.lnk
2015-08-14 18:51 - 2015-08-14 18:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2015-08-14 18:51 - 2015-08-14 18:51 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-08-14 18:51 - 2015-08-14 18:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-08-14 18:50 - 2015-08-14 18:50 - 02865192 _____ (Malwarebytes ) C:\Users\Kris\Downloads\mbae-setup-1.07.1.1015.exe
2015-08-14 18:50 - 2015-08-14 18:50 - 02865192 _____ (Malwarebytes ) C:\Users\Kris\Desktop\mbae-setup-1.07.1.1015 (1).exe
2015-08-14 15:54 - 2015-08-16 14:25 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2015-08-14 13:00 - 2015-08-14 13:00 - 04383777 _____ C:\Users\Kris\Desktop\tdsskiller31.zip
2015-08-14 12:59 - 2015-08-14 12:59 - 01199392 _____ C:\Users\Kris\Desktop\TDSSKiller - CHIP-Installer.exe
2015-08-14 12:02 - 2015-08-14 18:56 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-14 11:54 - 2015-08-14 13:06 - 00000000 ____D C:\Users\Kris\Desktop\mbar
2015-08-14 11:51 - 2015-08-14 11:54 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Kris\Desktop\mbar-1.09.1.1004.exe
2015-08-13 16:07 - 2015-08-13 16:07 - 00003628 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
2015-08-13 16:06 - 2015-08-13 16:06 - 00065456 _____ C:\WINDOWS\system32\ASGCoInstaller_x64.dll
2015-08-13 15:52 - 2015-08-13 15:52 - 00020966 _____ C:\Users\Kris\Desktop\FRST.rar
2015-08-13 15:15 - 2015-08-13 15:15 - 00931408 _____ (Google Inc.) C:\Users\Kris\Downloads\ChromeSetup.exe
2015-08-13 15:15 - 2015-08-13 15:15 - 00002330 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-13 14:59 - 2015-08-13 14:59 - 00281672 _____ C:\WINDOWS\Minidump\081315-24453-01.dmp
2015-08-13 14:55 - 2015-08-13 15:00 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2015-08-13 14:53 - 2015-08-13 15:04 - 00000000 ____D C:\WINDOWS\pss
2015-08-13 14:27 - 2015-08-13 14:27 - 00309880 _____ C:\WINDOWS\Minidump\081315-37734-01.dmp
2015-08-13 14:26 - 2015-08-13 14:26 - 00003556 _____ C:\WINDOWS\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-13 14:26 - 2015-08-13 14:26 - 00003496 _____ C:\WINDOWS\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-13 14:06 - 2015-08-13 14:59 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-13 14:06 - 2015-08-13 14:06 - 00314784 _____ C:\WINDOWS\Minidump\081315-50421-01.dmp
2015-08-13 14:05 - 2015-08-13 14:59 - 453504137 _____ C:\WINDOWS\MEMORY.DMP
2015-08-13 13:59 - 2015-08-13 14:01 - 00380416 _____ C:\Users\Kris\Desktop\Gmer-19357.exe
2015-08-13 13:54 - 2015-08-13 15:49 - 00081290 _____ C:\Users\Kris\Desktop\Addition.txt
2015-08-13 13:52 - 2015-08-16 14:42 - 00035745 _____ C:\Users\Kris\Desktop\FRST.txt
2015-08-13 13:52 - 2015-08-13 13:52 - 02173952 _____ (Farbar) C:\Users\Kris\Desktop\FRST64.exe
2015-08-13 13:47 - 2015-08-13 13:47 - 00000470 _____ C:\Users\Kris\Desktop\defogger_disable.log
2015-08-13 13:47 - 2015-08-13 13:47 - 00000000 _____ C:\Users\Kris\defogger_reenable
2015-08-13 13:46 - 2015-08-13 13:46 - 00050477 _____ C:\Users\Kris\Desktop\Defogger (1).exe
2015-08-12 17:13 - 2015-08-12 17:13 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-08-11 20:56 - 2015-08-08 09:30 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-11 20:56 - 2015-08-08 09:29 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-11 20:56 - 2015-08-08 09:19 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-08-11 20:56 - 2015-08-08 09:01 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-11 20:56 - 2015-08-08 08:48 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-11 20:56 - 2015-08-08 08:40 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-11 20:56 - 2015-08-08 08:24 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-11 20:56 - 2015-08-08 08:24 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-11 20:56 - 2015-08-08 08:22 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-11 20:56 - 2015-08-08 08:21 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-08-11 20:56 - 2015-08-08 08:15 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-11 20:56 - 2015-08-08 08:00 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-11 20:56 - 2015-08-06 05:18 - 00290768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-11 20:56 - 2015-08-06 05:17 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2015-08-11 20:56 - 2015-08-06 05:17 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2015-08-11 20:56 - 2015-08-06 04:36 - 21874176 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-11 20:56 - 2015-08-06 04:22 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2015-08-11 20:56 - 2015-08-06 04:03 - 18805248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-11 20:56 - 2015-08-05 06:49 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-11 20:56 - 2015-08-05 06:29 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-11 20:56 - 2015-08-05 06:03 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-11 20:56 - 2015-08-05 06:00 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-08-11 20:56 - 2015-08-05 05:54 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-11 20:56 - 2015-08-05 05:47 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-11 20:56 - 2015-08-05 05:47 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-08-11 20:56 - 2015-08-05 05:43 - 01916416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-11 20:56 - 2015-08-05 05:39 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-08-11 20:56 - 2015-08-04 06:08 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-11 20:56 - 2015-08-04 06:07 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-11 20:56 - 2015-08-04 06:06 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-08-11 20:56 - 2015-08-04 06:06 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-11 20:56 - 2015-08-04 05:50 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-11 20:56 - 2015-08-04 05:23 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2015-08-11 20:56 - 2015-08-04 05:21 - 16709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-11 20:56 - 2015-08-04 05:10 - 13025792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-11 20:56 - 2015-08-04 04:59 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-11 20:56 - 2015-08-04 04:47 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-11 20:56 - 2015-08-03 04:32 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2015-08-11 20:56 - 2015-08-03 04:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2015-08-11 20:56 - 2015-08-03 04:19 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-11 20:56 - 2015-08-03 04:19 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-11 20:56 - 2015-08-03 04:18 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-08-11 20:56 - 2015-08-03 04:18 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-11 20:56 - 2015-08-03 04:18 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-11 20:56 - 2015-08-03 04:18 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2015-08-11 20:56 - 2015-08-03 04:17 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-11 20:56 - 2015-08-03 04:17 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2015-08-11 20:56 - 2015-08-03 04:13 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-11 20:56 - 2015-08-03 04:12 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-11 20:56 - 2015-08-03 03:56 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-08-11 20:56 - 2015-08-03 03:50 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-11 20:56 - 2015-08-03 03:49 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-11 20:56 - 2015-08-03 03:31 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-11 20:56 - 2015-08-03 03:30 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-11 20:56 - 2015-08-03 03:24 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-11 20:56 - 2015-08-03 03:24 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-11 20:56 - 2015-08-03 03:24 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-11 20:56 - 2015-08-03 03:24 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-11 20:56 - 2015-08-03 03:23 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-11 20:56 - 2015-08-03 03:23 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-11 20:56 - 2015-08-03 03:22 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-11 20:56 - 2015-08-03 03:22 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-08-11 20:56 - 2015-08-03 03:22 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-08-11 20:56 - 2015-08-03 03:22 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2015-08-11 20:56 - 2015-08-03 03:21 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2015-08-11 20:56 - 2015-08-03 03:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-11 20:56 - 2015-08-03 03:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-11 20:56 - 2015-08-03 03:18 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-11 20:56 - 2015-08-03 03:18 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-11 20:56 - 2015-08-03 03:18 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-11 20:56 - 2015-08-03 03:18 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2015-08-11 20:56 - 2015-08-03 03:15 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-11 20:56 - 2015-08-03 03:15 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-11 20:56 - 2015-08-03 03:15 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-11 20:56 - 2015-08-03 03:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-11 20:56 - 2015-08-03 03:15 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-11 20:56 - 2015-08-03 03:15 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2015-08-11 20:56 - 2015-08-03 03:14 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-08-11 20:56 - 2015-08-03 03:14 - 00247808 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-11 20:56 - 2015-08-03 03:12 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-11 20:56 - 2015-08-03 03:12 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-11 20:56 - 2015-08-03 03:12 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-11 20:56 - 2015-08-03 03:12 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-11 20:56 - 2015-08-03 03:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-11 20:56 - 2015-08-03 03:11 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2015-08-11 20:56 - 2015-08-03 03:11 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-08-11 20:56 - 2015-08-03 03:10 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-11 20:56 - 2015-08-03 03:06 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-11 20:56 - 2015-08-03 03:03 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-11 20:56 - 2015-08-03 03:02 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-11 20:56 - 2015-08-03 03:02 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-08-11 20:56 - 2015-08-03 03:01 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-11 20:56 - 2015-08-03 03:00 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-11 20:56 - 2015-08-03 02:59 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-08-11 04:31 - 2015-08-11 04:31 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-10 17:48 - 2015-08-10 17:48 - 00000000 ____D C:\Users\Kris\AppData\Local\MicrosoftEdge
2015-08-10 17:41 - 2015-08-16 02:20 - 00002397 _____ C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-08-10 17:01 - 2015-08-10 17:01 - 00000000 ____D C:\Users\Kris\AppData\Local\NetworkTiles
2015-08-09 16:37 - 2015-08-09 16:37 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-08-08 12:18 - 2015-07-30 08:24 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-08-08 12:18 - 2015-07-30 08:23 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-08-08 12:18 - 2015-07-30 08:21 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-08-08 12:18 - 2015-07-30 08:17 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-08-08 12:18 - 2015-07-30 08:17 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-08-08 12:18 - 2015-07-30 08:16 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-08-08 12:18 - 2015-07-30 08:14 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-08-08 12:18 - 2015-07-30 08:09 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-08-08 12:18 - 2015-07-30 08:06 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-08-08 12:18 - 2015-07-30 08:05 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-08 12:18 - 2015-07-30 08:05 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-08-08 12:18 - 2015-07-30 08:04 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-08 12:18 - 2015-07-30 08:03 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-08-08 12:18 - 2015-07-30 07:24 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-08-08 12:18 - 2015-07-30 06:29 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-08-08 12:18 - 2015-07-30 06:26 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-08-08 12:18 - 2015-07-30 06:26 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-08-08 12:18 - 2015-07-30 06:25 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-08-08 12:18 - 2015-07-30 06:25 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-08-08 12:18 - 2015-07-30 06:24 - 01769056 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-08 12:18 - 2015-07-30 06:24 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-08-08 12:18 - 2015-07-30 06:24 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-08-08 12:18 - 2015-07-30 06:22 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-08-08 12:18 - 2015-07-30 06:22 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-08-08 12:18 - 2015-07-30 06:21 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-08 12:18 - 2015-07-30 06:12 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-08-08 12:18 - 2015-07-30 06:12 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-08-08 12:18 - 2015-07-30 06:08 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-08 12:18 - 2015-07-30 06:08 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2015-08-08 12:18 - 2015-07-30 05:52 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-08 12:18 - 2015-07-30 05:52 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-08-08 12:18 - 2015-07-30 05:52 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-08-08 12:18 - 2015-07-30 05:49 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-08-08 12:18 - 2015-07-30 05:49 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-08 12:18 - 2015-07-30 05:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-08-08 12:18 - 2015-07-30 05:46 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-08 12:18 - 2015-07-30 05:46 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-08-08 12:18 - 2015-07-30 05:44 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-08 12:18 - 2015-07-30 05:44 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-08-08 12:18 - 2015-07-30 05:44 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-08-08 12:18 - 2015-07-30 05:42 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-08-08 12:18 - 2015-07-30 05:41 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-08-08 12:18 - 2015-07-30 05:40 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-08-08 12:18 - 2015-07-30 05:38 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-08-08 12:18 - 2015-07-30 05:34 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-08-08 12:18 - 2015-07-30 05:29 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-08-08 12:18 - 2015-07-30 05:15 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-08-08 12:18 - 2015-07-30 05:10 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-08 12:18 - 2015-07-30 05:06 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-08 12:18 - 2015-07-30 05:04 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-08-08 12:18 - 2015-07-30 05:04 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-08-08 12:18 - 2015-07-30 04:59 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-08-08 12:18 - 2015-07-30 04:58 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-08-08 12:17 - 2015-07-30 08:15 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-08-08 12:17 - 2015-07-30 06:42 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-08 12:17 - 2015-07-30 06:24 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-08-08 12:17 - 2015-07-30 06:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-08-08 12:17 - 2015-07-30 06:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-08-08 12:17 - 2015-07-30 05:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-08-08 12:17 - 2015-07-30 05:49 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-08 12:17 - 2015-07-30 05:46 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-08-08 12:17 - 2015-07-30 05:45 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-08-08 12:17 - 2015-07-30 05:45 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-08-08 12:17 - 2015-07-30 05:44 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-08-08 12:17 - 2015-07-30 05:44 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-08-08 12:17 - 2015-07-30 05:44 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
2015-08-08 12:17 - 2015-07-30 05:41 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-08-08 12:17 - 2015-07-30 05:38 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-08-08 12:17 - 2015-07-30 05:10 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-08 12:17 - 2015-07-30 05:07 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2015-08-08 12:17 - 2015-07-30 05:06 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-08-08 12:17 - 2015-07-30 05:06 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2015-08-08 12:17 - 2015-07-30 05:06 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
2015-08-08 11:58 - 2015-08-08 11:58 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-08-08 11:40 - 2015-08-08 11:45 - 00000000 ____D C:\ProgramData\AsusMissionManagerIni
2015-08-08 10:49 - 2015-08-08 10:49 - 00000000 ____D C:\Users\Kris\AppData\Local\Publishers
2015-08-08 10:21 - 2015-08-08 10:23 - 00000000 ____D C:\Users\Kris\AppData\Local\Comms
2015-08-08 10:17 - 2015-08-08 10:17 - 00000000 ____D C:\Users\Kris\AppData\Local\TileDataLayer
2015-08-08 10:16 - 2015-08-08 10:16 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-08-08 10:15 - 2015-08-08 10:15 - 00000020 ___SH C:\Users\Kris\ntuser.ini
2015-08-08 04:15 - 2015-08-13 16:07 - 00067354 _____ C:\WINDOWS\DPINST.LOG
2015-08-08 04:09 - 2015-08-10 17:14 - 00000000 ____D C:\ProgramData\SetupTPDriver
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-08-07 21:57 - 2015-08-07 21:06 - 00000000 __SHD C:\Recovery
2015-08-07 21:56 - 2015-08-08 03:30 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-07 21:54 - 2015-08-07 21:54 - 00000000 ____D C:\Windows.old
2015-08-07 21:53 - 2015-08-07 21:53 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 02878000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 02224128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-07 21:53 - 2015-08-07 21:53 - 01085776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-08-07 21:53 - 2015-08-07 21:53 - 00916800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00403968 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00242264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-07 21:53 - 2015-08-07 21:53 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-08-07 21:53 - 2015-08-07 21:53 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-08-07 21:52 - 2015-08-07 21:52 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-08-07 21:52 - 2015-08-07 21:52 - 00991584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00412672 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-08-07 21:52 - 2015-08-07 21:52 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-08-07 21:52 - 2015-08-07 21:52 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-07 21:52 - 2015-08-07 21:52 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-08-07 21:49 - 2015-08-07 21:49 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-08-07 21:47 - 2015-08-07 21:47 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-08-07 21:47 - 2015-08-07 21:47 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-08-07 21:47 - 2015-08-07 21:47 - 00000000 ____D C:\Program Files\MSBuild
2015-08-07 21:47 - 2015-08-07 21:47 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-08-07 21:47 - 2015-08-07 21:22 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-08-07 21:46 - 2015-06-17 19:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-08-07 21:46 - 2015-06-17 19:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-07 21:46 - 2015-06-17 19:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-08-07 21:46 - 2015-05-29 22:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-08-07 21:46 - 2015-05-29 22:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-07 21:46 - 2015-05-29 22:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-08-07 21:37 - 2015-08-08 12:03 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-07 21:27 - 2015-07-10 12:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-08-07 21:19 - 2015-08-07 21:19 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default\AppData\Roaming\Performix LLC
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Performix LLC
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-08-07 21:10 - 2015-08-07 21:10 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-08-07 21:08 - 2015-08-13 15:04 - 00000000 ____D C:\Users\Kris
2015-08-07 21:08 - 2015-08-08 10:16 - 00000000 ___RD C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 21:08 - 2015-08-07 21:10 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-07 21:08 - 2015-08-07 21:10 - 00000000 ___RD C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Vorlagen
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Startmenü
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Netzwerkumgebung
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Lokale Einstellungen
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Eigene Dateien
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Druckumgebung
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Documents\Eigene Musik
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Documents\Eigene Bilder
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\AppData\Local\Verlauf
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\AppData\Local\Anwendungsdaten
2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Anwendungsdaten
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-07 21:07 - 2015-08-07 21:39 - 00000000 ____D C:\Users\Gast
2015-08-07 21:07 - 2015-08-07 21:09 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Vorlagen
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Startmenü
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Netzwerkumgebung
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Lokale Einstellungen
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Eigene Dateien
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Druckumgebung
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Musik
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Bilder
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Verlauf
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Anwendungsdaten
2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Anwendungsdaten
2015-08-07 21:07 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-07 21:07 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 21:07 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-07 21:07 - 2015-07-10 13:04 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-07 21:04 - 2015-08-07 21:11 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-07 21:04 - 2015-08-07 21:11 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-07 21:04 - 2015-08-07 21:11 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-08-07 21:04 - 2015-08-07 21:04 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-08-07 21:04 - 2015-08-07 21:04 - 00000000 ____D C:\WINDOWS\system32\NV
2015-08-07 21:04 - 2015-08-07 21:04 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-07 21:04 - 2015-07-13 19:37 - 06873744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 02558792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 00937616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-08-07 21:04 - 2015-07-13 19:37 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-08-07 21:04 - 2015-07-13 19:37 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-08-07 21:04 - 2015-07-13 18:28 - 05096627 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-08-07 21:03 - 2015-08-07 21:11 - 00000000 ____D C:\Program Files\Intel
2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____D C:\WINDOWS\system32\DAX2
2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____D C:\ProgramData\SonicFocus
2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____D C:\Program Files\Realtek
2015-08-07 21:03 - 2015-07-30 22:45 - 00072688 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-08-07 21:03 - 2015-07-30 22:45 - 00069104 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-08-07 20:59 - 2015-08-07 20:59 - 00031060 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-08-07 20:58 - 2015-08-16 14:19 - 00012090 _____ C:\WINDOWS\PFRO.log
2015-08-07 20:29 - 2015-08-08 01:53 - 00006719 _____ C:\WINDOWS\comsetup.log
2015-08-07 15:35 - 2015-08-07 15:35 - 00000000 ____D C:\Users\Kris\AppData\Local\CEF
2015-07-30 22:46 - 2015-07-30 22:46 - 12334064 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 11905424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 11053040 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 10574976 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 04636608 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 03668768 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 01155984 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 01151832 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00467688 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00378816 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00229648 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00199080 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00194352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00169352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-07-30 22:46 - 2015-07-30 22:46 - 00040704 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 22914032 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 17846768 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 08528880 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 06512112 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 04371872 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 04368288 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 04024368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 03797960 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-07-30 22:45 - 2015-07-30 22:45 - 02508272 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 02035696 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 01994224 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 01793008 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 01766896 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 01468976 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00969120 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00865328 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00678896 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00659504 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00632816 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00616496 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00555424 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00554912 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00540064 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00443296 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00409504 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00408992 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00393632 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00392688 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00385520 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00374256 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00357936 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00329200 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00328608 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00295408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00290208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00285168 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00264176 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-07-30 22:45 - 2015-07-30 22:45 - 00261104 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00256928 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00232944 _____ C:\WINDOWS\system32\igdde64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00228848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00223792 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00204192 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00194544 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00193520 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00191984 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4252.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00191024 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00170992 _____ C:\WINDOWS\system32\igdail64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00164256 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-07-30 22:45 - 2015-07-30 22:45 - 00163824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00152560 _____ C:\WINDOWS\SysWOW64\igdail32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00141872 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00107568 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00102896 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00095216 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00078320 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00072688 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00069104 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00068080 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00039408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00019440 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00018928 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00018928 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00018928 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00013808 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-07-30 22:45 - 2015-07-30 22:45 - 00013808 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-07-28 11:28 - 2015-07-28 11:28 - 00100776 _____ (ASUS Corporation) C:\WINDOWS\system32\Drivers\AsusTP.sys
2015-07-20 22:20 - 2015-08-14 17:49 - 00000000 ____D C:\Program Files (x86)\Hippsoft
2015-07-20 22:20 - 2010-11-04 22:55 - 00659264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCT2.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00415552 _____ (Microsoft Corporation ) C:\WINDOWS\SysWOW64\COMCT332.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00258880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFLXGRD.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTL32.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00218432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RICHTX32.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCDE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00155984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMDLG32.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00127808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWINSCK.OCX
2015-07-20 22:20 - 2010-11-04 22:55 - 00125712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6DE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCC2DE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wbemdisp.tlb
2015-07-20 22:20 - 2010-11-04 22:55 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FLXGDDE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RCHTXDE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGDE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00028672 _____ (Microsoft Corporation ) C:\WINDOWS\SysWOW64\CMCT3DE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00024626 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrnde.dll
2015-07-20 22:20 - 2010-11-04 22:55 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTDE.DLL
2015-07-20 22:20 - 2010-11-04 22:55 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WINSKDE.DLL
2015-07-20 22:19 - 2015-07-20 22:19 - 04047094 _____ C:\Users\Kris\Downloads\hswebcam_1.09.zip
2015-07-20 22:18 - 2015-07-20 22:18 - 01259808 _____ C:\Users\Kris\Downloads\hsWebCam - CHIP-Installer.exe
2015-07-19 13:03 - 2015-08-07 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-19 13:03 - 2015-07-19 13:03 - 00001767 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-19 13:02 - 2015-07-19 13:03 - 00000000 ____D C:\Program Files\iTunes
2015-07-19 13:02 - 2015-07-19 13:02 - 00000000 ____D C:\Program Files\iPod
2015-07-19 13:02 - 2015-07-19 13:02 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-17 20:40 - 2015-07-17 20:54 - 00011112 ____H C:\Users\Kris\Desktop\~WRL0006.tmp
|
|
16.08.2015, 13:49
| #10 |
| | Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem FRST Teil 2 Code:
ATTFilter ==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-16 14:42 - 2014-05-18 19:08 - 00000000 ____D C:\FRST
2015-08-16 14:41 - 2012-10-26 22:08 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-16 14:30 - 2015-04-19 17:15 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-16 14:26 - 2015-03-29 15:02 - 00000000 ___RD C:\Users\Kris\Dropbox
2015-08-16 14:26 - 2015-03-29 14:59 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Dropbox
2015-08-16 14:24 - 2015-07-07 11:05 - 00000000 ___RD C:\Users\Kris\iCloudDrive
2015-08-16 14:24 - 2012-10-26 22:08 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-16 14:22 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-16 14:22 - 2014-09-12 16:27 - 00000422 _____ C:\WINDOWS\Tasks\simplitec Service Provider.job
2015-08-16 14:19 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-16 14:19 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-16 14:18 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-16 14:18 - 2015-06-20 14:08 - 00001238 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002UA.job
2015-08-16 14:16 - 2014-03-10 21:10 - 00000000 ____D C:\AdwCleaner
2015-08-16 14:10 - 2013-05-11 21:33 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Skype
2015-08-16 14:10 - 2012-10-27 11:36 - 00000000 ____D C:\Users\Kris\AppData\Local\Spotify
2015-08-16 14:08 - 2015-05-09 01:57 - 00000574 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2324392281-2098655948-2250387561-1002.job
2015-08-16 13:56 - 2013-12-28 00:42 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B59720AA-39DF-4F4D-BE50-D6B932891593}
2015-08-16 13:52 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-16 13:51 - 2012-10-27 11:35 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Spotify
2015-08-16 03:36 - 2015-05-30 13:10 - 00000670 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2324392281-2098655948-2250387561-1002.job
2015-08-15 12:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-15 08:18 - 2015-06-20 14:07 - 00001186 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002Core.job
2015-08-14 18:52 - 2012-10-13 11:50 - 00000000 ____D C:\WINDOWS\ASUSProductDemoMovie
2015-08-14 17:52 - 2014-08-14 13:43 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-14 11:55 - 2015-04-19 17:15 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-08-14 11:41 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-13 21:46 - 2015-07-10 14:20 - 00020861 _____ C:\WINDOWS\setupact.log
2015-08-13 14:22 - 2012-10-26 22:10 - 00002330 _____ C:\Users\Kris\Desktop\Google Chrome.lnk
2015-08-13 14:19 - 2015-07-10 14:20 - 00460216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-13 14:11 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 14:11 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 14:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-13 14:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-13 14:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-13 14:05 - 2014-04-08 21:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-13 14:05 - 2014-04-08 21:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 23:28 - 2015-05-30 13:10 - 00003824 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-12 23:28 - 2015-05-09 01:57 - 00003728 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-12 17:30 - 2014-04-08 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 17:30 - 2012-11-06 21:10 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 17:29 - 2013-08-14 16:03 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-12 17:18 - 2012-12-13 18:02 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-11 21:19 - 2015-03-03 20:32 - 00000000 ____D C:\ProgramData\Oracle
2015-08-11 21:18 - 2013-06-29 19:42 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-11 21:17 - 2012-10-28 15:20 - 00321632 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2015-08-11 21:17 - 2012-10-28 15:20 - 00206944 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2015-08-11 21:17 - 2012-10-28 15:20 - 00206432 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2015-08-11 21:17 - 2012-10-28 15:20 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-08-11 21:17 - 2012-10-28 15:20 - 00000000 ____D C:\Program Files\Java
2015-08-11 21:16 - 2014-01-21 17:29 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-08-10 14:05 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\appcompat
2015-08-09 04:00 - 2014-02-21 23:26 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Telegram Win (Unofficial)
2015-08-08 17:38 - 2015-07-10 13:06 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 17:38 - 2015-07-10 13:06 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-08 14:19 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-08 14:15 - 2012-10-13 11:38 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-08-08 12:18 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-08-08 12:03 - 2015-07-10 18:34 - 00772342 _____ C:\WINDOWS\system32\perfh007.dat
2015-08-08 12:03 - 2015-07-10 18:34 - 00154170 _____ C:\WINDOWS\system32\perfc007.dat
2015-08-08 11:51 - 2012-10-27 04:44 - 00000000 ____D C:\Users\Kris\AppData\Local\Packages
2015-08-08 10:44 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-08-08 10:42 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-08-08 10:41 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-08-08 10:26 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-08-08 04:15 - 2012-10-13 11:40 - 00000000 ____D C:\Program Files\DIFX
2015-08-08 03:03 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows NT
2015-08-08 03:03 - 2015-07-10 11:05 - 00000000 __RHD C:\Users\Default
2015-08-08 02:57 - 2013-11-27 18:14 - 00059058 _____ C:\WINDOWS\diagwrn.xml
2015-08-08 02:57 - 2013-11-27 18:14 - 00059058 _____ C:\WINDOWS\diagerr.xml
2015-08-08 02:00 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Registration
2015-08-08 01:44 - 2013-11-27 18:39 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-08-08 01:43 - 2014-02-21 20:07 - 00003204 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-08 01:42 - 2014-05-11 13:57 - 00003316 _____ C:\WINDOWS\System32\Tasks\{4F236E2E-E3E7-4127-B77B-21F7F0B81AE2}
2015-08-08 01:42 - 2013-07-20 21:50 - 00003224 _____ C:\WINDOWS\System32\Tasks\{0E97361A-FDEE-49EC-90E5-8F380571B6BA}
2015-08-08 01:42 - 2013-05-01 01:22 - 00003208 _____ C:\WINDOWS\System32\Tasks\{BF8034A5-5417-4372-B7B4-0A6F3B7AD8CE}
2015-08-08 01:42 - 2012-10-27 04:53 - 00003710 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-08 01:41 - 2015-06-20 14:08 - 00004292 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002UA
2015-08-08 01:41 - 2015-06-20 14:07 - 00003912 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002Core
2015-08-08 01:41 - 2014-09-12 16:27 - 00002894 _____ C:\WINDOWS\System32\Tasks\simplitec Service Provider
2015-08-08 01:41 - 2013-12-17 00:03 - 00001714 _____ C:\WINDOWS\System32\Tasks\Amazon Music Helper
2015-08-08 01:41 - 2012-11-10 13:10 - 00003652 _____ C:\WINDOWS\System32\Tasks\ASUS Touchpad Launcher (x64)
2015-08-08 01:41 - 2012-10-26 22:08 - 00004218 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-08 01:41 - 2012-10-26 22:08 - 00003982 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-08 01:41 - 2012-10-13 11:47 - 00003222 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update
2015-08-07 23:23 - 2015-07-10 13:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-07 21:56 - 2015-07-10 13:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-08-07 21:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-08-07 21:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-08-07 21:53 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-08-07 21:53 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-08-07 21:22 - 2015-07-10 18:46 - 00000000 ____D C:\WINDOWS\ShellNew
2015-08-07 21:22 - 2015-07-10 11:05 - 00065536 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-07 21:22 - 2015-07-07 10:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-08-07 21:22 - 2015-05-09 01:58 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citrix
2015-08-07 21:22 - 2015-05-07 22:25 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Inquisit 4 Web Player
2015-08-07 21:22 - 2015-04-20 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2015-08-07 21:22 - 2015-04-19 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-08-07 21:22 - 2015-03-23 13:55 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2015-08-07 21:22 - 2014-11-19 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ekahau
2015-08-07 21:22 - 2014-11-19 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek
2015-08-07 21:22 - 2014-09-26 16:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Helden-Software
2015-08-07 21:22 - 2014-09-26 16:15 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Helden-Software
2015-08-07 21:22 - 2014-09-26 13:55 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-07 21:22 - 2014-09-26 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-07 21:22 - 2014-09-09 12:15 - 00000000 ____D C:\WINDOWS\de
2015-08-07 21:22 - 2014-05-11 14:28 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-08-07 21:22 - 2014-05-11 13:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scanned Text Editor 1.0
2015-08-07 21:22 - 2014-03-25 18:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-07 21:22 - 2014-03-08 23:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-08-07 21:22 - 2014-02-21 23:26 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Win (Unofficial)
2015-08-07 21:22 - 2014-01-21 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-07 21:22 - 2013-05-29 17:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-08-07 21:22 - 2013-02-15 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2015-08-07 21:22 - 2012-11-21 21:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2015-08-07 21:22 - 2012-11-06 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-08-07 21:22 - 2012-10-31 05:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2015-08-07 21:22 - 2012-10-29 12:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX350 series
2015-08-07 21:22 - 2012-10-28 15:05 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-07 21:22 - 2012-10-28 15:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-07 21:22 - 2012-10-27 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2015-08-07 21:22 - 2012-10-26 22:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7M
2015-08-07 21:22 - 2012-10-26 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-07 21:22 - 2012-08-17 02:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-08-07 21:19 - 2015-07-10 13:05 - 00004362 _____ C:\WINDOWS\DtcInstall.log
2015-08-07 21:19 - 2013-08-22 15:36 - 00000000 ____D C:\Users\Default.migrated
2015-08-07 21:14 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\spool
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\IME
2015-08-07 21:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-08-07 21:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-08-07 21:14 - 2013-02-15 15:47 - 00000000 ____D C:\WINDOWS\SysWOW64\xlive
2015-08-07 21:12 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-08-07 21:12 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-08-07 21:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2015-08-07 21:12 - 2012-10-29 12:01 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2015-08-07 21:11 - 2015-07-10 15:19 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-08-07 21:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\InputMethod
2015-08-07 21:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\IME
2015-08-07 21:11 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\System
2015-08-07 21:11 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-07 21:11 - 2014-09-12 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2015-08-07 21:11 - 2014-05-06 21:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2015-08-07 21:11 - 2013-10-23 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-08-07 21:11 - 2013-08-23 00:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-08-07 21:11 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-08-07 21:11 - 2013-03-18 00:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotydl
2015-08-07 21:11 - 2012-12-09 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-08-07 21:11 - 2012-11-25 00:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2015-08-07 21:11 - 2012-10-26 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2015-08-07 21:11 - 2012-10-13 11:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUSDVD
2015-08-07 21:11 - 2012-08-02 15:28 - 00000000 ____D C:\ProgramData\PRICache
2015-08-07 21:10 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-08-07 21:09 - 2013-02-27 07:58 - 00000000 ____D C:\Users\Gast\AppData\Local\Packages
2015-08-07 21:06 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-08-07 21:04 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Help
2015-08-07 20:36 - 2014-09-13 17:04 - 01149954 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-08-07 20:28 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT
2015-08-07 13:40 - 2013-06-22 14:54 - 00000000 ____D C:\Users\Kris\Desktop\Dateien
2015-08-07 13:33 - 2012-10-26 22:52 - 00000000 ___DO C:\Users\Kris\OneDrive
2015-08-03 12:33 - 2013-06-21 13:43 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-08-03 12:33 - 2013-06-21 13:43 - 00137288 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-07-20 22:26 - 2012-07-26 07:26 - 00000402 _____ C:\WINDOWS\win.ini
2015-07-19 13:02 - 2015-03-23 13:01 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-17 20:58 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-01-19 09:44 - 2013-01-19 09:44 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2013-06-22 14:52 - 2013-06-22 14:52 - 0000068 _____ () C:\Users\Kris\AppData\Roaming\mbam.context.scan
2013-12-19 01:19 - 2014-03-09 01:19 - 0000205 _____ () C:\Users\Kris\AppData\Roaming\WB.CFG
2014-11-19 20:28 - 2014-11-19 20:28 - 0000037 ___SH () C:\Users\Kris\AppData\Local\70149b02515b3bb20dd492.47983420
2013-03-18 01:21 - 2013-03-18 01:21 - 0001470 _____ () C:\Users\Kris\AppData\Local\RecConfig.xml
2015-08-07 21:03 - 2015-08-07 21:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-03-22 18:19 - 2015-06-20 17:08 - 0000263 _____ () C:\ProgramData\fontcacheev1.dat
2012-11-21 19:50 - 2012-11-21 19:50 - 0000105 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2012-08-17 02:52 - 2012-07-30 08:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-17 02:52 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2012-10-26 22:07 - 2012-10-26 22:09 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-10-26 22:06 - 2012-10-26 22:07 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\fontcacheev1.dat
Einige Dateien in TEMP:
====================
C:\Users\Kris\AppData\Local\Temp\avgnt.exe
C:\Users\Kris\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdhbm1q.dll
C:\Users\Kris\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Kris\AppData\Local\Temp\Quarantine.exe
C:\Users\Kris\AppData\Local\Temp\sqlite3.dll
C:\Users\Kris\AppData\Local\Temp\ytb.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-07 20:58
==================== Ende von Ergebnis ============================
|
|
17.08.2015, 07:17
| #11 |
| /// the machine /// TB-Ausbilder | Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware ProblemESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.08.2015, 00:14
| #12 |
| | Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem Die Auslastung des Arbeitsspeichers durch system.exe ist immernoch konstant zwischen 50 und 60%, das irritiert mich nach wie vor. Die unerwünschten Tabs mit Werbung im Browser tauchen immer noch in unregelmäßigen Abständen auf (tradeadexchange.com laut Google ein Redirect Virus) Der Laptop erwacht neuerdings von selbst aus dem Ruhezustand, im zugeklappten Zustand, ohne mein Zutun. ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=803d0ccec67eed4bad4e8c81b805d106
# engine=23456
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-04-19 05:16:10
# local_time=2015-04-19 07:16:10 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 3119038 30563768 0 0
# scanned=372994
# found=24
# cleaned=24
# scan_time=7413
sh=03DA527ADCC24EB7FF12CD2D44FD8274F5F29740 ft=1 fh=783ba74c95f91fff vn="Variante von Win32/KBM.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\$Recycle.Bin\S-1-5-21-2324392281-2098655948-2250387561-1002\$RFA7Y2W\Downloads\TubeBoxSetup_3.6.exe"
sh=296D957AB83527E175A38C3525B3718A832EB5D1 ft=1 fh=4df0223cfa146604 vn="Variante von Win32/InstallCore.YX evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\FoxTab\1.8.12.0\uninstall.exe.vir"
sh=52972C9675D994680B2005684774DC696DB8B4F4 ft=1 fh=5fee560e97c297ec vn="Variante von Win32/Toolbar.CrossRider.BP evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\The weDownload Manager\Uninstall.exe.vir"
sh=9EFDE89A61BAAA7D5D5D4B08214BE3D2EE505248 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\102_dealply_m.js.vir"
sh=57F445259F179510FE1EACAAD27A82E87305756C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\103_intext_5_m.js.vir"
sh=30630D311A124BA372D209C02247D8A4238E3610 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\104_jollywallet_m.js.vir"
sh=04253E738106628805978963C1648F429CD2A08E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\105_corticas_m.js.vir"
sh=E5DA6BC389AFE8C4BE0D4BDF007094964623BEE4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\123_intext_adv_m.js.vir"
sh=84CA9AA694BCAE4779C18F493E7083124A3126C5 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\155_ibario_pops_m.js.vir"
sh=D9DF0722882055C5C11AFD602D505B2E7EA9AFC6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\184_noproblemppc_m.js.vir"
sh=39D85F60370A7E5065A9BDC9D83216476D768A60 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\191_ciuvo_m.js.vir"
sh=63D3217BF16BFB37091DD90C82E573D8CA13F08E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\1_base.js.vir"
sh=04233EDE7DF01DAC825FEAD78765038021632584 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\217_similar_products_m.js.vir"
sh=5902FC10054355A5B8B9CC41620445BAA0F1D0AB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\21_debug.js.vir"
sh=7CD82C8AAFF59D7A1E7625012490985C70AD0157 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\223_imonomy_m.js.vir"
sh=5E80029240BA4FF3B3E3010BB40E6867D0999160 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\226_set_campaign_id_m.js.vir"
sh=DE138BFD2293B4197712198C41377CE6A89E6200 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\230_revizer_ws_dynamic_b2b_2_m.js.vir"
sh=E0F8250FB3FFBCB394862C11971C43A7B3B6BD17 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\233_revizer_p_dynamic_b2b_2_m.js.vir"
sh=57F2136CD86B69E88017E3346CF16BE0C2A51A2B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\28_initializer.js.vir"
sh=912FAF0450579FD05E9707FC66B1902406FCA106 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\91_monetizationLoader.js.js.vir"
sh=0C5AC30A082628E85A9A8B68EF5E5EAFA46F0CC7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\93_superfish_no_coupons_m.js.vir"
sh=CCE2C38E8E351E54EF7624D60D5C8E8943A8C1D9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\lib\crossriderAPI.js.vir"
sh=E337F837D913C4B95AB15A2F3B0B8BB3DE1F24CD ft=1 fh=c36220f4d76b2bd7 vn="Variante von Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Kris\Downloads\COMPUTER_BILD_Download_Manager_fuer_super.exe"
sh=0818187D30162FA4097CA2720BBD8BFD12954F96 ft=1 fh=7453b3f781b5f728 vn="Win32/Somoto.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Kris\Downloads\spotydl_setup.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=803d0ccec67eed4bad4e8c81b805d106
# end=init
# utc_time=2015-08-17 06:34:59
# local_time=2015-08-17 08:34:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 25319
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=803d0ccec67eed4bad4e8c81b805d106
# end=updated
# utc_time=2015-08-17 06:37:43
# local_time=2015-08-17 08:37:43 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=803d0ccec67eed4bad4e8c81b805d106
# engine=25319
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-08-17 11:01:41
# local_time=2015-08-18 01:01:41 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 124266 3326513 0 0
# scanned=547050
# found=20
# cleaned=0
# scan_time=15838
sh=19D455644F52F420BF86992C52DB41BC4F7E417D ft=1 fh=babc80087522ba7f vn="Variante von Win32/Toolbar.SearchSuite.Z evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-2324392281-2098655948-2250387561-1002\$RFA7Y2W\Downloads\iLividSetupV1.exe"
sh=3B861553E2E5AB5258BAE46D7A6FD4EAE9705B69 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\extensionData\plugins\19_CHAppAPIWrapper.js.vir"
sh=34C11A75B2A93EDE2B3B945AA6A09250EF5C06F4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\background.js.vir"
sh=832ADA6E9B2673CA1DE314A566FF76316F0A2997 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\api\chrome.js.vir"
sh=F4FE303A5886572113DF4DA3579956CEBB907F56 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\api\cookie.js.vir"
sh=FD2A3FEFF97D325433D2011C5ED5755B6D6A8FAA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\api\message.js.vir"
sh=F12AB7ECE7B656776B6C51962B568E2ABCDE1D4D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\api\monitor.js.vir"
sh=CA4563F63D05349DF3C504C456185B7559177496 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\lib\bg_app_api.js.vir"
sh=6B8D57805A81A0C2A68E87C410FF89D15BB71CC9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\lib\cookie_store.js.vir"
sh=EDB82EF0A2AC160256F1A5C49F0778E3A42AC559 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\lib\events.js.vir"
sh=902E327ADBC89F0A47999D10E7F6F6554CFCC0F4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\lib\onBGDocumentLoad.js.vir"
sh=09D5AE4A80F65C6B9123A1F494E3E181BF3C46FD ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\lib\reports.js.vir"
sh=BE038417E468CAA3BBA91CFFD2F554922504407C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\lib\util.js.vir"
sh=D88F73897D0415B880A52D98AACBCBA8372956B2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.44_0\js\lib\xhr.js.vir"
sh=857298C245BA0FF941DEEB2076909FAAA104753C ft=1 fh=2c1a80c17e3381fc vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kris\AppData\Local\Temp\DMR\dmr_72.exe"
sh=C9C69D7E104EA42CAC6878C0E279E554F3A11786 ft=1 fh=c8da3fa161fa276a vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kris\Desktop\TDSSKiller - CHIP-Installer.exe"
sh=CCC3C605E77CEC47B534E10C0FFCFF4D6C35CEEE ft=1 fh=99083e1f788b276c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kris\Downloads\CPUCooL - CHIP-Installer.exe"
sh=888532B25A4A5C9198CD66B079F429D3422299BA ft=1 fh=781e833f0d214a22 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kris\Downloads\hsWebCam - CHIP-Installer.exe"
sh=3CC59BF055481B3EF66FD60CDB20AEFF405B1D65 ft=1 fh=3b342e5d960a15c0 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Kris\Downloads\PDF XChange Viewer - CHIP-Installer.exe"
sh=E44E6F3626CF698E642A56062DBE63EEBB12B8D2 ft=1 fh=37f4854510caa11a vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Kris\AppData\Local\Temp\DMR\dmr_72.exe"
Security Check: Code:
ATTFilter Results of screen317's Security Check version 1.006 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Avira Antivirus Windows Defender Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy Java 8 Update 51 Google Chrome (44.0.2403.155) ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSMpEng.exe Malwarebytes Anti-Malware mbam.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Malwarebytes Anti-Exploit mbae-svc.exe Malwarebytes Anti-Malware mbamscheduler.exe Malwarebytes Anti-Exploit mbae64.exe Malwarebytes Anti-Exploit mbae.exe Windows Defender MpCmdRun.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` Geändert von Itkuraita (18.08.2015 um 00:27 Uhr) |
|
18.08.2015, 00:15
| #13 |
| | Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem FRST 1 Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-08-2015 durchgeführt von Kris (Administrator) auf MUEEMUII (18-08-2015 01:08:16) Gestartet von C:\Users\Kris\Desktop Geladene Profile: Kris & (Verfügbare Profile: UpdatusUser & Kris & Gast) Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Spotify Ltd) C:\Users\Kris\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Dropbox, Inc.) C:\Users\Kris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Spotify Ltd) C:\Users\Kris\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\Kris\AppData\Roaming\Spotify\SpotifyCrashService.exe (Spotify Ltd) C:\Users\Kris\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd) C:\Users\Kris\AppData\Roaming\Spotify\Spotify.exe (Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.803.16240.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Users\Kris\Desktop\SecurityCheck.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe" HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe" HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS) HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [600928 2014-03-13] (Copyright 2013 SAMSUNG) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-08-03] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2014-03-12] (Cisco Systems, Inc.) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation) HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation) HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation) HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation) HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation) HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation) HKU\S-1-5-21-2324392281-2098655948-2250387561-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation) HKU\S-1-5-21-2324392281-2098655948-2250387561-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation) HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.) HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [Spotify Web Helper] => C:\Users\Kris\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-07] (Spotify Ltd) HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [GoogleChromeAutoLaunch_3E81765752FF83C4DA6B3E36D2D9EEDD] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-08] (Google Inc.) HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\...\Run: [Spotify] => C:\Users\Kris\AppData\Roaming\Spotify\spotify.exe [7675448 2015-08-07] (Spotify Ltd) HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.) HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Kris\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-08-07] (Spotify Ltd) HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_3E81765752FF83C4DA6B3E36D2D9EEDD] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-08] (Google Inc.) HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\Kris\AppData\Roaming\Spotify\spotify.exe [7675448 2015-08-07] (Spotify Ltd) HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [7805120 2015-07-10] (Microsoft Corporation) HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation) HKU\S-1-5-18\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [177088 2015-07-13] (NVIDIA Corporation) AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-13] (NVIDIA Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-10-13] ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.) Startup: C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-09] ShortcutTarget: Dropbox.lnk -> C:\Users\Kris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => Keine Datei ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => Keine Datei ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kris\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset HKU\S-1-5-21-2324392281-2098655948-2250387561-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP64E0EB6E-F346-4327-B53C-93E520419F5B&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002 -> {5548B853-707A-48C9-B81C-7B6F5BAFE839} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3314759&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP64E0EB6E-F346-4327-B53C-93E520419F5B&q={searchTerms}&SSPV= SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {5548B853-707A-48C9-B81C-7B6F5BAFE839} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default SearchScopes: HKU\S-1-5-21-2324392281-2098655948-2250387561-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-11] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-11] (Oracle Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-10-31] (RealPlayer) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-11] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-11] (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{e85dc7f5-fdb6-417a-a0e3-22ed0cc4fa99}: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.) FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2012-10-28] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-11] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] () FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-11] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-11] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei] FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2012-10-31] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2012-10-31] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-10-31] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-10-31] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2012-10-31] (RealPlayer) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems) FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll [Keine Datei] FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002: @citrixonline.com/appdetectorplugin -> C:\Users\Kris\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-05-09] (Citrix Online) FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll Keine Datei FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @citrixonline.com/appdetectorplugin -> C:\Users\Kris\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-05-09] (Citrix Online) FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-2324392281-2098655948-2250387561-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll Keine Datei FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-10-31] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK Chrome: ======= CHR Profile: C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Adguard AdBlocker) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2015-03-22] CHR Extension: (YouTube) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-26] CHR Extension: (Adblock Plus) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-11-13] CHR Extension: (Adblock for Youtube™) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2015-03-22] CHR Extension: (FB Auto-Poker) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmhccgdbmajoblcbfbgmhnpiecmjiadh [2012-11-14] CHR Extension: (Google Search) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-26] CHR Extension: (PanicButton) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm [2012-11-14] CHR Extension: (iCloud Bookmarks) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2015-07-07] CHR Extension: (Avira Browser Safety) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-04-19] CHR Extension: (FoxyProxy Standard) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp [2012-11-14] CHR Extension: (Hide My AdBlocker) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gihcngphjjankfngmgdkihhngndcdflc [2015-04-19] CHR Extension: (Spotify Chrome Extension) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbjmlahipheaaghllkabfkpolljilkjb [2012-11-14] CHR Extension: (LastPass: Free Password Manager) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-03-22] CHR Extension: (Speed Dial 3™) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfgjjcbbihjnpdommbepdkpfnkkapnbh [2015-03-22] CHR Extension: (Stealthy) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2012-11-14] CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-10-31] CHR Extension: (Adblock Super) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-03-22] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14] CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2015-03-22] CHR Extension: (Ghostery) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-02-21] CHR Extension: (Chrome Web Store Payments) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (Psykopaint) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2013-02-28] CHR Extension: (Gmail) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-26] CHR Extension: (SoundCloud Storm) - C:\Users\Kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\plkfceapbcmjkgdffihdaebnfblcjfbf [2012-11-14] CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-10-31] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [Datei ist nicht signiert] S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-08-03] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-08-03] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-08-03] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-08-03] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.) R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [326144 2015-07-10] (Microsoft Corporation) S3 CDPSvc; C:\Windows\System32\CDPSvc.dll [134144 2015-07-10] (Microsoft Corporation) R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [808856 2015-08-07] (Microsoft Corporation) R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [510976 2015-08-07] (Microsoft Corporation) S2 CPUCooLServer; C:\Program Files (x86)\CPUCooL\CooLSrv.exe [743936 2011-12-01] () [Datei ist nicht signiert] S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [27136 2015-07-10] (Microsoft Corporation) S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [267776 2015-07-10] (Microsoft Corporation) S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [193024 2015-07-10] (Microsoft Corporation) S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [87040 2015-07-10] (Microsoft Corporation) S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [275456 2015-07-10] (Microsoft Corporation) S3 icssvc; C:\Windows\System32\tetheringservice.dll [148992 2015-08-07] (Microsoft Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328608 2015-07-30] (Intel Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation) R3 lfsvc; C:\Windows\SysWOW64\lfsvc.dll [22528 2015-07-10] (Microsoft Corporation) R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [21504 2015-07-10] (Microsoft Corporation) S2 MapsBroker; C:\Windows\System32\moshost.dll [62464 2015-07-10] (Microsoft Corporation) R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [296960 2015-07-10] (Microsoft Corporation) R2 OneSyncSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) R2 OneSyncSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [289280 2015-07-10] (Microsoft Corporation) R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) R3 PimIndexMaintenanceSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) S3 RetailDemo; C:\Windows\system32\RDXService.dll [988672 2015-08-03] (Microsoft Corporation) R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [609632 2014-03-13] (Copyright 2013 SAMSUNG) S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1031680 2015-08-07] (Microsoft Corporation) R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [2674176 2015-07-10] (Microsoft Corporation) R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [2049024 2015-07-10] (Microsoft Corporation) S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1203200 2015-08-07] (Microsoft Corporation) S3 UnistoreSvc; C:\Windows\SysWOW64\unistore.dll [925696 2015-08-07] (Microsoft Corporation) R3 UnistoreSvc_Session1; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) R3 UnistoreSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1420288 2015-07-30] (Microsoft Corporation) R3 UserDataSvc_Session1; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) R3 UserDataSvc_Session1; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) S3 vmicvmsession; C:\Windows\System32\ICSvc.dll [506880 2015-07-10] (Microsoft Corporation) S3 WalletService; C:\Windows\system32\WalletService.dll [504320 2015-07-10] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [918016 2015-07-10] (Microsoft Corporation) S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1149440 2015-07-10] (Microsoft Corporation) S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1019392 2015-07-10] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 adgnetworktdidrv; C:\Windows\System32\drivers\adgnetworktdidrv.sys [61432 2015-06-02] () R3 athr; C:\Windows\System32\drivers\athw10x.sys [4325544 2015-06-26] (Qualcomm Atheros Communications, Inc.) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2015-07-28] (ASUS Corporation) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137288 2015-08-03] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-08-03] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG) R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys [39936 2015-07-10] (Microsoft Corporation) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3436896 2015-07-10] (QLogic Corporation) R2 EkaProt6; C:\Windows\system32\DRIVERS\ekaprot6.sys [27288 2012-03-23] (Ekahau Inc.) R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] () R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [83968 2015-07-10] (Microsoft Corporation) S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20992 2015-07-10] (Microsoft Corporation) R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2015-07-10] (Microsoft Corporation) S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [424800 2015-07-10] (Mellanox) S3 IoQos; C:\Windows\System32\drivers\ioqos.sys [26624 2015-07-10] (Microsoft Corporation) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( ) S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [99168 2015-07-10] (Avago Technologies) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-17] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [705376 2015-07-10] (Mellanox) S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [76128 2015-07-10] (Mellanox) U1 ntiopnp; C:\Windows\System32\Drivers\ntiopnp.sys [19544 2010-11-11] () R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek ) R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-07-08] (Realsil Semiconductor Corporation) R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [61952 2015-07-10] (Microsoft Corporation) R3 swenum; C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys [17760 2015-07-10] (Microsoft Corporation) S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-06-21] (Anchorfree Inc.) S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [61952 2015-07-10] (Microsoft Corporation) S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [46080 2015-08-07] (Microsoft Corporation) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [52592 2014-03-12] (Cisco Systems, Inc.) R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [106520 2015-07-10] (Microsoft Corporation) R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2015-07-10] (Microsoft Corporation) S3 WinMad; C:\Windows\System32\drivers\winmad.sys [26976 2015-07-10] (Mellanox) S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [59232 2015-07-10] (Mellanox) S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [222720 2015-07-10] (Microsoft Corporation) S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [25600 2015-07-10] (Microsoft Corporation) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation) NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation) NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation) NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation) NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> Keine Datei ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-18 01:08 - 2015-08-18 01:08 - 00000000 ____D C:\Users\Kris\Desktop\FRST-OlderVersion 2015-08-18 00:44 - 2015-08-18 00:44 - 00016148 _____ C:\WINDOWS\system32\MUEEMUII_Kris_HistoryPrediction.bin 2015-08-17 20:39 - 2015-08-18 01:02 - 00852684 _____ C:\Users\Kris\Desktop\SecurityCheck.exe 2015-08-17 20:33 - 2015-08-17 20:33 - 02870984 _____ (ESET) C:\Users\Kris\Desktop\esetsmartinstaller_deu (1).exe 2015-08-16 23:51 - 2015-08-16 23:51 - 01260832 _____ C:\Users\Kris\Downloads\CPUCooL - CHIP-Installer.exe 2015-08-16 23:51 - 2015-08-16 23:51 - 00001066 _____ C:\Users\Kris\Desktop\CPUCooL.lnk 2015-08-16 23:51 - 2015-08-16 23:51 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CPUCooL 2015-08-16 23:51 - 2015-08-16 23:51 - 00000000 ____D C:\Program Files (x86)\CPUCooL 2015-08-16 16:08 - 2015-08-16 16:09 - 00000401 _____ C:\Users\Kris\AppData\Roaming\sp_data.sys 2015-08-16 16:02 - 2015-08-16 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in 2015-08-16 14:36 - 2015-08-16 14:36 - 00001651 _____ C:\Users\Kris\Desktop\JRT.txt 2015-08-16 14:32 - 2015-08-16 14:32 - 01791580 _____ (Malwarebytes Corporation) C:\Users\Kris\Desktop\JRT.exe 2015-08-16 14:25 - 2015-08-16 14:25 - 00002063 _____ C:\Users\Kris\Desktop\AdwCleaner[S6].txt 2015-08-16 02:28 - 2015-08-12 10:57 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-08-16 02:28 - 2015-08-12 10:22 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-08-14 19:04 - 2015-08-16 14:25 - 00001865 _____ C:\Users\Kris\Desktop\chrome - Verknüpfung.lnk 2015-08-14 18:51 - 2015-08-16 22:48 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit 2015-08-14 18:51 - 2015-08-14 18:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit 2015-08-14 18:51 - 2015-08-14 18:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit 2015-08-14 18:50 - 2015-08-14 18:50 - 02865192 _____ (Malwarebytes ) C:\Users\Kris\Downloads\mbae-setup-1.07.1.1015.exe 2015-08-14 18:50 - 2015-08-14 18:50 - 02865192 _____ (Malwarebytes ) C:\Users\Kris\Desktop\mbae-setup-1.07.1.1015 (1).exe 2015-08-14 15:54 - 2015-08-16 16:12 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture 2015-08-14 13:00 - 2015-08-14 13:00 - 04383777 _____ C:\Users\Kris\Desktop\tdsskiller31.zip 2015-08-14 12:59 - 2015-08-14 12:59 - 01199392 _____ C:\Users\Kris\Desktop\TDSSKiller - CHIP-Installer.exe 2015-08-14 12:02 - 2015-08-14 18:56 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-08-14 11:54 - 2015-08-14 13:06 - 00000000 ____D C:\Users\Kris\Desktop\mbar 2015-08-14 11:51 - 2015-08-14 11:54 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Kris\Desktop\mbar-1.09.1.1004.exe 2015-08-13 16:07 - 2015-08-13 16:07 - 00003628 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher 2015-08-13 16:06 - 2015-08-13 16:06 - 00065456 _____ C:\WINDOWS\system32\ASGCoInstaller_x64.dll 2015-08-13 15:52 - 2015-08-13 15:52 - 00020966 _____ C:\Users\Kris\Desktop\FRST.rar 2015-08-13 15:15 - 2015-08-13 15:15 - 00931408 _____ (Google Inc.) C:\Users\Kris\Downloads\ChromeSetup.exe 2015-08-13 15:15 - 2015-08-13 15:15 - 00002330 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-08-13 14:59 - 2015-08-13 14:59 - 00281672 _____ C:\WINDOWS\Minidump\081315-24453-01.dmp 2015-08-13 14:55 - 2015-08-13 15:00 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2015-08-13 14:53 - 2015-08-13 15:04 - 00000000 ____D C:\WINDOWS\pss 2015-08-13 14:27 - 2015-08-13 14:27 - 00309880 _____ C:\WINDOWS\Minidump\081315-37734-01.dmp 2015-08-13 14:26 - 2015-08-13 14:26 - 00003556 _____ C:\WINDOWS\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2324392281-2098655948-2250387561-1002 2015-08-13 14:26 - 2015-08-13 14:26 - 00003496 _____ C:\WINDOWS\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2324392281-2098655948-2250387561-1002 2015-08-13 14:06 - 2015-08-13 14:59 - 00000000 ____D C:\WINDOWS\Minidump 2015-08-13 14:06 - 2015-08-13 14:06 - 00314784 _____ C:\WINDOWS\Minidump\081315-50421-01.dmp 2015-08-13 14:05 - 2015-08-13 14:59 - 453504137 _____ C:\WINDOWS\MEMORY.DMP 2015-08-13 13:59 - 2015-08-13 14:01 - 00380416 _____ C:\Users\Kris\Desktop\Gmer-19357.exe 2015-08-13 13:54 - 2015-08-13 15:49 - 00081290 _____ C:\Users\Kris\Desktop\Addition.txt 2015-08-13 13:52 - 2015-08-18 01:08 - 02173440 _____ (Farbar) C:\Users\Kris\Desktop\FRST64.exe 2015-08-13 13:52 - 2015-08-18 01:08 - 00046104 _____ C:\Users\Kris\Desktop\FRST.txt 2015-08-13 13:47 - 2015-08-13 13:47 - 00000470 _____ C:\Users\Kris\Desktop\defogger_disable.log 2015-08-13 13:47 - 2015-08-13 13:47 - 00000000 _____ C:\Users\Kris\defogger_reenable 2015-08-13 13:46 - 2015-08-13 13:46 - 00050477 _____ C:\Users\Kris\Desktop\Defogger (1).exe 2015-08-12 17:13 - 2015-08-12 17:13 - 00000000 ____D C:\WINDOWS\PCHEALTH 2015-08-11 20:56 - 2015-08-08 09:30 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-08-11 20:56 - 2015-08-08 09:29 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2015-08-11 20:56 - 2015-08-08 09:19 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2015-08-11 20:56 - 2015-08-08 09:01 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2015-08-11 20:56 - 2015-08-08 08:48 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2015-08-11 20:56 - 2015-08-08 08:40 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-08-11 20:56 - 2015-08-08 08:24 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2015-08-11 20:56 - 2015-08-08 08:24 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2015-08-11 20:56 - 2015-08-08 08:22 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll 2015-08-11 20:56 - 2015-08-08 08:21 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll 2015-08-11 20:56 - 2015-08-08 08:15 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-08-11 20:56 - 2015-08-08 08:00 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2015-08-11 20:56 - 2015-08-06 05:18 - 00290768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2015-08-11 20:56 - 2015-08-06 05:17 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys 2015-08-11 20:56 - 2015-08-06 05:17 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys 2015-08-11 20:56 - 2015-08-06 04:36 - 21874176 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-08-11 20:56 - 2015-08-06 04:22 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2015-08-11 20:56 - 2015-08-06 04:03 - 18805248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-08-11 20:56 - 2015-08-05 06:49 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2015-08-11 20:56 - 2015-08-05 06:29 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2015-08-11 20:56 - 2015-08-05 06:03 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-08-11 20:56 - 2015-08-05 06:00 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll 2015-08-11 20:56 - 2015-08-05 05:54 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2015-08-11 20:56 - 2015-08-05 05:47 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-08-11 20:56 - 2015-08-05 05:47 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-08-11 20:56 - 2015-08-05 05:43 - 01916416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-08-11 20:56 - 2015-08-05 05:39 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll 2015-08-11 20:56 - 2015-08-04 06:08 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2015-08-11 20:56 - 2015-08-04 06:07 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys 2015-08-11 20:56 - 2015-08-04 06:06 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2015-08-11 20:56 - 2015-08-04 06:06 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2015-08-11 20:56 - 2015-08-04 05:50 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2015-08-11 20:56 - 2015-08-04 05:23 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll 2015-08-11 20:56 - 2015-08-04 05:21 - 16709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2015-08-11 20:56 - 2015-08-04 05:10 - 13025792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2015-08-11 20:56 - 2015-08-04 04:59 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll 2015-08-11 20:56 - 2015-08-04 04:47 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll 2015-08-11 20:56 - 2015-08-03 04:32 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll 2015-08-11 20:56 - 2015-08-03 04:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll 2015-08-11 20:56 - 2015-08-03 04:19 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2015-08-11 20:56 - 2015-08-03 04:19 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2015-08-11 20:56 - 2015-08-03 04:18 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2015-08-11 20:56 - 2015-08-03 04:18 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2015-08-11 20:56 - 2015-08-03 04:18 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2015-08-11 20:56 - 2015-08-03 04:18 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys 2015-08-11 20:56 - 2015-08-03 04:17 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2015-08-11 20:56 - 2015-08-03 04:17 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys 2015-08-11 20:56 - 2015-08-03 04:13 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-08-11 20:56 - 2015-08-03 04:12 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2015-08-11 20:56 - 2015-08-03 03:56 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2015-08-11 20:56 - 2015-08-03 03:50 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-08-11 20:56 - 2015-08-03 03:49 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2015-08-11 20:56 - 2015-08-03 03:31 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2015-08-11 20:56 - 2015-08-03 03:30 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll 2015-08-11 20:56 - 2015-08-03 03:24 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-08-11 20:56 - 2015-08-03 03:24 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2015-08-11 20:56 - 2015-08-03 03:24 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2015-08-11 20:56 - 2015-08-03 03:24 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll 2015-08-11 20:56 - 2015-08-03 03:23 - 02446336 _____ C:\WINDOWS\system32\InputService.dll 2015-08-11 20:56 - 2015-08-03 03:23 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll 2015-08-11 20:56 - 2015-08-03 03:22 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2015-08-11 20:56 - 2015-08-03 03:22 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2015-08-11 20:56 - 2015-08-03 03:22 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll 2015-08-11 20:56 - 2015-08-03 03:22 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll 2015-08-11 20:56 - 2015-08-03 03:21 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll 2015-08-11 20:56 - 2015-08-03 03:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe 2015-08-11 20:56 - 2015-08-03 03:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe 2015-08-11 20:56 - 2015-08-03 03:18 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-08-11 20:56 - 2015-08-03 03:18 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2015-08-11 20:56 - 2015-08-03 03:18 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll 2015-08-11 20:56 - 2015-08-03 03:18 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll 2015-08-11 20:56 - 2015-08-03 03:15 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2015-08-11 20:56 - 2015-08-03 03:15 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2015-08-11 20:56 - 2015-08-03 03:15 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2015-08-11 20:56 - 2015-08-03 03:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll 2015-08-11 20:56 - 2015-08-03 03:15 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll 2015-08-11 20:56 - 2015-08-03 03:15 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll 2015-08-11 20:56 - 2015-08-03 03:14 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2015-08-11 20:56 - 2015-08-03 03:14 - 00247808 _____ C:\WINDOWS\system32\facecredentialprovider.dll 2015-08-11 20:56 - 2015-08-03 03:12 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-08-11 20:56 - 2015-08-03 03:12 - 01890304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2015-08-11 20:56 - 2015-08-03 03:12 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll 2015-08-11 20:56 - 2015-08-03 03:12 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2015-08-11 20:56 - 2015-08-03 03:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll 2015-08-11 20:56 - 2015-08-03 03:11 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll 2015-08-11 20:56 - 2015-08-03 03:11 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll 2015-08-11 20:56 - 2015-08-03 03:10 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2015-08-11 20:56 - 2015-08-03 03:06 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe 2015-08-11 20:56 - 2015-08-03 03:03 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2015-08-11 20:56 - 2015-08-03 03:02 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll 2015-08-11 20:56 - 2015-08-03 03:02 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2015-08-11 20:56 - 2015-08-03 03:01 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-08-11 20:56 - 2015-08-03 03:00 - 01593856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2015-08-11 20:56 - 2015-08-03 02:59 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll 2015-08-11 04:31 - 2015-08-11 04:31 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-08-10 17:48 - 2015-08-10 17:48 - 00000000 ____D C:\Users\Kris\AppData\Local\MicrosoftEdge 2015-08-10 17:41 - 2015-08-17 17:54 - 00002397 _____ C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-08-10 17:01 - 2015-08-10 17:01 - 00000000 ____D C:\Users\Kris\AppData\Local\NetworkTiles 2015-08-09 16:37 - 2015-08-09 16:37 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2015-08-08 12:18 - 2015-07-30 08:24 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2015-08-08 12:18 - 2015-07-30 08:23 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2015-08-08 12:18 - 2015-07-30 08:21 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2015-08-08 12:18 - 2015-07-30 08:17 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2015-08-08 12:18 - 2015-07-30 08:17 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2015-08-08 12:18 - 2015-07-30 08:16 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2015-08-08 12:18 - 2015-07-30 08:14 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll 2015-08-08 12:18 - 2015-07-30 08:09 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2015-08-08 12:18 - 2015-07-30 08:06 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2015-08-08 12:18 - 2015-07-30 08:05 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2015-08-08 12:18 - 2015-07-30 08:05 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2015-08-08 12:18 - 2015-07-30 08:04 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-08-08 12:18 - 2015-07-30 08:03 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2015-08-08 12:18 - 2015-07-30 07:24 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll 2015-08-08 12:18 - 2015-07-30 06:29 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2015-08-08 12:18 - 2015-07-30 06:26 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2015-08-08 12:18 - 2015-07-30 06:26 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2015-08-08 12:18 - 2015-07-30 06:25 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2015-08-08 12:18 - 2015-07-30 06:25 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2015-08-08 12:18 - 2015-07-30 06:24 - 01769056 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2015-08-08 12:18 - 2015-07-30 06:24 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2015-08-08 12:18 - 2015-07-30 06:24 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll 2015-08-08 12:18 - 2015-07-30 06:22 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2015-08-08 12:18 - 2015-07-30 06:22 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2015-08-08 12:18 - 2015-07-30 06:21 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-08-08 12:18 - 2015-07-30 06:12 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2015-08-08 12:18 - 2015-07-30 06:12 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2015-08-08 12:18 - 2015-07-30 06:08 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2015-08-08 12:18 - 2015-07-30 06:08 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2015-08-08 12:18 - 2015-07-30 05:52 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2015-08-08 12:18 - 2015-07-30 05:52 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2015-08-08 12:18 - 2015-07-30 05:52 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll 2015-08-08 12:18 - 2015-07-30 05:49 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2015-08-08 12:18 - 2015-07-30 05:49 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2015-08-08 12:18 - 2015-07-30 05:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2015-08-08 12:18 - 2015-07-30 05:46 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2015-08-08 12:18 - 2015-07-30 05:46 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2015-08-08 12:18 - 2015-07-30 05:44 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2015-08-08 12:18 - 2015-07-30 05:44 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2015-08-08 12:18 - 2015-07-30 05:44 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2015-08-08 12:18 - 2015-07-30 05:42 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2015-08-08 12:18 - 2015-07-30 05:41 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2015-08-08 12:18 - 2015-07-30 05:40 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2015-08-08 12:18 - 2015-07-30 05:38 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2015-08-08 12:18 - 2015-07-30 05:34 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2015-08-08 12:18 - 2015-07-30 05:29 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2015-08-08 12:18 - 2015-07-30 05:15 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2015-08-08 12:18 - 2015-07-30 05:10 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2015-08-08 12:18 - 2015-07-30 05:06 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2015-08-08 12:18 - 2015-07-30 05:04 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2015-08-08 12:18 - 2015-07-30 05:04 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2015-08-08 12:18 - 2015-07-30 04:59 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2015-08-08 12:18 - 2015-07-30 04:58 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2015-08-08 12:17 - 2015-07-30 08:15 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2015-08-08 12:17 - 2015-07-30 06:42 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2015-08-08 12:17 - 2015-07-30 06:24 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2015-08-08 12:17 - 2015-07-30 06:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe 2015-08-08 12:17 - 2015-07-30 06:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2015-08-08 12:17 - 2015-07-30 05:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2015-08-08 12:17 - 2015-07-30 05:49 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-08-08 12:17 - 2015-07-30 05:46 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll 2015-08-08 12:17 - 2015-07-30 05:45 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll 2015-08-08 12:17 - 2015-07-30 05:45 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys 2015-08-08 12:17 - 2015-07-30 05:44 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll 2015-08-08 12:17 - 2015-07-30 05:44 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys 2015-08-08 12:17 - 2015-07-30 05:44 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll 2015-08-08 12:17 - 2015-07-30 05:41 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll 2015-08-08 12:17 - 2015-07-30 05:38 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2015-08-08 12:17 - 2015-07-30 05:10 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2015-08-08 12:17 - 2015-07-30 05:07 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll 2015-08-08 12:17 - 2015-07-30 05:06 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2015-08-08 12:17 - 2015-07-30 05:06 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll 2015-08-08 12:17 - 2015-07-30 05:06 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll 2015-08-08 11:58 - 2015-08-08 11:58 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2015-08-08 11:40 - 2015-08-08 11:45 - 00000000 ____D C:\ProgramData\AsusMissionManagerIni 2015-08-08 10:49 - 2015-08-08 10:49 - 00000000 ____D C:\Users\Kris\AppData\Local\Publishers 2015-08-08 10:21 - 2015-08-08 10:23 - 00000000 ____D C:\Users\Kris\AppData\Local\Comms 2015-08-08 10:17 - 2015-08-08 10:17 - 00000000 ____D C:\Users\Kris\AppData\Local\TileDataLayer 2015-08-08 10:16 - 2015-08-08 10:16 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2015-08-08 10:15 - 2015-08-08 10:15 - 00000020 ___SH C:\Users\Kris\ntuser.ini 2015-08-08 04:15 - 2015-08-13 16:07 - 00067354 _____ C:\WINDOWS\DPINST.LOG 2015-08-08 04:09 - 2015-08-10 17:14 - 00000000 ____D C:\ProgramData\SetupTPDriver 2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Vorlagen 2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Startmenü 2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik 2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder 2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2015-08-08 03:03 - 2015-08-08 03:03 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2015-08-07 21:57 - 2015-08-07 21:06 - 00000000 __SHD C:\Recovery 2015-08-07 21:56 - 2015-08-08 03:30 - 00000000 ___DC C:\WINDOWS\Panther 2015-08-07 21:54 - 2015-08-07 21:54 - 00000000 ____D C:\Windows.old 2015-08-07 21:53 - 2015-08-07 21:53 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2015-08-07 21:53 - 2015-08-07 21:53 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2015-08-07 21:53 - 2015-08-07 21:53 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 02878000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 02224128 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 01611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2015-08-07 21:53 - 2015-08-07 21:53 - 01085776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe 2015-08-07 21:53 - 2015-08-07 21:53 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2015-08-07 21:53 - 2015-08-07 21:53 - 00916800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe 2015-08-07 21:53 - 2015-08-07 21:53 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00403968 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2015-08-07 21:53 - 2015-08-07 21:53 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00242264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2015-08-07 21:53 - 2015-08-07 21:53 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe 2015-08-07 21:53 - 2015-08-07 21:53 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-08-07 21:53 - 2015-08-07 21:53 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe 2015-08-07 21:53 - 2015-08-07 21:53 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe 2015-08-07 21:52 - 2015-08-07 21:52 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 01773056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2015-08-07 21:52 - 2015-08-07 21:52 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2015-08-07 21:52 - 2015-08-07 21:52 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2015-08-07 21:52 - 2015-08-07 21:52 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2015-08-07 21:52 - 2015-08-07 21:52 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2015-08-07 21:52 - 2015-08-07 21:52 - 00991584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys 2015-08-07 21:52 - 2015-08-07 21:52 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2015-08-07 21:52 - 2015-08-07 21:52 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2015-08-07 21:52 - 2015-08-07 21:52 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe 2015-08-07 21:52 - 2015-08-07 21:52 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00607008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2015-08-07 21:52 - 2015-08-07 21:52 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-08-07 21:52 - 2015-08-07 21:52 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2015-08-07 21:52 - 2015-08-07 21:52 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2015-08-07 21:52 - 2015-08-07 21:52 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe 2015-08-07 21:52 - 2015-08-07 21:52 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2015-08-07 21:52 - 2015-08-07 21:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2015-08-07 21:52 - 2015-08-07 21:52 - 00412672 _____ C:\WINDOWS\system32\diagtrack_win.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2015-08-07 21:52 - 2015-08-07 21:52 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2015-08-07 21:52 - 2015-08-07 21:52 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe 2015-08-07 21:52 - 2015-08-07 21:52 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe 2015-08-07 21:52 - 2015-08-07 21:52 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2015-08-07 21:52 - 2015-08-07 21:52 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2015-08-07 21:52 - 2015-08-07 21:52 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2015-08-07 21:52 - 2015-08-07 21:52 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe 2015-08-07 21:52 - 2015-08-07 21:52 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys 2015-08-07 21:52 - 2015-08-07 21:52 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe 2015-08-07 21:52 - 2015-08-07 21:52 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys 2015-08-07 21:52 - 2015-08-07 21:52 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-08-07 21:52 - 2015-08-07 21:52 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll 2015-08-07 21:49 - 2015-08-07 21:49 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2015-08-07 21:47 - 2015-08-07 21:47 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2015-08-07 21:47 - 2015-08-07 21:47 - 00000000 ____D C:\Program Files\Reference Assemblies 2015-08-07 21:47 - 2015-08-07 21:47 - 00000000 ____D C:\Program Files\MSBuild 2015-08-07 21:47 - 2015-08-07 21:47 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2015-08-07 21:47 - 2015-08-07 21:22 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-08-07 21:46 - 2015-06-17 19:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2015-08-07 21:46 - 2015-06-17 19:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2015-08-07 21:46 - 2015-06-17 19:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2015-08-07 21:46 - 2015-05-29 22:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2015-08-07 21:46 - 2015-05-29 22:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-08-07 21:46 - 2015-05-29 22:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2015-08-07 21:37 - 2015-08-08 12:03 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-08-07 21:27 - 2015-07-10 12:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2015-08-07 21:19 - 2015-08-07 21:19 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default\AppData\Roaming\Performix LLC 2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help 2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Performix LLC 2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2015-08-07 21:19 - 2015-08-07 21:19 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help 2015-08-07 21:10 - 2015-08-07 21:10 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2015-08-07 21:08 - 2015-08-13 15:04 - 00000000 ____D C:\Users\Kris 2015-08-07 21:08 - 2015-08-08 10:16 - 00000000 ___RD C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-08-07 21:08 - 2015-08-07 21:10 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-08-07 21:08 - 2015-08-07 21:10 - 00000000 ___RD C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen 2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü 2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung 2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen 2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien 2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung 2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik 2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder 2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf 2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten 2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten 2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Vorlagen 2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Startmenü 2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Netzwerkumgebung 2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Lokale Einstellungen 2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Eigene Dateien 2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Druckumgebung 2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Documents\Eigene Musik 2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Documents\Eigene Bilder 2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\AppData\Local\Verlauf 2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\AppData\Local\Anwendungsdaten 2015-08-07 21:08 - 2015-08-07 21:08 - 00000000 _SHDL C:\Users\Kris\Anwendungsdaten 2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-08-07 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-08-07 21:07 - 2015-08-07 21:39 - 00000000 ____D C:\Users\Gast 2015-08-07 21:07 - 2015-08-07 21:09 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Vorlagen 2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Startmenü 2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Netzwerkumgebung 2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Lokale Einstellungen 2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Eigene Dateien 2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Druckumgebung 2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Musik 2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Bilder 2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Verlauf 2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Anwendungsdaten 2015-08-07 21:07 - 2015-08-07 21:07 - 00000000 _SHDL C:\Users\Gast\Anwendungsdaten 2015-08-07 21:07 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2015-08-07 21:07 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-08-07 21:07 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-08-07 21:07 - 2015-07-10 13:04 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-08-07 21:04 - 2015-08-07 21:11 - 00000000 ____D C:\ProgramData\NVIDIA 2015-08-07 21:04 - 2015-08-07 21:11 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2015-08-07 21:04 - 2015-08-07 21:11 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2015-08-07 21:04 - 2015-08-07 21:04 - 00000000 ____D C:\WINDOWS\SysWOW64\NV 2015-08-07 21:04 - 2015-08-07 21:04 - 00000000 ____D C:\WINDOWS\system32\NV 2015-08-07 21:04 - 2015-08-07 21:04 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-08-07 21:04 - 2015-07-13 19:37 - 06873744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2015-08-07 21:04 - 2015-07-13 19:37 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2015-08-07 21:04 - 2015-07-13 19:37 - 02558792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2015-08-07 21:04 - 2015-07-13 19:37 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2015-08-07 21:04 - 2015-07-13 19:37 - 00937616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2015-08-07 21:04 - 2015-07-13 19:37 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2015-08-07 21:04 - 2015-07-13 19:37 - 00075080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2015-08-07 21:04 - 2015-07-13 19:37 - 00062792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2015-08-07 21:04 - 2015-07-13 18:28 - 05096627 _____ C:\WINDOWS\system32\nvcoproc.bin 2015-08-07 21:03 - 2015-08-07 21:11 - 00000000 ____D C:\Program Files\Intel 2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____H C:\ProgramData\DP45977C.lfl 2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____D C:\WINDOWS\system32\DAX2 2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____D C:\ProgramData\SonicFocus 2015-08-07 21:03 - 2015-08-07 21:03 - 00000000 ____D C:\Program Files\Realtek 2015-08-07 21:03 - 2015-07-30 22:45 - 00072688 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2015-08-07 21:03 - 2015-07-30 22:45 - 00069104 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2015-08-07 20:59 - 2015-08-07 20:59 - 00031060 _____ C:\WINDOWS\system32\NetSetupMig.log 2015-08-07 20:58 - 2015-08-16 14:19 - 00012090 _____ C:\WINDOWS\PFRO.log 2015-08-07 20:29 - 2015-08-08 01:53 - 00006719 _____ C:\WINDOWS\comsetup.log 2015-08-07 15:35 - 2015-08-07 15:35 - 00000000 ____D C:\Users\Kris\AppData\Local\CEF 2015-07-30 22:46 - 2015-07-30 22:46 - 12334064 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll 2015-07-30 22:46 - 2015-07-30 22:46 - 11905424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll 2015-07-30 22:46 - 2015-07-30 22:46 - 11053040 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll 2015-07-30 22:46 - 2015-07-30 22:46 - 10574976 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll 2015-07-30 22:46 - 2015-07-30 22:46 - 04636608 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll 2015-07-30 22:46 - 2015-07-30 22:46 - 03668768 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll 2015-07-30 22:46 - 2015-07-30 22:46 - 01155984 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll 2015-07-30 22:46 - 2015-07-30 22:46 - 01151832 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll 2015-07-30 22:46 - 2015-07-30 22:46 - 00467688 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll 2015-07-30 22:46 - 2015-07-30 22:46 - 00378816 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll 2015-07-30 22:46 - 2015-07-30 22:46 - 00229648 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll 2015-07-30 22:46 - 2015-07-30 22:46 - 00199080 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll 2015-07-30 22:46 - 2015-07-30 22:46 - 00194352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll 2015-07-30 22:46 - 2015-07-30 22:46 - 00169352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll 2015-07-30 22:46 - 2015-07-30 22:46 - 00040704 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 22914032 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 17846768 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 08528880 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 06512112 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 04371872 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe 2015-07-30 22:45 - 2015-07-30 22:45 - 04368288 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe 2015-07-30 22:45 - 2015-07-30 22:45 - 04024368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 03797960 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys 2015-07-30 22:45 - 2015-07-30 22:45 - 02508272 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe 2015-07-30 22:45 - 2015-07-30 22:45 - 02035696 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 01994224 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 01793008 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 01766896 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 01468976 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00969120 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe 2015-07-30 22:45 - 2015-07-30 22:45 - 00865328 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00678896 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00659504 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00632816 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00616496 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00555424 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe 2015-07-30 22:45 - 2015-07-30 22:45 - 00554912 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe 2015-07-30 22:45 - 2015-07-30 22:45 - 00540064 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe 2015-07-30 22:45 - 2015-07-30 22:45 - 00443296 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe 2015-07-30 22:45 - 2015-07-30 22:45 - 00409504 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe 2015-07-30 22:45 - 2015-07-30 22:45 - 00408992 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe 2015-07-30 22:45 - 2015-07-30 22:45 - 00393632 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe 2015-07-30 22:45 - 2015-07-30 22:45 - 00392688 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00385520 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00374256 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00357936 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00329200 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00328608 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe 2015-07-30 22:45 - 2015-07-30 22:45 - 00295408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00290208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe 2015-07-30 22:45 - 2015-07-30 22:45 - 00285168 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00264176 _____ C:\WINDOWS\system32\igfxCPL.cpl 2015-07-30 22:45 - 2015-07-30 22:45 - 00261104 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00256928 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe 2015-07-30 22:45 - 2015-07-30 22:45 - 00232944 _____ C:\WINDOWS\system32\igdde64.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00228848 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00223792 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00204192 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe 2015-07-30 22:45 - 2015-07-30 22:45 - 00194544 _____ C:\WINDOWS\SysWOW64\igdde32.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00193520 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00191984 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4252.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00191024 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00170992 _____ C:\WINDOWS\system32\igdail64.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00164256 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe 2015-07-30 22:45 - 2015-07-30 22:45 - 00163824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00152560 _____ C:\WINDOWS\SysWOW64\igdail32.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00141872 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00107568 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00102896 _____ C:\WINDOWS\system32\IccLibDll_x64.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00095216 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00078320 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00072688 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00069104 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00068080 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00039408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00019440 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00018928 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00018928 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00018928 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00013808 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll 2015-07-30 22:45 - 2015-07-30 22:45 - 00013808 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll 2015-07-28 11:28 - 2015-07-28 11:28 - 00100776 _____ (ASUS Corporation) C:\WINDOWS\system32\Drivers\AsusTP.sys 2015-07-20 22:20 - 2015-08-14 17:49 - 00000000 ____D C:\Program Files (x86)\Hippsoft 2015-07-20 22:20 - 2010-11-04 22:55 - 00659264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCT2.OCX 2015-07-20 22:20 - 2010-11-04 22:55 - 00415552 _____ (Microsoft Corporation ) C:\WINDOWS\SysWOW64\COMCT332.OCX 2015-07-20 22:20 - 2010-11-04 22:55 - 00258880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFLXGRD.OCX 2015-07-20 22:20 - 2010-11-04 22:55 - 00221504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTL32.OCX 2015-07-20 22:20 - 2010-11-04 22:55 - 00218432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RICHTX32.OCX 2015-07-20 22:20 - 2010-11-04 22:55 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCDE.DLL 2015-07-20 22:20 - 2010-11-04 22:55 - 00155984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMDLG32.OCX 2015-07-20 22:20 - 2010-11-04 22:55 - 00127808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWINSCK.OCX 2015-07-20 22:20 - 2010-11-04 22:55 - 00125712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6DE.DLL 2015-07-20 22:20 - 2010-11-04 22:55 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL 2015-07-20 22:20 - 2010-11-04 22:55 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCC2DE.DLL 2015-07-20 22:20 - 2010-11-04 22:55 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wbemdisp.tlb 2015-07-20 22:20 - 2010-11-04 22:55 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FLXGDDE.DLL 2015-07-20 22:20 - 2010-11-04 22:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RCHTXDE.DLL 2015-07-20 22:20 - 2010-11-04 22:55 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGDE.DLL 2015-07-20 22:20 - 2010-11-04 22:55 - 00028672 _____ (Microsoft Corporation ) C:\WINDOWS\SysWOW64\CMCT3DE.DLL 2015-07-20 22:20 - 2010-11-04 22:55 - 00024626 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrnde.dll 2015-07-20 22:20 - 2010-11-04 22:55 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TABCTDE.DLL 2015-07-20 22:20 - 2010-11-04 22:55 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WINSKDE.DLL 2015-07-20 22:19 - 2015-07-20 22:19 - 04047094 _____ C:\Users\Kris\Downloads\hswebcam_1.09.zip 2015-07-20 22:18 - 2015-07-20 22:18 - 01259808 _____ C:\Users\Kris\Downloads\hsWebCam - CHIP-Installer.exe 2015-07-19 13:03 - 2015-08-07 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-07-19 13:03 - 2015-07-19 13:03 - 00001767 _____ C:\Users\Public\Desktop\iTunes.lnk 2015-07-19 13:02 - 2015-07-19 13:03 - 00000000 ____D C:\Program Files\iTunes 2015-07-19 13:02 - 2015-07-19 13:02 - 00000000 ____D C:\Program Files\iPod 2015-07-19 13:02 - 2015-07-19 13:02 - 00000000 ____D C:\Program Files (x86)\iTunes |
|
18.08.2015, 00:16
| #14 |
| | Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem FRST 2 Code:
ATTFilter ==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-18 01:08 - 2015-05-09 01:57 - 00000574 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2324392281-2098655948-2250387561-1002.job
2015-08-18 01:08 - 2014-05-18 19:08 - 00000000 ____D C:\FRST
2015-08-18 01:06 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-18 00:51 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-18 00:41 - 2012-10-26 22:08 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-18 00:32 - 2012-10-27 11:36 - 00000000 ____D C:\Users\Kris\AppData\Local\Spotify
2015-08-18 00:32 - 2012-10-27 11:35 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Spotify
2015-08-18 00:18 - 2015-06-20 14:08 - 00001238 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002UA.job
2015-08-17 23:36 - 2015-05-30 13:10 - 00000670 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2324392281-2098655948-2250387561-1002.job
2015-08-17 22:42 - 2012-10-26 22:08 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-17 22:36 - 2015-04-19 17:15 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-17 21:52 - 2013-12-28 00:42 - 00004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B59720AA-39DF-4F4D-BE50-D6B932891593}
2015-08-17 08:18 - 2015-06-20 14:07 - 00001186 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002Core.job
2015-08-16 16:12 - 2015-03-29 15:02 - 00000000 ___RD C:\Users\Kris\Dropbox
2015-08-16 16:11 - 2015-03-29 14:59 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Dropbox
2015-08-16 16:09 - 2015-07-07 11:05 - 00000000 ___RD C:\Users\Kris\iCloudDrive
2015-08-16 16:07 - 2014-09-12 16:27 - 00000422 _____ C:\WINDOWS\Tasks\simplitec Service Provider.job
2015-08-16 16:06 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-16 16:05 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-16 16:02 - 2012-08-17 02:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-08-16 14:16 - 2014-03-10 21:10 - 00000000 ____D C:\AdwCleaner
2015-08-16 14:10 - 2013-05-11 21:33 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Skype
2015-08-16 13:53 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-15 12:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-14 18:52 - 2012-10-13 11:50 - 00000000 ____D C:\WINDOWS\ASUSProductDemoMovie
2015-08-14 17:52 - 2014-08-14 13:43 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-14 11:55 - 2015-04-19 17:15 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-08-14 11:41 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-13 21:46 - 2015-07-10 14:20 - 00020861 _____ C:\WINDOWS\setupact.log
2015-08-13 14:22 - 2012-10-26 22:10 - 00002330 _____ C:\Users\Kris\Desktop\Google Chrome.lnk
2015-08-13 14:19 - 2015-07-10 14:20 - 00460216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-13 14:11 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 14:11 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 14:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-13 14:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-13 14:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-13 14:05 - 2014-04-08 21:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-13 14:05 - 2014-04-08 21:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 23:28 - 2015-05-30 13:10 - 00003824 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-12 23:28 - 2015-05-09 01:57 - 00003728 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-12 17:30 - 2014-04-08 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 17:30 - 2012-11-06 21:10 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 17:29 - 2013-08-14 16:03 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-12 17:18 - 2012-12-13 18:02 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-11 21:19 - 2015-03-03 20:32 - 00000000 ____D C:\ProgramData\Oracle
2015-08-11 21:18 - 2013-06-29 19:42 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-11 21:17 - 2012-10-28 15:20 - 00321632 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2015-08-11 21:17 - 2012-10-28 15:20 - 00206944 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2015-08-11 21:17 - 2012-10-28 15:20 - 00206432 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2015-08-11 21:17 - 2012-10-28 15:20 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-08-11 21:17 - 2012-10-28 15:20 - 00000000 ____D C:\Program Files\Java
2015-08-11 21:16 - 2014-01-21 17:29 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-08-10 14:05 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\appcompat
2015-08-09 04:00 - 2014-02-21 23:26 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Telegram Win (Unofficial)
2015-08-08 17:38 - 2015-07-10 13:06 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 17:38 - 2015-07-10 13:06 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-08 14:19 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-08 14:15 - 2012-10-13 11:38 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-08-08 12:18 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\restore
2015-08-08 12:03 - 2015-07-10 18:34 - 00772342 _____ C:\WINDOWS\system32\perfh007.dat
2015-08-08 12:03 - 2015-07-10 18:34 - 00154170 _____ C:\WINDOWS\system32\perfc007.dat
2015-08-08 11:51 - 2012-10-27 04:44 - 00000000 ____D C:\Users\Kris\AppData\Local\Packages
2015-08-08 10:44 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-08-08 10:42 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-08-08 10:41 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-08-08 10:26 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-08-08 04:15 - 2012-10-13 11:40 - 00000000 ____D C:\Program Files\DIFX
2015-08-08 03:03 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows NT
2015-08-08 03:03 - 2015-07-10 11:05 - 00000000 __RHD C:\Users\Default
2015-08-08 02:57 - 2013-11-27 18:14 - 00059058 _____ C:\WINDOWS\diagwrn.xml
2015-08-08 02:57 - 2013-11-27 18:14 - 00059058 _____ C:\WINDOWS\diagerr.xml
2015-08-08 02:00 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Registration
2015-08-08 01:44 - 2013-11-27 18:39 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-08-08 01:43 - 2014-02-21 20:07 - 00003204 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-08 01:42 - 2014-05-11 13:57 - 00003316 _____ C:\WINDOWS\System32\Tasks\{4F236E2E-E3E7-4127-B77B-21F7F0B81AE2}
2015-08-08 01:42 - 2013-07-20 21:50 - 00003224 _____ C:\WINDOWS\System32\Tasks\{0E97361A-FDEE-49EC-90E5-8F380571B6BA}
2015-08-08 01:42 - 2013-05-01 01:22 - 00003208 _____ C:\WINDOWS\System32\Tasks\{BF8034A5-5417-4372-B7B4-0A6F3B7AD8CE}
2015-08-08 01:42 - 2012-10-27 04:53 - 00003710 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2324392281-2098655948-2250387561-1002
2015-08-08 01:41 - 2015-06-20 14:08 - 00004292 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002UA
2015-08-08 01:41 - 2015-06-20 14:07 - 00003912 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2324392281-2098655948-2250387561-1002Core
2015-08-08 01:41 - 2014-09-12 16:27 - 00002894 _____ C:\WINDOWS\System32\Tasks\simplitec Service Provider
2015-08-08 01:41 - 2013-12-17 00:03 - 00001714 _____ C:\WINDOWS\System32\Tasks\Amazon Music Helper
2015-08-08 01:41 - 2012-11-10 13:10 - 00003652 _____ C:\WINDOWS\System32\Tasks\ASUS Touchpad Launcher (x64)
2015-08-08 01:41 - 2012-10-26 22:08 - 00004218 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-08 01:41 - 2012-10-26 22:08 - 00003982 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-08 01:41 - 2012-10-13 11:47 - 00003222 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update
2015-08-07 23:23 - 2015-07-10 13:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-07 21:56 - 2015-07-10 13:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-08-07 21:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-08-07 21:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-08-07 21:53 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-08-07 21:53 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-08-07 21:22 - 2015-07-10 18:46 - 00000000 ____D C:\WINDOWS\ShellNew
2015-08-07 21:22 - 2015-07-10 11:05 - 00065536 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-07 21:22 - 2015-07-07 10:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-08-07 21:22 - 2015-05-09 01:58 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citrix
2015-08-07 21:22 - 2015-05-07 22:25 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Inquisit 4 Web Player
2015-08-07 21:22 - 2015-04-20 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2015-08-07 21:22 - 2015-04-19 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-08-07 21:22 - 2015-03-23 13:55 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2015-08-07 21:22 - 2014-11-19 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ekahau
2015-08-07 21:22 - 2014-11-19 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek
2015-08-07 21:22 - 2014-09-26 16:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Helden-Software
2015-08-07 21:22 - 2014-09-26 16:15 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Helden-Software
2015-08-07 21:22 - 2014-09-26 13:55 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-07 21:22 - 2014-09-26 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-07 21:22 - 2014-09-09 12:15 - 00000000 ____D C:\WINDOWS\de
2015-08-07 21:22 - 2014-05-11 14:28 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-08-07 21:22 - 2014-05-11 13:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scanned Text Editor 1.0
2015-08-07 21:22 - 2014-03-25 18:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-07 21:22 - 2014-03-08 23:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-08-07 21:22 - 2014-02-21 23:26 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Win (Unofficial)
2015-08-07 21:22 - 2014-01-21 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-07 21:22 - 2013-05-29 17:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-08-07 21:22 - 2013-02-15 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2015-08-07 21:22 - 2012-11-21 21:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2015-08-07 21:22 - 2012-11-06 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-08-07 21:22 - 2012-10-31 05:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2015-08-07 21:22 - 2012-10-29 12:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX350 series
2015-08-07 21:22 - 2012-10-28 15:05 - 00000000 ____D C:\Users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-07 21:22 - 2012-10-28 15:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-07 21:22 - 2012-10-27 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2015-08-07 21:22 - 2012-10-26 22:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7M
2015-08-07 21:22 - 2012-10-26 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-07 21:22 - 2012-08-17 02:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-08-07 21:19 - 2015-07-10 13:05 - 00004362 _____ C:\WINDOWS\DtcInstall.log
2015-08-07 21:19 - 2013-08-22 15:36 - 00000000 ____D C:\Users\Default.migrated
2015-08-07 21:14 - 2015-07-10 18:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\spool
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-08-07 21:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\IME
2015-08-07 21:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-08-07 21:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-08-07 21:14 - 2013-02-15 15:47 - 00000000 ____D C:\WINDOWS\SysWOW64\xlive
2015-08-07 21:12 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-08-07 21:12 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-08-07 21:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2015-08-07 21:12 - 2012-10-29 12:01 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2015-08-07 21:11 - 2015-07-10 15:19 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-08-07 21:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\InputMethod
2015-08-07 21:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\IME
2015-08-07 21:11 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\System
2015-08-07 21:11 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-07 21:11 - 2014-09-12 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2015-08-07 21:11 - 2014-05-06 21:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2015-08-07 21:11 - 2013-10-23 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-08-07 21:11 - 2013-08-23 00:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-08-07 21:11 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-08-07 21:11 - 2013-03-18 00:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotydl
2015-08-07 21:11 - 2012-12-09 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-08-07 21:11 - 2012-11-25 00:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2015-08-07 21:11 - 2012-10-26 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2015-08-07 21:11 - 2012-10-13 11:50 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUSDVD
2015-08-07 21:11 - 2012-08-02 15:28 - 00000000 ____D C:\ProgramData\PRICache
2015-08-07 21:10 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-08-07 21:09 - 2013-02-27 07:58 - 00000000 ____D C:\Users\Gast\AppData\Local\Packages
2015-08-07 21:06 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-08-07 21:04 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Help
2015-08-07 20:36 - 2014-09-13 17:04 - 01149954 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-08-07 20:28 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT
2015-08-07 13:40 - 2013-06-22 14:54 - 00000000 ____D C:\Users\Kris\Desktop\Dateien
2015-08-07 13:33 - 2012-10-26 22:52 - 00000000 ___DO C:\Users\Kris\OneDrive
2015-08-03 12:33 - 2013-06-21 13:43 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-08-03 12:33 - 2013-06-21 13:43 - 00137288 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-07-20 22:26 - 2012-07-26 07:26 - 00000402 _____ C:\WINDOWS\win.ini
2015-07-19 13:02 - 2015-03-23 13:01 - 00000000 ____D C:\Program Files\Common Files\Apple
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-01-19 09:44 - 2013-01-19 09:44 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2013-06-22 14:52 - 2013-06-22 14:52 - 0000068 _____ () C:\Users\Kris\AppData\Roaming\mbam.context.scan
2015-08-16 16:08 - 2015-08-16 16:09 - 0000401 _____ () C:\Users\Kris\AppData\Roaming\sp_data.sys
2013-12-19 01:19 - 2014-03-09 01:19 - 0000205 _____ () C:\Users\Kris\AppData\Roaming\WB.CFG
2014-11-19 20:28 - 2014-11-19 20:28 - 0000037 ___SH () C:\Users\Kris\AppData\Local\70149b02515b3bb20dd492.47983420
2013-03-18 01:21 - 2013-03-18 01:21 - 0001470 _____ () C:\Users\Kris\AppData\Local\RecConfig.xml
2015-08-07 21:03 - 2015-08-07 21:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-03-22 18:19 - 2015-06-20 17:08 - 0000263 _____ () C:\ProgramData\fontcacheev1.dat
2012-11-21 19:50 - 2012-11-21 19:50 - 0000105 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2012-08-17 02:52 - 2012-07-30 08:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-17 02:52 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2012-10-26 22:07 - 2012-10-26 22:09 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-10-26 22:06 - 2012-10-26 22:07 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\fontcacheev1.dat
Einige Dateien in TEMP:
====================
C:\Users\Kris\AppData\Local\Temp\avgnt.exe
C:\Users\Kris\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxjpwk4.dll
C:\Users\Kris\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Kris\AppData\Local\Temp\Quarantine.exe
C:\Users\Kris\AppData\Local\Temp\sqlite3.dll
C:\Users\Kris\AppData\Local\Temp\ytb.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-07 20:58
==================== Ende von Ergebnis ============================
|
|
18.08.2015, 18:44
| #15 |
| /// the machine /// TB-Ausbilder | Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem IN welchem Browser? Oder in Mehreren?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Win 10 system.exe sorgt für hohe Arbeitsspeicher-Auslastung + Adware Problem |
| adware, antivirus, auslastung, avira, bluescreen, computer, excel, feedback, helper, hängen, installation, internet, internet explorer, langsam, onedrive, problem, prozess, registry, rundll, safer networking, server, software, taskmanager, tracker, updates, usb, werbung, win 10, windows, windowsapps, zugriff verweigert |
Linear-Darstellung
