|
Plagegeister aller Art und deren Bekämpfung: PC gehackt und Screenshots via Facebook verschicktWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
28.04.2016, 16:31 | #1 |
| PC gehackt und Screenshots via Facebook verschickt Hallo zusammen, das ist mein erster Eintrag hier im Forum und ich hoffe, dass ich im richtigen Thread gelandet bin. Nun zu meinem Problem. Schon seit einiger Zeit macht sich meine Maus teilweise selbstständig, in dem Sinne, dass sie sich nicht in die Richtung bewegt, in die ich sie lenke, sondern sie hin und her flackert. Das Problem verschwand allerdings meist nach sehr kurzer Zeit wieder (ca 10-15 sek) weshalb ich immer nur auf einen Hardwarefehler getippt habe und es nicht wirklich ernst genommen habe. Seit ca 3 Tagen ist unser WLAN vor allem abends extrem langsam, sodass wir nicht mal mehr Videos auf Youtube anschauen können. Tagsüber ist dies nicht der Fall. Das Schlüsselerlebnis geschah allerdings gestern Abend. Zunächst chattete ich mit einem Kumpel bei Facebook über ein Facebook-Video, das er mir zuvor geschickt hatte. Im Verlauf der Unterhaltung wurde meinem Kumpel -von meinem Account aus- ein Bild bzw ein Screenshot von meinem Computer geschickt, auf dem zu sehen ist, wie ich mich im Browser auf einer Pornoseite befinde. Der Screenshot wurde ca 4 Stunden vor unserer Facebook-Unterhaltung aufgenommen und ihm dann letztendlich bei Facebook, von einer fremden Person allerdings über meinen Account, geschickt. Sofort änderte ich das Facebook- sowie E-Mail-Passwort und lies mich von allen Geräten bei Facebook abmelden. Habe nun erst mal Avira per 'Full Scan' durchlaufen lassen , wobei es 5 Funde gab, von denen sich einer nicht löschen lässt und er auch nach nochmaligem suchdurchlauf immer noch da ist: PUA/SearchProtect.191901 Auch AdwCleaner ließ ich durchlaufen und im Nachhinein alle Funde löschen. Nun ist meine größte Befürchtung, dass jemand sich in meinen PC gehackt hat, vollständigen Zugriff auf ihn hat und er aufgrund der Screenshots sogar live sehen kann, was ich gerade am Laptop mache. Da er diesen 'peinlichen' Screenshot per Facebook weiter geschickt hat, befürchte ich, dass es sich nicht um einen Trojaner oder ähnliches handelt, sondern dass die Person meinen Interneverkehr live überwacht hat und das Bild bewusst weiter geschickt hat, um mir zu Schaden. Wie soll ich nun am besten Verfahren? Mit freundlichen Grüßen und Danke im Voraus CaptainM |
29.04.2016, 10:39 | #2 | |
/// Malwareteam | PC gehackt und Screenshots via Facebook verschicktMein Name ist Rafael und ich werde dir bei der Bereinigung helfen. Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
Zitat:
Schritt: 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt: 2 Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
29.04.2016, 13:22 | #3 |
| PC gehackt und Screenshots via Facebook verschickt Hallo Rafael,
__________________vielen Dank schon mal für deine Hilfe. Hier ist zuerst die Logfile von Avira: Code:
ATTFilter Free Antivirus Report file date: Donnerstag, 28. April 2016 12:12 The program is running as an unrestricted full version. Online services are available. Licensee : Free Serial number : 0000149996-AVHOE-0000001 Platform : Windows 10 Home Windows version : (plain) [10.0.10586] Boot mode : Normally booted Username : UNI Computer name : LENOVO-PC Version information: build.dat : 15.0.16.282 92460 Bytes 22.02.2016 16:45:00 AVSCAN.EXE : 15.0.16.276 1235360 Bytes 11.03.2016 14:35:21 AVSCANRC.DLL : 15.0.16.268 55480 Bytes 11.03.2016 14:35:21 LUKE.DLL : 15.0.16.273 67840 Bytes 11.03.2016 14:35:47 AVSCPLR.DLL : 15.0.16.280 130712 Bytes 11.03.2016 14:35:21 REPAIR.DLL : 15.0.16.251 596760 Bytes 11.03.2016 14:35:19 repair.rdf : 1.0.16.90 1598982 Bytes 27.04.2016 15:24:08 AVREG.DLL : 15.0.16.273 350584 Bytes 11.03.2016 14:35:18 avlode.dll : 15.0.16.276 721384 Bytes 11.03.2016 14:35:16 avlode.rdf : 14.0.5.36 94056 Bytes 01.03.2016 16:01:22 XBV00008.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:15 XBV00009.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:15 XBV00010.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:15 XBV00011.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:15 XBV00012.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:15 XBV00013.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:15 XBV00014.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:15 XBV00015.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:15 XBV00016.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:15 XBV00017.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:15 XBV00018.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:15 XBV00019.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:15 XBV00020.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:15 XBV00021.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:15 XBV00022.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:15 XBV00023.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:15 XBV00024.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:15 XBV00025.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:15 XBV00026.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:15 XBV00027.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:16 XBV00028.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:16 XBV00029.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:16 XBV00030.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:16 XBV00031.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:16 XBV00032.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:16 XBV00033.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:16 XBV00034.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:16 XBV00035.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:16 XBV00036.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:16 XBV00037.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:16 XBV00038.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:16 XBV00039.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:16 XBV00040.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:16 XBV00041.VDF : 8.12.37.66 2048 Bytes 17.12.2015 19:19:16 XBV00182.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:02 XBV00183.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:02 XBV00184.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:02 XBV00185.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:02 XBV00186.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:02 XBV00187.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:02 XBV00188.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:02 XBV00189.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:02 XBV00190.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:02 XBV00191.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:02 XBV00192.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:02 XBV00193.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:02 XBV00194.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:02 XBV00195.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:02 XBV00196.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:02 XBV00197.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:02 XBV00198.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:02 XBV00199.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:02 XBV00200.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00201.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00202.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00203.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00204.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00205.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00206.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00207.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00208.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00209.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00210.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00211.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00212.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00213.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00214.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00215.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00216.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00217.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00218.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00219.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00220.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00221.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00222.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00223.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00224.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00225.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00226.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00227.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00228.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00229.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:03 XBV00230.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00231.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00232.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00233.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00234.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00235.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00236.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00237.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00238.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00239.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00240.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00241.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00242.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00243.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00244.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00245.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00246.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00247.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00248.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00249.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00250.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00251.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00252.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00253.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00254.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00255.VDF : 8.12.80.192 2048 Bytes 13.04.2016 13:03:04 XBV00000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 09:23:34 XBV00001.VDF : 7.11.237.0 48041984 Bytes 02.06.2015 19:19:09 XBV00002.VDF : 7.12.37.36 16452096 Bytes 17.12.2015 19:19:15 XBV00003.VDF : 8.12.44.142 3948032 Bytes 09.01.2016 23:42:03 XBV00004.VDF : 8.12.52.208 4036096 Bytes 02.02.2016 11:21:11 XBV00005.VDF : 8.12.62.184 2779136 Bytes 26.02.2016 21:30:56 XBV00006.VDF : 8.12.71.186 2191360 Bytes 19.03.2016 12:01:36 XBV00007.VDF : 8.12.80.192 3617280 Bytes 13.04.2016 13:02:57 XBV00042.VDF : 8.12.80.194 49152 Bytes 13.04.2016 13:02:57 XBV00043.VDF : 8.12.80.210 2048 Bytes 13.04.2016 13:02:57 XBV00044.VDF : 8.12.80.226 2048 Bytes 13.04.2016 13:02:57 XBV00045.VDF : 8.12.80.242 33792 Bytes 13.04.2016 13:02:58 XBV00046.VDF : 8.12.81.34 67072 Bytes 13.04.2016 01:01:41 XBV00047.VDF : 8.12.81.50 2048 Bytes 13.04.2016 01:01:41 XBV00048.VDF : 8.12.81.66 39424 Bytes 13.04.2016 01:01:41 XBV00049.VDF : 8.12.81.68 12288 Bytes 13.04.2016 01:01:41 XBV00050.VDF : 8.12.81.70 11264 Bytes 13.04.2016 01:01:41 XBV00051.VDF : 8.12.81.72 6656 Bytes 13.04.2016 01:01:41 XBV00052.VDF : 8.12.81.78 33280 Bytes 14.04.2016 12:01:00 XBV00053.VDF : 8.12.81.80 15872 Bytes 14.04.2016 12:01:00 XBV00054.VDF : 8.12.81.82 9728 Bytes 14.04.2016 12:01:00 XBV00055.VDF : 8.12.81.98 13824 Bytes 14.04.2016 12:01:01 XBV00056.VDF : 8.12.81.126 68608 Bytes 14.04.2016 23:13:22 XBV00057.VDF : 8.12.81.140 17920 Bytes 14.04.2016 23:13:22 XBV00058.VDF : 8.12.81.154 38912 Bytes 14.04.2016 23:13:23 XBV00059.VDF : 8.12.81.156 35328 Bytes 14.04.2016 23:13:23 XBV00060.VDF : 8.12.81.158 13824 Bytes 14.04.2016 23:13:23 XBV00061.VDF : 8.12.81.162 71168 Bytes 15.04.2016 12:49:05 XBV00062.VDF : 8.12.81.176 2048 Bytes 15.04.2016 12:49:05 XBV00063.VDF : 8.12.81.190 22016 Bytes 15.04.2016 12:49:05 XBV00064.VDF : 8.12.81.204 19456 Bytes 15.04.2016 12:49:05 XBV00065.VDF : 8.12.81.218 29696 Bytes 15.04.2016 12:49:05 XBV00066.VDF : 8.12.81.232 16384 Bytes 15.04.2016 12:49:05 XBV00067.VDF : 8.12.81.246 13824 Bytes 15.04.2016 12:49:05 XBV00068.VDF : 8.12.81.250 47616 Bytes 15.04.2016 23:30:18 XBV00069.VDF : 8.12.81.252 2048 Bytes 15.04.2016 23:30:18 XBV00070.VDF : 8.12.81.254 31744 Bytes 15.04.2016 23:30:18 XBV00071.VDF : 8.12.82.0 11776 Bytes 15.04.2016 23:30:18 XBV00072.VDF : 8.12.82.8 129024 Bytes 16.04.2016 20:38:56 XBV00073.VDF : 8.12.82.22 2048 Bytes 16.04.2016 20:38:56 XBV00074.VDF : 8.12.82.34 20992 Bytes 16.04.2016 20:38:56 XBV00075.VDF : 8.12.82.46 23552 Bytes 16.04.2016 20:38:56 XBV00076.VDF : 8.12.82.58 19456 Bytes 16.04.2016 20:38:57 XBV00077.VDF : 8.12.82.60 15872 Bytes 16.04.2016 20:38:57 XBV00078.VDF : 8.12.82.64 14848 Bytes 16.04.2016 20:38:57 XBV00079.VDF : 8.12.82.66 84992 Bytes 17.04.2016 20:38:57 XBV00080.VDF : 8.12.82.72 14336 Bytes 17.04.2016 20:38:57 XBV00081.VDF : 8.12.82.74 134656 Bytes 17.04.2016 11:36:01 XBV00082.VDF : 8.12.82.86 65536 Bytes 18.04.2016 11:36:01 XBV00083.VDF : 8.12.82.98 17408 Bytes 18.04.2016 11:36:01 XBV00084.VDF : 8.12.82.100 5120 Bytes 18.04.2016 11:36:01 XBV00085.VDF : 8.12.82.102 4608 Bytes 18.04.2016 11:36:02 XBV00086.VDF : 8.12.82.104 20480 Bytes 18.04.2016 18:05:42 XBV00087.VDF : 8.12.82.108 33280 Bytes 18.04.2016 18:05:42 XBV00088.VDF : 8.12.82.110 2048 Bytes 18.04.2016 18:05:42 XBV00089.VDF : 8.12.82.112 2048 Bytes 18.04.2016 18:05:42 XBV00090.VDF : 8.12.82.116 11776 Bytes 18.04.2016 18:05:42 XBV00091.VDF : 8.12.82.128 35840 Bytes 18.04.2016 22:42:39 XBV00092.VDF : 8.12.82.140 19968 Bytes 18.04.2016 22:42:39 XBV00093.VDF : 8.12.82.152 9216 Bytes 18.04.2016 22:42:39 XBV00094.VDF : 8.12.82.164 7680 Bytes 18.04.2016 22:42:39 XBV00095.VDF : 8.12.82.168 55296 Bytes 19.04.2016 15:25:21 XBV00096.VDF : 8.12.82.170 7680 Bytes 19.04.2016 15:25:21 XBV00097.VDF : 8.12.82.172 8704 Bytes 19.04.2016 15:25:21 XBV00098.VDF : 8.12.82.174 46080 Bytes 19.04.2016 15:25:21 XBV00099.VDF : 8.12.82.180 56832 Bytes 19.04.2016 19:09:12 XBV00100.VDF : 8.12.82.182 19456 Bytes 19.04.2016 19:09:13 XBV00101.VDF : 8.12.82.184 23552 Bytes 19.04.2016 21:56:57 XBV00102.VDF : 8.12.82.186 21504 Bytes 19.04.2016 17:11:19 XBV00103.VDF : 8.12.82.188 23552 Bytes 19.04.2016 17:11:19 XBV00104.VDF : 8.12.82.214 43520 Bytes 20.04.2016 17:11:19 XBV00105.VDF : 8.12.82.224 14848 Bytes 20.04.2016 17:11:19 XBV00106.VDF : 8.12.82.234 19968 Bytes 20.04.2016 17:11:19 XBV00107.VDF : 8.12.82.236 10752 Bytes 20.04.2016 17:11:20 XBV00108.VDF : 8.12.82.246 2560 Bytes 20.04.2016 17:11:20 XBV00109.VDF : 8.12.83.2 97792 Bytes 20.04.2016 17:11:20 XBV00110.VDF : 8.12.83.4 2048 Bytes 20.04.2016 17:11:20 XBV00111.VDF : 8.12.83.6 46080 Bytes 20.04.2016 17:11:20 XBV00112.VDF : 8.12.83.8 2048 Bytes 20.04.2016 17:11:20 XBV00113.VDF : 8.12.83.10 29184 Bytes 20.04.2016 20:37:05 XBV00114.VDF : 8.12.83.12 31232 Bytes 20.04.2016 20:37:05 XBV00115.VDF : 8.12.83.14 30208 Bytes 20.04.2016 22:37:06 XBV00116.VDF : 8.12.83.26 65536 Bytes 21.04.2016 21:19:33 XBV00117.VDF : 8.12.83.34 8704 Bytes 21.04.2016 21:19:33 XBV00118.VDF : 8.12.83.42 15872 Bytes 21.04.2016 21:19:33 XBV00119.VDF : 8.12.83.50 8192 Bytes 21.04.2016 21:19:33 XBV00120.VDF : 8.12.83.58 19456 Bytes 21.04.2016 21:19:33 XBV00121.VDF : 8.12.83.68 99328 Bytes 21.04.2016 21:19:33 XBV00122.VDF : 8.12.83.70 23040 Bytes 21.04.2016 21:19:33 XBV00123.VDF : 8.12.83.72 13824 Bytes 21.04.2016 21:19:33 XBV00124.VDF : 8.12.83.74 16896 Bytes 21.04.2016 21:19:33 XBV00125.VDF : 8.12.83.76 15360 Bytes 21.04.2016 23:24:33 XBV00126.VDF : 8.12.83.78 2560 Bytes 21.04.2016 23:24:33 XBV00127.VDF : 8.12.83.82 72704 Bytes 22.04.2016 08:59:36 XBV00128.VDF : 8.12.83.84 14336 Bytes 22.04.2016 08:59:36 XBV00129.VDF : 8.12.83.86 17408 Bytes 22.04.2016 10:59:39 XBV00130.VDF : 8.12.83.88 19456 Bytes 22.04.2016 12:59:35 XBV00131.VDF : 8.12.83.90 35328 Bytes 22.04.2016 15:45:55 XBV00132.VDF : 8.12.83.92 20992 Bytes 22.04.2016 15:45:55 XBV00133.VDF : 8.12.83.100 2048 Bytes 22.04.2016 15:45:55 XBV00134.VDF : 8.12.83.108 49664 Bytes 22.04.2016 12:17:44 XBV00135.VDF : 8.12.83.116 27136 Bytes 22.04.2016 12:17:44 XBV00136.VDF : 8.12.83.124 13312 Bytes 22.04.2016 12:17:44 XBV00137.VDF : 8.12.83.128 22016 Bytes 22.04.2016 12:17:44 XBV00138.VDF : 8.12.83.134 55808 Bytes 23.04.2016 12:17:44 XBV00139.VDF : 8.12.83.136 2048 Bytes 23.04.2016 12:17:44 XBV00140.VDF : 8.12.83.138 19968 Bytes 23.04.2016 12:17:44 XBV00141.VDF : 8.12.83.142 2048 Bytes 23.04.2016 12:17:44 XBV00142.VDF : 8.12.83.144 24064 Bytes 23.04.2016 12:17:44 XBV00143.VDF : 8.12.83.146 125952 Bytes 24.04.2016 12:17:45 XBV00144.VDF : 8.12.83.148 2048 Bytes 24.04.2016 12:17:45 XBV00145.VDF : 8.12.83.156 15872 Bytes 24.04.2016 12:17:45 XBV00146.VDF : 8.12.83.162 16384 Bytes 24.04.2016 16:23:28 XBV00147.VDF : 8.12.83.168 118272 Bytes 25.04.2016 11:01:10 XBV00148.VDF : 8.12.83.174 18944 Bytes 25.04.2016 11:01:10 XBV00149.VDF : 8.12.83.180 11776 Bytes 25.04.2016 11:01:10 XBV00150.VDF : 8.12.83.182 20480 Bytes 25.04.2016 23:30:21 XBV00151.VDF : 8.12.83.186 55808 Bytes 25.04.2016 23:30:21 XBV00152.VDF : 8.12.83.188 6656 Bytes 25.04.2016 23:30:21 XBV00153.VDF : 8.12.83.190 12288 Bytes 25.04.2016 23:30:21 XBV00154.VDF : 8.12.83.192 27136 Bytes 25.04.2016 23:30:21 XBV00155.VDF : 8.12.83.194 16384 Bytes 25.04.2016 23:30:21 XBV00156.VDF : 8.12.83.200 5632 Bytes 25.04.2016 23:30:21 XBV00157.VDF : 8.12.83.212 55808 Bytes 26.04.2016 10:25:44 XBV00158.VDF : 8.12.83.218 2048 Bytes 26.04.2016 10:25:44 XBV00159.VDF : 8.12.83.224 11264 Bytes 26.04.2016 10:25:44 XBV00160.VDF : 8.12.83.230 12800 Bytes 26.04.2016 10:25:44 XBV00161.VDF : 8.12.83.232 19968 Bytes 26.04.2016 10:25:44 XBV00162.VDF : 8.12.83.236 49152 Bytes 26.04.2016 22:51:27 XBV00163.VDF : 8.12.83.238 2048 Bytes 26.04.2016 22:51:32 XBV00164.VDF : 8.12.83.240 16384 Bytes 26.04.2016 22:51:33 XBV00165.VDF : 8.12.83.242 16896 Bytes 26.04.2016 22:51:35 XBV00166.VDF : 8.12.83.244 10240 Bytes 26.04.2016 22:51:36 XBV00167.VDF : 8.12.83.246 8704 Bytes 26.04.2016 22:51:38 XBV00168.VDF : 8.12.83.248 7680 Bytes 26.04.2016 22:51:39 XBV00169.VDF : 8.12.83.250 10240 Bytes 26.04.2016 22:51:39 XBV00170.VDF : 8.12.83.252 19456 Bytes 26.04.2016 15:24:01 XBV00171.VDF : 8.12.84.4 33792 Bytes 27.04.2016 15:24:01 XBV00172.VDF : 8.12.84.10 3584 Bytes 27.04.2016 15:24:01 XBV00173.VDF : 8.12.84.14 8704 Bytes 27.04.2016 15:24:01 XBV00174.VDF : 8.12.84.18 23552 Bytes 27.04.2016 15:24:02 XBV00175.VDF : 8.12.84.46 29696 Bytes 27.04.2016 15:24:02 XBV00176.VDF : 8.12.84.74 41472 Bytes 27.04.2016 15:24:02 XBV00177.VDF : 8.12.84.100 22528 Bytes 27.04.2016 17:23:59 XBV00178.VDF : 8.12.84.126 16896 Bytes 27.04.2016 21:15:13 XBV00179.VDF : 8.12.84.152 2048 Bytes 27.04.2016 21:15:13 XBV00180.VDF : 8.12.84.178 14336 Bytes 27.04.2016 21:15:13 XBV00181.VDF : 8.12.84.204 2048 Bytes 27.04.2016 21:15:13 LOCAL000.VDF : 8.12.84.204 152929792 Bytes 27.04.2016 21:15:28 Engine version : 8.3.38.38 AEBB.DLL : 8.1.3.0 59296 Bytes 19.11.2015 14:29:14 AECORE.DLL : 8.3.12.4 247720 Bytes 21.03.2016 18:58:52 AEDROID.DLL : 8.4.3.358 2717608 Bytes 05.04.2016 19:16:48 AEEMU.DLL : 8.1.3.8 404328 Bytes 18.03.2016 12:57:55 AEEXP.DLL : 8.4.2.160 300968 Bytes 05.04.2016 19:16:09 AEGEN.DLL : 8.1.8.88 535400 Bytes 19.04.2016 15:25:21 AEHELP.DLL : 8.3.2.10 284584 Bytes 15.02.2016 13:37:37 AEHEUR.DLL : 8.1.4.2246 10165104 Bytes 08.04.2016 12:24:14 AEMOBILE.DLL : 8.1.8.10 301936 Bytes 26.11.2015 14:05:33 AEOFFICE.DLL : 8.3.3.26 468904 Bytes 21.04.2016 21:19:32 AEPACK.DLL : 8.4.2.14 805744 Bytes 31.03.2016 23:48:49 AERDL.DLL : 8.2.1.42 813928 Bytes 18.03.2016 12:57:56 AESBX.DLL : 8.2.21.4 1629032 Bytes 17.03.2016 00:33:35 AESCN.DLL : 8.3.4.4 142456 Bytes 11.03.2016 12:19:09 AESCRIPT.DLL : 8.3.0.112 595880 Bytes 27.04.2016 15:24:01 AEVDF.DLL : 8.3.3.4 142184 Bytes 21.03.2016 18:58:54 AVWINLL.DLL : 15.0.16.227 27680 Bytes 11.03.2016 14:35:12 AVPREF.DLL : 15.0.16.227 53944 Bytes 11.03.2016 14:35:18 AVREP.DLL : 15.0.16.227 223400 Bytes 11.03.2016 14:35:18 AVARKT.DLL : 15.0.16.227 230080 Bytes 11.03.2016 14:35:13 AVEVTLOG.DLL : 15.0.16.251 200192 Bytes 11.03.2016 14:35:14 SQLITE3.DLL : 15.0.16.227 459752 Bytes 11.03.2016 14:35:52 AVSMTP.DLL : 15.0.16.227 80200 Bytes 11.03.2016 14:35:22 NETNT.DLL : 15.0.16.227 16880 Bytes 11.03.2016 14:35:47 CommonImageRc.dll: 15.0.16.222 4307832 Bytes 11.03.2016 14:35:12 CommonTextRc.dll: 15.0.16.222 68352 Bytes 11.03.2016 14:35:12 Configuration settings for the scan: Jobname.............................: Full scan Configuration file..................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp Reporting...........................: default Primary action......................: Interactive Secondary action....................: Ignore Scan master boot sector.............: on Scan boot sector....................: on Boot sectors........................: C:, D:, Process scan........................: on Extended process scan...............: on Scan registry.......................: on Search for rootkits.................: on Integrity checking of system files..: off Scan all files......................: All files Scan archives.......................: on Limit recursion depth...............: 20 Smart extensions....................: on Macrovirus heuristic................: on File heuristic......................: extended Skipped files.......................: Start of the scan: Donnerstag, 28. April 2016 12:12 Start scanning boot sectors: Boot sector 'HDD0(C:, D:)' [INFO] No virus was found! Starting search for hidden objects. Error in ARK library The scan of running processes will be started: Scan process 'svchost.exe' - '71' Module(s) have been scanned Scan process 'svchost.exe' - '31' Module(s) have been scanned Scan process 'dwm.exe' - '46' Module(s) have been scanned Scan process 'svchost.exe' - '113' Module(s) have been scanned Scan process 'svchost.exe' - '103' Module(s) have been scanned Scan process 'svchost.exe' - '199' Module(s) have been scanned Scan process 'svchost.exe' - '71' Module(s) have been scanned Scan process 'svchost.exe' - '50' Module(s) have been scanned Scan process 'nvvsvc.exe' - '32' Module(s) have been scanned Scan process 'WUDFHost.exe' - '23' Module(s) have been scanned Scan process 'igfxCUIService.exe' - '36' Module(s) have been scanned Scan process 'nvxdsync.exe' - '56' Module(s) have been scanned Scan process 'nvvsvc.exe' - '61' Module(s) have been scanned Scan process 'svchost.exe' - '63' Module(s) have been scanned Scan process 'svchost.exe' - '85' Module(s) have been scanned Scan process 'spoolsv.exe' - '84' Module(s) have been scanned Scan process 'sched.exe' - '92' Module(s) have been scanned Scan process 'svchost.exe' - '28' Module(s) have been scanned Scan process 'svchost.exe' - '38' Module(s) have been scanned Scan process 'dashost.exe' - '43' Module(s) have been scanned Scan process 'svchost.exe' - '74' Module(s) have been scanned Scan process 'HerculesDJControlMP3.EXE' - '31' Module(s) have been scanned Scan process 'CxAudMsg64.exe' - '32' Module(s) have been scanned Scan process 'armsvc.exe' - '32' Module(s) have been scanned Scan process 'avguard.exe' - '104' Module(s) have been scanned Scan process 'mDNSResponder.exe' - '29' Module(s) have been scanned Scan process 'LenovoWiFiHotspotSvr.exe' - '45' Module(s) have been scanned Scan process 'SystemAgentService.exe' - '35' Module(s) have been scanned Scan process 'HeciServer.exe' - '24' Module(s) have been scanned Scan process 'svchost.exe' - '38' Module(s) have been scanned Scan process 'SAsrv.exe' - '28' Module(s) have been scanned Scan process 'RichVideo64.exe' - '24' Module(s) have been scanned Scan process 'AppleMobileDeviceService.exe' - '57' Module(s) have been scanned Scan process 'ETDService.exe' - '20' Module(s) have been scanned Scan process 'Avira.ServiceHost.exe' - '115' Module(s) have been scanned Scan process 'daemonu.exe' - '66' Module(s) have been scanned Scan process 'ETDCtrl.exe' - '55' Module(s) have been scanned Scan process 'sihost.exe' - '59' Module(s) have been scanned Scan process 'PresentationFontCache.exe' - '40' Module(s) have been scanned Scan process 'taskeng.exe' - '20' Module(s) have been scanned Scan process 'RuntimeBroker.exe' - '92' Module(s) have been scanned Scan process 'wmiprvse.exe' - '37' Module(s) have been scanned Scan process 'Explorer.EXE' - '213' Module(s) have been scanned Scan process 'SkypeHost.exe' - '107' Module(s) have been scanned Scan process 'ETDCtrlHelper.exe' - '37' Module(s) have been scanned Scan process 'Avira.Systray.exe' - '123' Module(s) have been scanned Scan process 'SearchIndexer.exe' - '51' Module(s) have been scanned Scan process 'ShellExperienceHost.exe' - '88' Module(s) have been scanned Scan process 'igfxEM.exe' - '50' Module(s) have been scanned Scan process 'igfxHK.exe' - '28' Module(s) have been scanned Scan process 'igfxTray.exe' - '46' Module(s) have been scanned Scan process 'SearchUI.exe' - '120' Module(s) have been scanned Scan process 'DllHost.exe' - '31' Module(s) have been scanned Scan process 'RTFTrack.exe' - '41' Module(s) have been scanned Scan process 'NvTmru.exe' - '31' Module(s) have been scanned Scan process 'CAudioFilterAgent64.exe' - '34' Module(s) have been scanned Scan process 'fmapp.exe' - '14' Module(s) have been scanned Scan process 'OnekeyStudio.exe' - '42' Module(s) have been scanned Scan process 'Energy Manager.exe' - '52' Module(s) have been scanned Scan process 'utility.exe' - '40' Module(s) have been scanned Scan process 'HDJSeries2TrayBar.exe' - '45' Module(s) have been scanned Scan process 'OneDrive.exe' - '76' Module(s) have been scanned Scan process 'avgnt.exe' - '118' Module(s) have been scanned Scan process 'HDJSeriesCPL.exe' - '49' Module(s) have been scanned Scan process 'HDJSeries2CPL.exe' - '46' Module(s) have been scanned Scan process 'avcenter.exe' - '143' Module(s) have been scanned Scan process 'hpwuschd2.exe' - '30' Module(s) have been scanned Scan process 'avshadow.exe' - '25' Module(s) have been scanned Scan process 'taskhostw.exe' - '36' Module(s) have been scanned Scan process 'ApplicationFrameHost.exe' - '45' Module(s) have been scanned Scan process 'PDVD10Serv.EXE' - '34' Module(s) have been scanned Scan process 'svchost.exe' - '93' Module(s) have been scanned Scan process 'wuapihost.exe' - '24' Module(s) have been scanned Scan process 'IAStorIcon.exe' - '71' Module(s) have been scanned Scan process 'HPSupportSolutionsFrameworkService.exe' - '68' Module(s) have been scanned Scan process 'IAStorDataMgrSvc.exe' - '90' Module(s) have been scanned Scan process 'taskmgr.exe' - '68' Module(s) have been scanned Scan process 'jhi_service.exe' - '31' Module(s) have been scanned Scan process 'LMS.exe' - '54' Module(s) have been scanned Scan process 'WMIADAP.EXE' - '22' Module(s) have been scanned Scan process 'wmiprvse.exe' - '26' Module(s) have been scanned Scan process 'SettingSyncHost.exe' - '68' Module(s) have been scanned Scan process 'avscan.exe' - '80' Module(s) have been scanned Scan process 'avscan.exe' - '109' Module(s) have been scanned Scan process 'vssvc.exe' - '32' Module(s) have been scanned Scan process 'svchost.exe' - '27' Module(s) have been scanned Scan process 'SearchProtocolHost.exe' - '33' Module(s) have been scanned Scan process 'SearchFilterHost.exe' - '20' Module(s) have been scanned Scan process 'winlogon.exe' - '30' Module(s) have been scanned Scan process 'lsass.exe' - '75' Module(s) have been scanned Starting to scan executable files (registry): The registry was scanned ( '1857' files ). Starting the file scan: Begin scan in 'C:\' <Windows8_OS> C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC32.dll [DETECTION] Contains patterns of software PUA/SearchProtect.Gen C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\uninstall.exe [0] Archive type: NSIS --> AV00028107.AV$ [1] Archive type: NSIS --> Object [DETECTION] Contains patterns of software PUA/SearchProtect.191901 [WARNING] Infected files in archives cannot be repaired C:\Users\UNI\Desktop\Virual DJ\Schritt 1\AtomixVirtualDJProInfinity.zip [0] Archive type: ZIP --> Crack/VDJ8ProInf_KeyGen.exe [1] Archive type: NSIS --> ProgramFilesDir/BASSMOD.dll [2] Archive type: Runtime Packed --> Object [DETECTION] Is the TR/Agent.975271 Trojan [WARNING] Infected files in archives cannot be repaired C:\Users\UNI\Desktop\Virual DJ\Schritt 1\AtomixVirtualDJProInfinity\Crack\VDJ8ProInf_KeyGen.exe [DETECTION] Is the TR/Agent.975271 Trojan C:\Users\UNI\Downloads\flstudio_11.1.1.exe [0] Archive type: NSIS --> [PluginsDir]/OCSetupHlp.dll [DETECTION] Contains patterns of software PUA/OpenCandy.Gen [WARNING] Infected files in archives cannot be repaired Begin scan in 'D:\' <LENOVO> Beginning disinfection: [WARN] GetSHA256: SHA - Cannot open the file: \\?\C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\uninstall.exe [WARN] GetSHA256: SHA - Cannot open the file: \\?\C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC32.dll C:\Users\UNI\Downloads\flstudio_11.1.1.exe [DETECTION] Contains patterns of software PUA/OpenCandy.Gen [NOTE] The file was moved to the quarantine directory under the name '7dc39f21.qua'! C:\Users\UNI\Desktop\Virual DJ\Schritt 1\AtomixVirtualDJProInfinity\Crack\VDJ8ProInf_KeyGen.exe [DETECTION] Is the TR/Agent.975271 Trojan [NOTE] The file was moved to the quarantine directory under the name '38beb272.qua'! C:\Users\UNI\Desktop\Virual DJ\Schritt 1\AtomixVirtualDJProInfinity.zip [DETECTION] Is the TR/Agent.975271 Trojan [NOTE] The file was moved to the quarantine directory under the name '47588062.qua'! C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\uninstall.exe [DETECTION] Contains patterns of software PUA/SearchProtect.191901 [WARNING] The file could not be copied to quarantine! [WARNING] Error in ARK library [NOTE] The file is scheduled for deleting after reboot. [NOTE] It is recommended to restart your computer in order to finish the repair. C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC32.dll [DETECTION] Contains patterns of software PUA/SearchProtect.Gen [WARNING] The file could not be copied to quarantine! [WARNING] Error in ARK library [NOTE] The file is scheduled for deleting after reboot. [NOTE] It is recommended to restart your computer in order to finish the repair. End of the scan: Donnerstag, 28. April 2016 14:52 Used time: 2:30:36 Hour(s) The scan has been done completely. 85860 Scanned directories 1788641 Files were scanned 5 Viruses and/or unwanted programs were found 0 Files were classified as suspicious 0 Files were deleted 0 Viruses and unwanted programs were repaired 3 Files were moved to quarantine 0 Files were renamed 0 Files cannot be scanned 1788636 Files not concerned 12686 Archives were scanned 5 Warnings 5 Notes The repair notes were written to the file 'C:\avrescue\rescue.avp'. |
29.04.2016, 13:24 | #4 |
| PC gehackt und Screenshots via Facebook verschickt Habe alle Schritte deiner Anleitung befolgt und hier ist zuerst die FRST.text Datei: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-04-2016 durchgeführt von UNI (Administrator) auf LENOVO-PC (29-04-2016 13:27:40) Gestartet von C:\Users\UNI\Desktop Geladene Profile: UpdatusUser & UNI (Verfügbare Profile: UpdatusUser & UNI & Administrator) Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Edge) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Guillemot Corporation ®) C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe (LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe (Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Realtek semiconductor) C:\Windows\RTFTrack.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe (Lenovo) C:\Program Files\lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (DJHERCULESMIX®) C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe (DJHERCULESMIX®) C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\HDJSeriesCPL.exe (DJHERCULESMIX®) C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\cpl2\HDJSeries2CPL.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.) HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5060864 2015-06-16] (Realtek semiconductor) HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [402344 2015-12-19] () HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe" HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe" HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-04] (Conexant Systems, Inc.) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] () HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo) HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-09-18] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-09-18] (Lenovo(beijing) Limited) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.) HKLM\...\Run: [Hercules DJ Series TrayAgent] => C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe [1817248 2015-06-17] (DJHERCULESMIX®) HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-11] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-03-30] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [134480 2016-02-13] (Check Point Software Technologies Ltd.) HKU\S-1-5-21-3051385857-1379960724-2999109445-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation) HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation) HKU\S-1-5-18\...\Run: [ZoneAlarm Windows 10 Upgrader] => "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.) ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.) ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.) ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.) ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.) ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.) ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG CHR HKU\S-1-5-21-3051385857-1379960724-2999109445-1001\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG CHR HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{1b699058-3915-4380-a5bc-f14d4d7fb6f8}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{55033769-0caa-4633-90fa-9ee58816cc7f}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-01] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-01] (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\UNI\AppData\Roaming\Mozilla\Firefox\Profiles\louw1oEV.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-14] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-14] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-01] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-01] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.) FF Extension: Avira Browser Safety - C:\Users\UNI\AppData\Roaming\Mozilla\Firefox\Profiles\louw1oEV.default\Extensions\abs@avira.com [2016-04-14] FF Extension: Ghostery - C:\Users\UNI\AppData\Roaming\Mozilla\Firefox\Profiles\louw1oEV.default\Extensions\firefox@ghostery.com.xpi [2016-03-30] FF Extension: Adblock Plus - C:\Users\UNI\AppData\Roaming\Mozilla\Firefox\Profiles\louw1oEV.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-27] Chrome: ======= CHR HomePage: Default -> hxxps://startpage.com/ CHR StartupUrls: Default -> "hxxp://www.google.de/" CHR Profile: C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-07] CHR Extension: (Google Docs) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07] CHR Extension: (Google Drive) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Agar.io Mods) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmofencpfjfladdmoiflekmblmhflbkp [2015-06-24] CHR Extension: (Google-Suche) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Google Tabellen) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-07] CHR Extension: (Avira Browserschutz) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-04-12] CHR Extension: (Google Docs Offline) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (AdBlock) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-18] CHR Extension: (Java for Web Pages) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpomcmpdonjdffeabllcklpbnfdknnko [2015-02-28] CHR Extension: (Ghostery) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-02-20] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03] CHR Extension: (Google Mail) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-11] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-11] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-11] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1424880 2016-03-11] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [272304 2016-03-30] (Avira Operations GmbH & Co. KG) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.) R2 HerculesDJControlMP3; C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [91136 2015-04-17] (Guillemot Corporation ®) [Datei ist nicht signiert] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo) R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.) R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-18] (Lenovo(beijing) Limited) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] () S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [835664 2016-03-31] (Valve Corporation) [Datei ist nicht signiert] R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3742464 2016-02-13] (Check Point Software Technologies Ltd.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2015-11-22] (Check Point Software Technologies, Ltd.) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-11] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [137952 2016-03-11] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-02] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [68936 2016-03-11] (Avira Operations GmbH & Co. KG) R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-12-01] (Kaspersky Lab ZAO) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-12-01] (Kaspersky Lab) R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [172920 2015-12-01] (AO Kaspersky Lab) R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227512 2015-12-01] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [919416 2015-12-01] (AO Kaspersky Lab) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek ) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [593624 2015-03-11] (Realtek Semiconductor Corporation) R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3068160 2015-06-16] (Realtek Semiconductor Corp.) R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [3445248 2015-10-30] (Realtek Semiconductor Corporation ) R1 Vsdatant; C:\Windows\System32\drivers\vsdatant.sys [461792 2016-02-13] (Check Point Software Technologies Ltd.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-04-29 13:27 - 2016-04-29 13:28 - 00023794 _____ C:\Users\UNI\Desktop\FRST.txt 2016-04-29 13:27 - 2016-04-29 13:27 - 00000000 ____D C:\FRST 2016-04-29 13:26 - 2016-04-29 13:06 - 02376704 _____ (Farbar) C:\Users\UNI\Desktop\FRST64.exe 2016-04-28 20:47 - 2016-04-29 13:23 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-04-28 20:45 - 2016-04-28 20:45 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla 2016-04-28 20:45 - 2016-04-28 20:45 - 00000000 ____D C:\Users\Administrator\AppData\Local\Mozilla 2016-04-28 17:15 - 2016-04-28 17:15 - 00000000 ____D C:\Program Files\Common Files\AV 2016-04-28 17:01 - 2016-04-28 17:01 - 00431382 _____ C:\WINDOWS\system32\Drivers\vsconfig.xml 2016-04-28 17:01 - 2015-12-01 06:46 - 00478392 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kl1.sys 2016-04-28 17:01 - 2015-12-01 06:46 - 00227512 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys 2016-04-28 17:00 - 2016-04-28 17:00 - 00000778 _____ C:\Users\Public\Desktop\ZoneAlarm Security.lnk 2016-04-28 17:00 - 2016-04-28 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point 2016-04-28 16:54 - 2016-04-28 17:00 - 00000000 ____D C:\Program Files (x86)\CheckPoint 2016-04-28 16:54 - 2016-04-28 16:54 - 00000000 ____D C:\ProgramData\CheckPoint 2016-04-28 16:51 - 2016-04-28 16:54 - 03412200 _____ (Check Point Software Technologies Ltd.) C:\Users\Administrator\Downloads\zaSetupWeb_141_048_000.exe 2016-04-28 16:29 - 2016-04-28 16:35 - 222776824 _____ (COMODO) C:\Users\Administrator\Downloads\cfw5005_installer_6106_53.exe 2016-04-28 16:17 - 2016-04-28 16:17 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Avira 2016-04-28 16:16 - 2016-04-28 18:34 - 00000000 ____D C:\ProgramData\SecTaskMan 2016-04-28 16:15 - 2016-04-28 16:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics 2016-04-28 16:13 - 2016-04-28 16:13 - 00002429 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-04-28 16:13 - 2016-04-28 16:13 - 00000000 ___RD C:\Users\Administrator\OneDrive 2016-04-28 16:13 - 2016-04-28 16:13 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation 2016-04-28 16:13 - 2016-04-28 16:13 - 00000000 ____D C:\Users\Administrator\AppData\Local\ActiveSync 2016-04-28 16:11 - 2016-04-28 16:11 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Hightail for Lenovo 2016-04-28 16:11 - 2016-04-28 16:11 - 00000000 ____D C:\Users\Administrator\AppData\Local\Publishers 2016-04-28 16:10 - 2016-04-28 16:36 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages 2016-04-28 16:10 - 2016-04-28 16:10 - 00000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles 2016-04-28 16:10 - 2016-04-28 16:10 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe 2016-04-28 16:09 - 2016-04-28 19:14 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google 2016-04-28 16:09 - 2016-04-28 16:13 - 00000000 ____D C:\Users\Administrator 2016-04-28 16:09 - 2016-04-28 16:09 - 00000020 ___SH C:\Users\Administrator\ntuser.ini 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Vorlagen 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Startmenü 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 ____D C:\Users\Administrator\AppData\Local\TileDataLayer 2016-04-28 16:09 - 2016-04-11 15:57 - 00000000 ____D C:\Users\Administrator\Documents\Visual Studio 2010 2016-04-28 16:09 - 2014-09-18 00:34 - 00000187 _____ C:\Users\Administrator\Desktop\Google Play Music.url 2016-04-28 16:09 - 2014-09-18 00:32 - 00000126 _____ C:\Users\Administrator\Desktop\Adobe Photo Offer.url 2016-04-28 16:09 - 2014-03-26 12:21 - 00000190 _____ C:\Users\Administrator\Desktop\FREE CALLS with Voxox.url 2016-04-28 15:56 - 2016-04-28 15:56 - 03394856 _____ (Check Point Software Technologies Ltd.) C:\Users\UNI\Desktop\zasetupweb_132_015_000.exe 2016-04-28 15:27 - 2016-04-28 15:33 - 222776824 _____ (COMODO) C:\Users\UNI\Desktop\cfw_installer_6106_53.exe 2016-04-28 12:57 - 2016-04-28 22:10 - 00000000 ____D C:\AdwCleaner 2016-04-28 12:56 - 2016-04-28 12:57 - 03581504 _____ C:\Users\UNI\Desktop\AdwCleaner.exe 2016-04-28 12:21 - 2016-04-28 12:21 - 00001242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk 2016-04-28 12:21 - 2016-04-28 12:21 - 00001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk 2016-04-28 12:21 - 2016-04-28 12:21 - 00001219 _____ C:\Users\Public\Desktop\Security Task Manager.lnk 2016-04-28 12:21 - 2016-04-28 12:21 - 00000000 ____D C:\Program Files (x86)\Security Task Manager 2016-04-27 18:57 - 2016-04-28 14:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-04-25 00:02 - 2016-04-25 00:02 - 00000979 _____ C:\Users\Public\Desktop\DS3 Tool.lnk 2016-04-25 00:02 - 2016-04-25 00:02 - 00000000 ____D C:\Users\UNI\Desktop\MotioninJoy_071001_signed 2016-04-24 23:59 - 2016-04-25 00:01 - 04117346 _____ C:\Users\UNI\Desktop\MotioninJoy_071001_signed.zip 2016-04-24 18:34 - 2016-04-24 18:39 - 00000000 ____D C:\Users\UNI\Desktop\LRG CD 2016-04-24 14:51 - 2016-04-24 14:51 - 00000000 ____D C:\Users\UNI\Desktop\LRG-Playlist 2016-04-14 00:08 - 2016-03-29 12:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-04-14 00:08 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2016-04-14 00:08 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2016-04-14 00:08 - 2016-03-29 09:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-04-14 00:08 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2016-04-14 00:08 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2016-04-14 00:08 - 2016-03-29 08:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-04-14 00:08 - 2016-03-29 08:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-04-14 00:08 - 2016-03-29 08:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-04-14 00:08 - 2016-03-29 08:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-04-14 00:08 - 2016-03-29 08:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-04-14 00:08 - 2016-03-29 08:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-04-14 00:08 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-04-14 00:08 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-04-14 00:08 - 2016-03-29 07:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-04-14 00:08 - 2016-03-29 07:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-04-14 00:08 - 2016-03-29 07:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-04-14 00:08 - 2016-03-29 07:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-04-14 00:08 - 2016-03-29 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-04-14 00:08 - 2016-03-29 07:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-04-14 00:08 - 2016-03-29 07:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-04-14 00:07 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2016-04-14 00:07 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll 2016-04-14 00:07 - 2016-04-02 06:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2016-04-14 00:07 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2016-04-14 00:07 - 2016-04-02 05:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll 2016-04-14 00:07 - 2016-04-02 05:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll 2016-04-14 00:07 - 2016-04-02 05:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll 2016-04-14 00:07 - 2016-04-02 05:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll 2016-04-14 00:07 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll 2016-04-14 00:07 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll 2016-04-14 00:07 - 2016-04-02 05:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2016-04-14 00:07 - 2016-04-02 05:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-04-14 00:07 - 2016-04-02 05:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2016-04-14 00:07 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-04-14 00:07 - 2016-04-02 05:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2016-04-14 00:07 - 2016-04-02 05:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2016-04-14 00:07 - 2016-04-02 05:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-04-14 00:07 - 2016-04-02 05:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-04-14 00:07 - 2016-04-02 05:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2016-04-14 00:07 - 2016-04-02 05:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2016-04-14 00:07 - 2016-04-02 05:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-04-14 00:07 - 2016-04-02 05:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2016-04-14 00:07 - 2016-04-02 05:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-04-14 00:07 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2016-04-14 00:07 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-04-14 00:07 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-04-14 00:07 - 2016-03-29 12:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-14 00:07 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-04-14 00:07 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-04-14 00:07 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2016-04-14 00:07 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll 2016-04-14 00:07 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2016-04-14 00:07 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2016-04-14 00:07 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2016-04-14 00:07 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2016-04-14 00:07 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2016-04-14 00:07 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2016-04-14 00:07 - 2016-03-29 11:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-04-14 00:07 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2016-04-14 00:07 - 2016-03-29 11:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2016-04-14 00:07 - 2016-03-29 11:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys 2016-04-14 00:07 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll 2016-04-14 00:07 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2016-04-14 00:07 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2016-04-14 00:07 - 2016-03-29 11:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2016-04-14 00:07 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2016-04-14 00:07 - 2016-03-29 11:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-04-14 00:07 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe 2016-04-14 00:07 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll 2016-04-14 00:07 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll 2016-04-14 00:07 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-04-14 00:07 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe 2016-04-14 00:07 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll 2016-04-14 00:07 - 2016-03-29 10:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-04-14 00:07 - 2016-03-29 10:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-04-14 00:07 - 2016-03-29 10:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2016-04-14 00:07 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll 2016-04-14 00:07 - 2016-03-29 10:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-04-14 00:07 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2016-04-14 00:07 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2016-04-14 00:07 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll 2016-04-14 00:07 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll 2016-04-14 00:07 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-04-14 00:07 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll 2016-04-14 00:07 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2016-04-14 00:07 - 2016-03-29 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll 2016-04-14 00:07 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll 2016-04-14 00:07 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll 2016-04-14 00:07 - 2016-03-29 10:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2016-04-14 00:07 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll 2016-04-14 00:07 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll 2016-04-14 00:07 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-04-14 00:07 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe 2016-04-14 00:07 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll 2016-04-14 00:07 - 2016-03-29 10:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll 2016-04-14 00:07 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe 2016-04-14 00:07 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll 2016-04-14 00:07 - 2016-03-29 09:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll 2016-04-14 00:07 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll 2016-04-14 00:07 - 2016-03-29 09:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-04-14 00:07 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys 2016-04-14 00:07 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll 2016-04-14 00:07 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-04-14 00:07 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll 2016-04-14 00:07 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe 2016-04-14 00:07 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2016-04-14 00:07 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll 2016-04-14 00:07 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll 2016-04-14 00:07 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2016-04-14 00:07 - 2016-03-29 09:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll 2016-04-14 00:07 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll 2016-04-14 00:07 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll 2016-04-14 00:07 - 2016-03-29 09:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2016-04-14 00:07 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll 2016-04-14 00:07 - 2016-03-29 09:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-04-14 00:07 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll 2016-04-14 00:07 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll 2016-04-14 00:07 - 2016-03-29 09:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2016-04-14 00:07 - 2016-03-29 09:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2016-04-14 00:07 - 2016-03-29 09:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-04-14 00:07 - 2016-03-29 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-04-14 00:07 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2016-04-14 00:07 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2016-04-14 00:07 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll 2016-04-14 00:07 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll 2016-04-14 00:07 - 2016-03-29 09:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2016-04-14 00:07 - 2016-03-29 09:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-04-14 00:07 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys 2016-04-14 00:07 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2016-04-14 00:07 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll 2016-04-14 00:07 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2016-04-14 00:07 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-04-14 00:07 - 2016-03-29 09:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2016-04-14 00:07 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2016-04-14 00:07 - 2016-03-29 09:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll 2016-04-14 00:07 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2016-04-14 00:07 - 2016-03-29 09:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2016-04-14 00:07 - 2016-03-29 09:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2016-04-14 00:07 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll 2016-04-14 00:07 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-04-14 00:07 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll 2016-04-14 00:07 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll 2016-04-14 00:07 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll 2016-04-14 00:07 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2016-04-14 00:07 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll 2016-04-14 00:07 - 2016-03-29 09:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2016-04-14 00:07 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2016-04-14 00:07 - 2016-03-29 09:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2016-04-14 00:07 - 2016-03-29 09:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-04-14 00:07 - 2016-03-29 09:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2016-04-14 00:07 - 2016-03-29 09:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2016-04-14 00:07 - 2016-03-29 09:14 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2016-04-14 00:07 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2016-04-14 00:07 - 2016-03-29 09:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-04-14 00:07 - 2016-03-29 09:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2016-04-14 00:07 - 2016-03-29 09:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2016-04-14 00:07 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2016-04-14 00:07 - 2016-03-29 09:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll 2016-04-14 00:07 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll 2016-04-14 00:07 - 2016-03-29 09:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-04-14 00:07 - 2016-03-29 09:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2016-04-14 00:07 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2016-04-14 00:07 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll 2016-04-14 00:07 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2016-04-14 00:07 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2016-04-14 00:07 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2016-04-14 00:07 - 2016-03-29 09:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2016-04-14 00:07 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2016-04-14 00:07 - 2016-03-29 09:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2016-04-14 00:07 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe 2016-04-14 00:07 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2016-04-14 00:07 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll 2016-04-14 00:07 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys 2016-04-14 00:07 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2016-04-14 00:07 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll 2016-04-14 00:07 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-04-14 00:07 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2016-04-14 00:07 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll 2016-04-14 00:07 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2016-04-14 00:07 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe 2016-04-14 00:07 - 2016-03-29 08:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2016-04-14 00:07 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-04-14 00:07 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll 2016-04-14 00:07 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll 2016-04-14 00:07 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll 2016-04-14 00:07 - 2016-03-29 08:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2016-04-14 00:07 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll 2016-04-14 00:07 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll 2016-04-14 00:07 - 2016-03-29 08:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2016-04-14 00:07 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-04-14 00:07 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll 2016-04-14 00:07 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2016-04-14 00:07 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2016-04-14 00:07 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll 2016-04-14 00:07 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2016-04-14 00:07 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll 2016-04-14 00:07 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2016-04-14 00:07 - 2016-03-29 08:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-04-14 00:07 - 2016-03-29 08:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-04-14 00:07 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll 2016-04-14 00:07 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2016-04-14 00:07 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2016-04-14 00:07 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-04-14 00:07 - 2016-03-29 08:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2016-04-14 00:07 - 2016-03-29 08:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-04-14 00:07 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2016-04-14 00:07 - 2016-03-29 08:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2016-04-14 00:07 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2016-04-14 00:07 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2016-04-14 00:07 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2016-04-14 00:07 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2016-04-14 00:07 - 2016-03-29 08:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2016-04-14 00:07 - 2016-03-29 08:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2016-04-14 00:07 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll 2016-04-14 00:07 - 2016-03-29 08:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-04-14 00:07 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2016-04-14 00:07 - 2016-03-29 08:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2016-04-14 00:07 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2016-04-14 00:07 - 2016-03-29 08:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll 2016-04-14 00:07 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll 2016-04-14 00:07 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-04-14 00:07 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll 2016-04-14 00:07 - 2016-03-29 08:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-04-14 00:07 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-04-14 00:07 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-04-14 00:07 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll 2016-04-14 00:07 - 2016-03-29 08:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2016-04-14 00:07 - 2016-03-29 08:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-04-14 00:07 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2016-04-14 00:07 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2016-04-14 00:07 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2016-04-14 00:07 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2016-04-14 00:07 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2016-04-14 00:07 - 2016-03-29 08:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-04-14 00:07 - 2016-03-29 08:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-04-14 00:07 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll 2016-04-14 00:07 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2016-04-14 00:07 - 2016-03-29 08:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2016-04-14 00:07 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2016-04-14 00:07 - 2016-03-29 08:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-04-14 00:07 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2016-04-14 00:07 - 2016-03-29 08:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-04-14 00:07 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-04-14 00:07 - 2016-03-29 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-04-14 00:07 - 2016-03-29 07:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-04-14 00:07 - 2016-03-29 07:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-04-14 00:07 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2016-04-14 00:07 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll 2016-04-14 00:07 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-04-14 00:07 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2016-04-14 00:07 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-04-14 00:07 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2016-04-14 00:07 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll 2016-04-14 00:07 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll 2016-04-14 00:07 - 2016-03-29 07:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-04-14 00:07 - 2016-03-29 07:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-04-14 00:07 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2016-04-14 00:07 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll 2016-04-14 00:07 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2016-04-14 00:07 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll 2016-04-14 00:07 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2016-04-14 00:07 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll 2016-04-14 00:06 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys 2016-04-14 00:06 - 2016-03-29 10:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-04-14 00:06 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll 2016-04-14 00:06 - 2016-03-29 10:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2016-04-14 00:06 - 2016-03-29 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-04-14 00:06 - 2016-03-29 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2016-04-14 00:06 - 2016-03-29 09:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-04-14 00:06 - 2016-03-29 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-04-14 00:06 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll 2016-04-14 00:06 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-04-14 00:06 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll 2016-04-14 00:06 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2016-04-14 00:06 - 2016-03-29 09:14 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS 2016-04-14 00:06 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-04-14 00:06 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll 2016-04-14 00:06 - 2016-03-29 09:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-04-14 00:06 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-04-14 00:06 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll 2016-04-14 00:06 - 2016-03-29 09:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll 2016-04-14 00:06 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2016-04-14 00:06 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2016-04-14 00:06 - 2016-03-29 08:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2016-04-14 00:06 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll 2016-04-14 00:06 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2016-04-12 16:57 - 2016-04-12 17:19 - 00000000 ____D C:\Users\UNI\Desktop\HandyMusik 2016-04-11 15:57 - 2016-04-11 15:57 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010 2016-04-11 15:57 - 2016-04-11 15:57 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010 2016-04-11 15:56 - 2016-04-11 15:56 - 00000000 ____D C:\ProgramData\VS 2016-04-11 14:13 - 2016-04-11 14:13 - 00000000 ____D C:\Users\UNI\AppData\Local\MicrosoftEdge 2016-04-11 13:57 - 2016-04-11 13:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2016-04-11 13:34 - 2016-04-25 02:33 - 00002441 _____ C:\Users\UNI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-04-11 13:33 - 2016-04-11 13:33 - 00000000 ____D C:\Users\UNI\AppData\Local\NetworkTiles 2016-04-11 13:32 - 2016-04-11 13:32 - 00000000 ____D C:\Users\UNI\AppData\Local\ActiveSync 2016-04-11 13:31 - 2016-04-29 13:23 - 00000000 __SHD C:\Users\UNI\IntelGraphicsProfiles 2016-04-11 13:31 - 2016-04-11 13:31 - 00000000 ____D C:\Users\UNI\AppData\Local\TileDataLayer 2016-04-11 13:31 - 2016-04-11 13:31 - 00000000 ____D C:\Users\UNI\AppData\Local\Publishers 2016-04-11 13:31 - 2016-04-11 13:31 - 00000000 ____D C:\Users\UNI\AppData\Local\Comms 2016-04-11 13:30 - 2016-04-11 13:30 - 00000020 ___SH C:\Users\UNI\ntuser.ini 2016-04-11 13:02 - 2016-04-11 12:49 - 00000000 ___DC C:\WINDOWS\Panther 2016-04-11 12:59 - 2016-04-11 12:59 - 00000000 ____D C:\Windows.old 2016-04-11 12:57 - 2016-04-11 12:57 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2016-04-11 12:57 - 2016-04-11 12:57 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2016-04-11 12:57 - 2016-04-11 12:57 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2016-04-11 12:57 - 2016-04-11 12:57 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2016-04-11 12:57 - 2016-04-11 12:57 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll 2016-04-11 12:43 - 2016-04-11 12:43 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Vorlagen 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Startmenü 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 ____D C:\Program Files\Reference Assemblies 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 ____D C:\Program Files\MSBuild 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2016-04-11 12:41 - 2016-04-11 12:13 - 00000000 ____D C:\Program Files (x86)\MSBuild 2016-04-11 12:40 - 2015-10-23 18:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2016-04-11 12:40 - 2015-10-23 18:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2016-04-11 12:40 - 2015-10-23 18:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2016-04-11 12:40 - 2015-10-23 18:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2016-04-11 12:40 - 2015-10-23 18:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2016-04-11 12:40 - 2015-10-23 18:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2016-04-11 12:39 - 2016-04-11 12:39 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2016-04-11 12:39 - 2016-04-11 12:39 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2016-04-11 12:38 - 2016-04-11 12:38 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat 2016-04-11 12:31 - 2016-04-29 13:25 - 01802588 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-04-11 12:28 - 2016-04-11 12:28 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini 2016-04-11 12:21 - 2016-04-11 12:21 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-04-11 12:12 - 2016-04-11 12:21 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2016-04-11 12:11 - 2016-04-29 12:53 - 00000000 ____D C:\Users\UNI 2016-04-11 12:11 - 2016-04-29 12:52 - 00000000 ____D C:\Users\UpdatusUser 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Videos 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Vorlagen 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Startmenü 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Netzwerkumgebung 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Lokale Einstellungen 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Eigene Dateien 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Druckumgebung 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Documents\Eigene Videos 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Documents\Eigene Musik 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Documents\Eigene Bilder 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\AppData\Local\Verlauf 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\AppData\Local\Anwendungsdaten 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Anwendungsdaten 2016-04-11 12:08 - 2016-04-11 12:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-04-11 12:08 - 2016-04-11 12:14 - 00000000 ____D C:\ProgramData\NVIDIA 2016-04-11 12:08 - 2016-04-11 12:13 - 00000000 ____D C:\ProgramData\Conexant 2016-04-11 12:08 - 2016-04-11 12:13 - 00000000 ____D C:\Program Files\CONEXANT 2016-04-11 12:08 - 2016-04-11 12:08 - 00000000 ____H C:\ProgramData\DP45977C.lfl 2016-04-11 12:08 - 2016-04-11 12:08 - 00000000 ____D C:\WINDOWS\SysWOW64\sda 2016-04-11 12:08 - 2016-04-11 12:08 - 00000000 ____D C:\Program Files\Elantech 2016-04-11 12:08 - 2015-07-23 03:10 - 06873928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2016-04-11 12:08 - 2015-07-23 03:10 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2016-04-11 12:08 - 2015-07-23 03:10 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2016-04-11 12:08 - 2015-07-23 03:10 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2016-04-11 12:08 - 2015-07-23 03:10 - 00937800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2016-04-11 12:08 - 2015-07-23 03:10 - 00579912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll 2016-04-11 12:08 - 2015-07-23 03:10 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2016-04-11 12:08 - 2015-07-23 03:10 - 00074896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2016-04-11 12:08 - 2015-07-23 03:10 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2016-04-11 12:08 - 2015-07-22 06:29 - 05121613 _____ C:\WINDOWS\system32\nvcoproc.bin 2016-04-11 12:07 - 2016-04-11 12:13 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-04-11 12:07 - 2016-04-11 12:07 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2016-04-11 12:07 - 2016-04-11 12:07 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2016-04-11 12:07 - 2015-12-19 02:08 - 00103944 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2016-04-11 12:07 - 2015-12-19 02:08 - 00099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2016-04-11 12:06 - 2016-04-11 12:13 - 00000000 ____D C:\Program Files\Intel 2016-04-11 11:23 - 2016-04-11 12:39 - 00013338 _____ C:\WINDOWS\diagwrn.xml 2016-04-11 11:23 - 2016-04-11 12:39 - 00013338 _____ C:\WINDOWS\diagerr.xml 2016-04-01 17:42 - 2016-04-01 17:42 - 00734784 _____ (Oracle Corporation) C:\Users\UNI\Downloads\jxpiinstall(4).exe 2016-03-30 18:56 - 2016-03-30 18:56 - 00088372 _____ C:\Users\UNI\Desktop\Studienbescheinigung_334281_30.03.2016.pdf ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-04-29 13:25 - 2016-02-13 18:59 - 00777804 _____ C:\WINDOWS\system32\perfh007.dat 2016-04-29 13:25 - 2016-02-13 18:59 - 00156080 _____ C:\WINDOWS\system32\perfc007.dat 2016-04-29 13:25 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF 2016-04-29 13:22 - 2016-02-13 19:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-04-28 17:01 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-04-28 16:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-04-28 16:10 - 2016-02-13 19:30 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-04-28 16:08 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-04-28 14:52 - 2015-03-10 01:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-04-28 14:14 - 2015-02-07 22:59 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04319189e9b.job 2016-04-28 12:31 - 2015-02-07 22:47 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CA4DEE2A-E881-46E0-B4B0-079D45A23913} 2016-04-28 12:09 - 2015-02-07 22:59 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-04-27 23:21 - 2015-02-08 22:27 - 00000000 ____D C:\Users\UNI\AppData\Local\Spotify 2016-04-27 23:18 - 2015-02-08 22:21 - 00000000 ____D C:\Users\UNI\AppData\Roaming\Spotify 2016-04-27 01:08 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-04-25 02:33 - 2015-02-07 20:41 - 00000000 __RDO C:\Users\UNI\OneDrive 2016-04-25 01:48 - 2015-02-07 23:53 - 00000000 ____D C:\Program Files (x86)\Steam 2016-04-25 00:02 - 2015-11-30 01:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy 2016-04-25 00:02 - 2015-11-30 01:54 - 00000000 ____D C:\Program Files\MotioninJoy 2016-04-22 01:20 - 2015-02-17 18:24 - 00000000 ____D C:\Users\UNI\AppData\Roaming\vlc 2016-04-21 01:27 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache 2016-04-18 15:37 - 2015-08-31 17:17 - 00001218 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2016-04-18 15:37 - 2015-02-07 22:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-04-18 15:37 - 2014-09-17 23:56 - 00000000 ____D C:\ProgramData\Package Cache 2016-04-18 13:33 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-04-18 13:25 - 2016-02-13 10:21 - 00245472 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-04-18 03:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-04-18 03:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-04-18 03:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2016-04-18 03:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-04-14 12:44 - 2015-02-09 23:56 - 00000000 ____D C:\Users\UNI\AppData\Local\Adobe 2016-04-14 00:17 - 2015-02-09 02:08 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-04-14 00:11 - 2015-02-09 02:08 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-04-13 14:41 - 2015-02-07 20:39 - 00000000 ____D C:\Users\UNI\AppData\Local\Packages 2016-04-12 13:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\appcompat 2016-04-11 22:04 - 2015-02-07 23:00 - 00002275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-04-11 22:04 - 2015-02-07 23:00 - 00002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-04-11 16:07 - 2015-04-20 12:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express 2016-04-11 15:59 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-04-11 13:31 - 2014-09-17 23:44 - 00000000 ___HD C:\Intel 2016-04-11 13:02 - 2015-10-30 09:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2016-04-11 12:58 - 2016-02-13 19:12 - 00000000 ____D C:\Program Files\Windows Journal 2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media 2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices 2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform 2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices 2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2016-04-11 12:58 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2016-04-11 12:58 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism 2016-04-11 12:54 - 2016-02-13 19:03 - 00000000 ____D C:\WINDOWS\OCR 2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm 2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN 2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr 2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\system32\winrm 2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\system32\WCN 2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\system32\slmgr 2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\F12 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\dsc 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\MiracastView 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\migwiz 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2016-04-11 12:50 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\servicing 2016-04-11 12:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2016-04-11 12:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\MUI 2016-04-11 12:41 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows NT 2016-04-11 12:41 - 2015-10-30 09:17 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll 2016-04-11 12:41 - 2015-10-30 09:17 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll 2016-04-11 12:41 - 2015-10-30 09:17 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll 2016-04-11 12:41 - 2015-10-30 09:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe 2016-04-11 12:40 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2016-04-11 12:40 - 2015-10-30 09:17 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe 2016-04-11 12:40 - 2015-10-30 09:17 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe 2016-04-11 12:40 - 2015-10-30 09:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll 2016-04-11 12:39 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Registration 2016-04-11 12:37 - 2015-03-08 15:05 - 00002764 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2016-04-11 12:37 - 2015-02-07 22:59 - 00003506 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d04319189e9b 2016-04-11 12:37 - 2015-02-07 22:59 - 00003498 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-04-11 12:37 - 2015-02-07 22:59 - 00003278 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-04-11 12:37 - 2015-02-07 20:44 - 00002812 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3051385857-1379960724-2999109445-1002 2016-04-11 12:37 - 2014-09-18 00:41 - 00002060 _____ C:\WINDOWS\System32\Tasks\PDVDServ Task 2016-04-11 12:37 - 2014-09-17 23:12 - 00002320 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3051385857-1379960724-2999109445-500 2016-04-11 12:32 - 2015-10-30 09:24 - 00000000 __RHD C:\Users\Public\Libraries 2016-04-11 12:31 - 2014-09-17 23:53 - 01799166 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2016-04-11 12:21 - 2016-03-12 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixMeister 2016-04-11 12:21 - 2015-09-25 16:48 - 00000000 ____D C:\WINDOWS\de 2016-04-11 12:21 - 2015-09-15 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-04-11 12:21 - 2015-09-04 22:09 - 00000000 ____D C:\Users\UNI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ 2016-04-11 12:21 - 2015-09-04 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DJUCED 18 2016-04-11 12:21 - 2015-08-05 12:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2016-04-11 12:21 - 2015-06-19 16:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2016-04-11 12:21 - 2015-04-23 15:49 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1 2016-04-11 12:21 - 2015-04-16 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dymola 2013 2016-04-11 12:21 - 2015-03-24 16:23 - 00000000 ____D C:\Users\UNI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center 2016-04-11 12:21 - 2015-03-24 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2016-04-11 12:21 - 2015-03-24 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-04-11 12:21 - 2015-02-28 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-04-11 12:21 - 2015-02-25 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher 2016-04-11 12:21 - 2015-02-17 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2016-04-11 12:21 - 2015-02-08 00:14 - 00000000 ____D C:\Program Files\Classic Shell 2016-04-11 12:21 - 2015-02-07 23:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2016-04-11 12:21 - 2014-09-18 00:39 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10 2016-04-11 12:21 - 2014-09-18 00:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo 2016-04-11 12:21 - 2014-09-18 00:34 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaStory 2016-04-11 12:21 - 2014-09-18 00:02 - 00000000 ____D C:\Program Files\Dolby Digital Plus 2016-04-11 12:21 - 2014-09-17 23:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2016-04-11 12:21 - 2014-09-17 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-04-11 12:21 - 2013-08-22 15:36 - 00000000 ____D C:\Users\Default.migrated 2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE 2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB 2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV 2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT 2016-04-11 12:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared 2016-04-11 12:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared 2016-04-11 12:15 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod 2016-04-11 12:15 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\et-EE 2016-04-11 12:15 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\en-GB 2016-04-11 12:14 - 2016-01-16 22:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2016-04-11 12:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-04-11 12:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\InputMethod 2016-04-11 12:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\MediaViewer 2016-04-11 12:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\ADFS 2016-04-11 12:13 - 2015-09-04 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DJUCED 2016-04-11 12:13 - 2015-09-04 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hercules 2016-04-11 12:13 - 2015-06-14 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games 2016-04-11 12:13 - 2014-09-18 00:35 - 00000000 ____D C:\ProgramData\Lenovo 2016-04-11 12:13 - 2014-09-18 00:35 - 00000000 ____D C:\Program Files\lenovo 2016-04-11 12:13 - 2014-09-18 00:35 - 00000000 ____D C:\Program Files (x86)\Lenovo 2016-04-11 12:13 - 2014-09-18 00:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hightail 2016-04-11 12:13 - 2014-09-17 23:52 - 00000000 ____D C:\Program Files (x86)\Realtek 2016-04-11 12:10 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-04-11 12:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Help 2016-04-11 11:30 - 2014-09-18 00:41 - 00012800 _____ C:\WINDOWS\system32\VfService.trf 2016-04-11 11:23 - 2016-02-13 20:35 - 00000000 ___HD C:\$WINDOWS.~BT 2016-04-09 13:13 - 2015-02-08 00:16 - 00000000 ____D C:\Users\UNI\AppData\Roaming\ClassicShell 2016-04-08 19:47 - 2015-05-04 01:12 - 00000000 ____D C:\Users\UNI\AppData\Local\ElevatedDiagnostics 2016-04-07 16:15 - 2015-02-10 17:32 - 02406400 ___SH C:\Users\UNI\Desktop\Thumbs.db 2016-04-06 20:32 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-04-06 20:32 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-04-01 19:02 - 2015-02-08 00:52 - 00000000 ____D C:\Users\UNI\AppData\Roaming\Skype 2016-04-01 17:45 - 2015-02-28 20:00 - 00000000 ____D C:\ProgramData\Oracle 2016-04-01 17:44 - 2015-12-23 01:40 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-04-01 17:44 - 2015-11-02 01:22 - 00000000 ____D C:\Users\UNI\.oracle_jre_usage 2016-04-01 17:44 - 2015-02-28 20:01 - 00000000 ____D C:\Program Files (x86)\Java ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-02-07 20:39 - 2016-04-11 11:23 - 0884004 _____ () C:\Users\UNI\AppData\Local\BTServer.log 2015-02-10 02:35 - 2015-06-24 23:24 - 0007601 _____ () C:\Users\UNI\AppData\Local\Resmon.ResmonCfg 2015-06-02 13:25 - 2015-06-02 13:25 - 0000000 _____ () C:\Users\UNI\AppData\Local\{497248A6-D5F2-4EBD-9352-1C7DA4C66689} 2015-12-27 02:56 - 2015-12-27 02:56 - 0000085 ___SH () C:\ProgramData\.zreglib 2015-02-09 23:34 - 2015-02-09 23:34 - 0000057 _____ () C:\ProgramData\Ament.ini 2016-04-11 12:08 - 2016-04-11 12:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== C:\Users\Administrator\AppData\Local\Temp\avgnt.exe C:\Users\UNI\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-04-25 18:43 ==================== Ende von FRST.txt ============================ |
29.04.2016, 14:22 | #5 |
| PC gehackt und Screenshots via Facebook verschickt Hier ist die Addition.txt Datei: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-04-2016 durchgeführt von UNI (2016-04-29 13:29:16) Gestartet von C:\Users\UNI\Desktop Windows 10 Home Version 1511 (X64) (2016-04-11 10:49:31) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-3051385857-1379960724-2999109445-500 - Administrator - Enabled) => C:\Users\Administrator DefaultAccount (S-1-5-21-3051385857-1379960724-2999109445-503 - Limited - Disabled) Gast (S-1-5-21-3051385857-1379960724-2999109445-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3051385857-1379960724-2999109445-1004 - Limited - Enabled) UNI (S-1-5-21-3051385857-1379960724-2999109445-1002 - Administrator - Enabled) => C:\Users\UNI UpdatusUser (S-1-5-21-3051385857-1379960724-2999109445-1001 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: ZoneAlarm Antivirus (Disabled - Up to date) {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9} AS: ZoneAlarm Anti-Spyware (Disabled - Up to date) {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ZoneAlarm Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 15.06 beta (x64) (HKLM\...\7-Zip) (Version: 15.06 - Igor Pavlov) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated) Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{74d1ef14-dd39-4749-b051-e183a1e27f5e}) (Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG) Avira Launcher (x32 Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.) Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.62 - Conexant) CopyTrans Control Center Uninstall Only (HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\CopyTrans Suite) (Version: 3.01 - WindSolutions) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve) CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden DJ Control Instinct (HKLM-x32\...\{931FD350-D575-47FE-A741-9517C4DDDA10}) (Version: 1.00.0000 - Guillemot) DJHERCULESMIX Products Series drivers (HKLM-x32\...\{33999F1F-EA46-4E55-A239-1BA803235396}) (Version: 4.HDJS.2015 - Guillemot Corporation) DJUCED 18° (HKLM-x32\...\{34F730A3-77BA-4741-A02A-D40762FEF274}) (Version: 1.0.97 - Guillemot) Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc) Dymola 2013 (HKLM-x32\...\{40EF555D-5BC4-4EAB-922B-1DD994EC40E6}) (Version: 13.0.282 - Dassault Systems) ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.) Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo) Energy Manager (x32 Version: 1.0.0.35 - Lenovo) Hidden Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games) Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.) Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation) Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2635973) (Version: 1 - Microsoft Corporation) HP Deskjet 2540 series - Grundlegende Software für das Gerät (HKLM\...\{E1F12296-09D5-4B82-9D2C-E54CC9FF1D15}) (Version: 30.0.1093.41190 - Hewlett-Packard Co.) HP Deskjet 2540 series Hilfe (HKLM-x32\...\{B3E5B153-CC4B-40F2-9802-288B0AF2A966}) (Version: 30.0.0 - Hewlett Packard) HP Support Solutions Framework (HKLM-x32\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.0.30.81 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.) Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation) Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.) Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.) Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.) Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 46.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0 (x86 de)) (Version: 46.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.0.5955 - Mozilla) NVIDIA GeForce Experience 1.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7 - NVIDIA Corporation) NVIDIA Grafiktreiber 332.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.33 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation) Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo) OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation) paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC) Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.) QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.) REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.805.802.010814 - REALTEK Semiconductor Corp.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek) REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0238 - REALTEK Semiconductor Corp.) Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix) Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.) Security Task Manager 2.1f (HKLM-x32\...\Security Task Manager) (Version: 2.1f - Neuber Software) Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) VirtualDJ 8 (HKLM-x32\...\{13E44DA9-FE06-4298-9179-BEF27214B47B}) (Version: 8.0.2094.0 - Atomix Productions) Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo) Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo) ZoneAlarm Antivirus (x32 Version: 14.1.048.000 - Check Point Software Technologies Ltd.) Hidden ZoneAlarm Firewall (x32 Version: 14.1.048.000 - Check Point Software Technologies Ltd.) Hidden ZoneAlarm Free Antivirus + Firewall (HKLM-x32\...\ZoneAlarm Free Antivirus + Firewall) (Version: 14.1.048.000 - Check Point) ZoneAlarm Security (x32 Version: 14.1.048.000 - Check Point Software Technologies Ltd.) Hidden ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-3051385857-1379960724-2999109445-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\UNI\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {01044E07-E126-421A-9322-6025044076A3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG "{013F2D37-EFCB-4D95-8235-64CCE74DC87F}" task wurde entsperrt. <===== ACHTUNG "{01C7C80F-DA6A-4698-BA70-4DA27991C5A9}" task wurde entsperrt. <===== ACHTUNG "{08629A58-75ED-46AA-8646-8C7015698215}" task wurde entsperrt. <===== ACHTUNG "{0A493256-4ADB-4CF2-8AB5-8CCBEFDFC5FE}" task wurde entsperrt. <===== ACHTUNG "{0B545118-B563-42FC-8D07-B78F602FCF34}" task wurde entsperrt. <===== ACHTUNG "{0C20E8DB-DCF0-4C48-B9B9-482E02BD9F1F}" task wurde entsperrt. <===== ACHTUNG "{0CFE2E40-6A97-48C5-9F38-DE82315CF1B0}" task wurde entsperrt. <===== ACHTUNG Task: {0ED93F3F-85F5-491C-8A82-8C359FEA9BEE} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG "{11406457-2C26-401D-B271-B7393CAD7F85}" task wurde entsperrt. <===== ACHTUNG "{181EF958-CF2C-45C1-BFE2-0048458E3EFC}" task wurde entsperrt. <===== ACHTUNG "{1A289232-BCB9-4599-A894-898D820255F8}" task wurde entsperrt. <===== ACHTUNG "{1A4230A2-E136-4936-9B22-DDF624BB8332}" task wurde entsperrt. <===== ACHTUNG "{1A438DBA-6F47-44D6-8207-124A92E1597E}" task wurde entsperrt. <===== ACHTUNG "{1A8A1750-6B60-430B-A914-E01C395D222E}" task wurde entsperrt. <===== ACHTUNG Task: {1C8556F6-1371-4B3D-AB98-C681CF08BCBB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG "{1F0B1B6D-6FB8-495E-8D1D-0B6BA27883EB}" task wurde entsperrt. <===== ACHTUNG Task: {1F2F49C0-EED1-4C80-9E65-718510EA5106} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG "{216D44FB-2DD3-4478-8395-49C0E0D2D767}" task wurde entsperrt. <===== ACHTUNG "{22DF95EE-A3BC-4A00-8468-0FF46BF970FC}" task wurde entsperrt. <===== ACHTUNG "{2300B6D1-D409-499E-92DF-030662B73A6B}" task wurde entsperrt. <===== ACHTUNG "{27A7ABEB-AF7C-40F4-BAD4-95630EB0C1FA}" task wurde entsperrt. <===== ACHTUNG "{2B307AD0-33EA-4DB6-81B3-05FEADBE1140}" task wurde entsperrt. <===== ACHTUNG "{2C389306-244A-4110-97CB-594D5A467287}" task wurde entsperrt. <===== ACHTUNG "{2CCA2563-023C-4159-8011-59C6C9E1973A}" task wurde entsperrt. <===== ACHTUNG Task: {2D6337A8-679F-4C4E-817F-4A79578ED778} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-14] (Microsoft Corporation) "{317107BF-13F6-48B4-AA5A-BA0B03A02F4B}" task wurde entsperrt. <===== ACHTUNG "{33046BDC-2974-457F-A198-055760713D46}" task wurde entsperrt. <===== ACHTUNG "{330DDC8E-A32D-4363-9C85-527F2673DDF7}" task wurde entsperrt. <===== ACHTUNG "{352E6CA0-7314-4DF4-89C4-682368D80D57}" task wurde entsperrt. <===== ACHTUNG "{3627755F-6629-4D94-850A-FBE43D28BEB8}" task wurde entsperrt. <===== ACHTUNG "{37307B43-41DC-4BBE-BF3B-9B1631BEE311}" task wurde entsperrt. <===== ACHTUNG "{3788B008-08AE-42A1-AECB-404EE0EFEAA5}" task wurde entsperrt. <===== ACHTUNG "{4208A7BF-D622-476E-A1A3-F9EB2719ECD4}" task wurde entsperrt. <===== ACHTUNG "{43744BF4-03F7-4B73-87FC-2BA232F6D655}" task wurde entsperrt. <===== ACHTUNG "{44AF46C9-4AA6-4851-959E-023D755ED880}" task wurde entsperrt. <===== ACHTUNG "{44EA678F-7E08-4531-92E2-587CA13B5D2C}" task wurde entsperrt. <===== ACHTUNG "{45561755-0BB2-49DF-9B3C-3F0CEB4AB61E}" task wurde entsperrt. <===== ACHTUNG "{45A1E736-EAAA-4735-ABBA-A9C5CF2BDAEF}" task wurde entsperrt. <===== ACHTUNG "{48A98229-5C8E-4DDD-8139-CF35F7262A95}" task wurde entsperrt. <===== ACHTUNG "{48E4EF46-2962-499E-B496-FD87DEFA9D4D}" task wurde entsperrt. <===== ACHTUNG "{4A944005-EAD7-4E3D-A0CB-E36A03948234}" task wurde entsperrt. <===== ACHTUNG "{4ADD02F8-8A80-4037-93AF-01F0D391A8D4}" task wurde entsperrt. <===== ACHTUNG "{4BC5D02D-368A-405A-B471-F9CAB6666731}" task wurde entsperrt. <===== ACHTUNG "{4C5A8A03-2384-464F-AEAA-F58928D854D8}" task wurde entsperrt. <===== ACHTUNG "{4E3CB8C2-8A0C-4570-A32E-7319C6E8E432}" task wurde entsperrt. <===== ACHTUNG "{4E4954A6-C22F-4537-87FE-9A696B7BF9C4}" task wurde entsperrt. <===== ACHTUNG "{511CB694-F6BB-49BA-AC20-E2916B05BD90}" task wurde entsperrt. <===== ACHTUNG "{52362630-34B3-46AA-8508-9857D8B13B4F}" task wurde entsperrt. <===== ACHTUNG Task: {554CDFB6-DC49-4C95-8149-E73FCFF67D22} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-07] (Google Inc.) "{5587F1DC-15D0-4331-A673-6EF75E5CD9C0}" task wurde entsperrt. <===== ACHTUNG "{57ED60D2-6B0B-4069-90B4-50B067491212}" task wurde entsperrt. <===== ACHTUNG "{59CBDFB9-8D90-4443-9AF8-5C3B45220F5E}" task wurde entsperrt. <===== ACHTUNG "{59CE74C9-886F-4121-8052-508A4B829DC6}" task wurde entsperrt. <===== ACHTUNG "{5A3FB241-0B11-4EA5-BC66-0D9F1B406040}" task wurde entsperrt. <===== ACHTUNG "{5B4C02FF-5C7C-42FB-877E-4F57C6198A71}" task wurde entsperrt. <===== ACHTUNG "{5E8CC375-A631-401B-A83D-65F729771F42}" task wurde entsperrt. <===== ACHTUNG Task: {60E824C2-BC2D-4472-94E2-E1D39AF41CB2} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG "{61E97BCB-528E-4B3C-A43A-CDFC978E48E7}" task wurde entsperrt. <===== ACHTUNG Task: {62860EB0-2228-4165-9630-AC5AF0450FD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-07] (Google Inc.) "{62C6204C-B449-4C2C-B915-D8E513C8D2DC}" task wurde entsperrt. <===== ACHTUNG "{64EFDCE4-067E-45AD-80B7-9ACADBA7145A}" task wurde entsperrt. <===== ACHTUNG "{669B944E-926D-4382-AB83-710022AE3EA2}" task wurde entsperrt. <===== ACHTUNG "{66FE0026-8E27-493D-BED2-EF4ACF50814C}" task wurde entsperrt. <===== ACHTUNG "{679EB820-C80C-4B8C-81EB-D3B5A83C3BF3}" task wurde entsperrt. <===== ACHTUNG "{687FB905-133F-462F-9C7E-6FD5DE83B91D}" task wurde entsperrt. <===== ACHTUNG "{697E18DD-943C-470A-B9E3-6E5DDCB42D05}" task wurde entsperrt. <===== ACHTUNG "{6B0D6754-588A-4B5C-95F7-7F39A9780F7E}" task wurde entsperrt. <===== ACHTUNG "{6B696BCF-C866-41CA-B4E4-3D19FB1E9250}" task wurde entsperrt. <===== ACHTUNG "{6BA02DD2-FC59-4F60-9427-42EA1A59DDE1}" task wurde entsperrt. <===== ACHTUNG "{6CBA2464-1DAD-4F1D-919F-4E6DFC499277}" task wurde entsperrt. <===== ACHTUNG "{6D88DE84-0813-4C51-99FC-12A9A98DD1D9}" task wurde entsperrt. <===== ACHTUNG "{6DFCB649-0769-4F83-BB10-F60F235F6D3D}" task wurde entsperrt. <===== ACHTUNG "{70CF17D8-ACB3-4DBF-B283-6A71C9BF3D0E}" task wurde entsperrt. <===== ACHTUNG "{71E53243-3A2D-47EE-9DAB-6D71B2366657}" task wurde entsperrt. <===== ACHTUNG Task: {71EA80FA-9CB3-4910-81DF-3E483434D909} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG "{73F84A2E-E267-44CD-AE43-26F5FADC07BC}" task wurde entsperrt. <===== ACHTUNG "{7464E64D-F916-44C4-8B4D-8285C95325A1}" task wurde entsperrt. <===== ACHTUNG "{7506EE3F-10D4-4FCF-9DDD-77B8FF1182D4}" task wurde entsperrt. <===== ACHTUNG "{75336275-E3E0-4BC0-B373-3CFB8C1E4130}" task wurde entsperrt. <===== ACHTUNG "{75EEC801-5298-41FE-BD51-F07E4178CA3E}" task wurde entsperrt. <===== ACHTUNG "{7A6FA6EC-ED66-42B8-B9D7-06523FB6E039}" task wurde entsperrt. <===== ACHTUNG "{7AE1BCAC-061D-4672-BACB-88BC74CE1D7A}" task wurde entsperrt. <===== ACHTUNG "{7BC12C89-A012-46EA-B9EB-052EB5CD4326}" task wurde entsperrt. <===== ACHTUNG "{7BD8F44E-530D-41CF-B1D0-B9BB0B0C1C73}" task wurde entsperrt. <===== ACHTUNG "{7F64EAF9-FFE6-49DB-90DD-80D2B8774614}" task wurde entsperrt. <===== ACHTUNG "{7FAF6FA5-8557-4C4D-9206-7460555EAB06}" task wurde entsperrt. <===== ACHTUNG "{830038A6-9046-42E5-B03C-1455E6BDFBAF}" task wurde entsperrt. <===== ACHTUNG "{84E4A8CF-CE13-47C4-ABC1-BC5DD42C6C83}" task wurde entsperrt. <===== ACHTUNG "{860F596C-A1D8-4651-B747-D134041D80AD}" task wurde entsperrt. <===== ACHTUNG "{872D0E53-FD2E-41E3-B431-698AF82882CE}" task wurde entsperrt. <===== ACHTUNG "{8865CC07-3C24-475C-896D-8ABA96F2471A}" task wurde entsperrt. <===== ACHTUNG Task: {89635FFC-A77D-4BD8-88C8-DE3A5A2E241F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo) Task: {8A01716D-ACC3-4B57-B324-C20C68587BBA} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG Task: {8E02C3E6-11B5-452B-8732-92B5556EFD2C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated) "{90D79106-3D12-40AF-A9BA-231F2327770C}" task wurde entsperrt. <===== ACHTUNG "{94582C27-CA52-4593-9A48-A317C4D361E3}" task wurde entsperrt. <===== ACHTUNG "{955E8D5B-0718-411A-9D8F-83454788272B}" task wurde entsperrt. <===== ACHTUNG "{97601E9E-9C9C-415D-B81D-9F86ACA7CDC5}" task wurde entsperrt. <===== ACHTUNG "{9979486C-F0A7-4AC7-8BC0-AE474A7EBE6C}" task wurde entsperrt. <===== ACHTUNG Task: {99D61BD2-0EE8-4F01-AA06-FDCAF3252F37} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG "{9A58602B-2D48-4E55-BA94-672A29521C76}" task wurde entsperrt. <===== ACHTUNG "{9B3A6CD7-4CDE-4432-BE99-B316D2296C86}" task wurde entsperrt. <===== ACHTUNG "{9C8E21C9-6AB1-4D66-8DF5-73AF5359B24E}" task wurde entsperrt. <===== ACHTUNG "{9FFB29C5-38ED-47CB-B89B-EA84708EBA65}" task wurde entsperrt. <===== ACHTUNG "{A483A62A-BEE2-43EF-B43D-C4B6555D6F1E}" task wurde entsperrt. <===== ACHTUNG "{A4D1B478-9D9D-489F-98BF-846F21D1EA6C}" task wurde entsperrt. <===== ACHTUNG "{A6D9FF76-0705-4B3D-9D8E-0BB183A7D3E9}" task wurde entsperrt. <===== ACHTUNG Task: {AD9B3702-B356-4CEE-B598-040227687DE9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG "{AE229047-6634-45F4-A0F4-6A9522659F2D}" task wurde entsperrt. <===== ACHTUNG "{AF8621E4-DD0A-4E22-AEBD-D252114A7D89}" task wurde entsperrt. <===== ACHTUNG "{AFD4A8A3-508B-4785-8271-CDEBAEED3F46}" task wurde entsperrt. <===== ACHTUNG "{B3DD4C81-C4AC-4263-806F-E5B540C1B26A}" task wurde entsperrt. <===== ACHTUNG "{B4A5B97B-E0F1-4984-ADA4-432088751E1B}" task wurde entsperrt. <===== ACHTUNG Task: {B810A7BE-66FD-4E61-8B5D-D1DCCC8E9D6D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG "{BA3388B9-C9D3-47A9-A9B5-E79B50DD0270}" task wurde entsperrt. <===== ACHTUNG "{BB94B31D-4FE5-42FB-A144-A393F6C54A6F}" task wurde entsperrt. <===== ACHTUNG "{BD62F7BB-7242-4904-A8A8-4E358ED75D6B}" task wurde entsperrt. <===== ACHTUNG Task: {BF094C70-5E35-4812-AE3F-1B41B2DD570C} - System32\Tasks\GoogleUpdateTaskMachineUA1d04319189e9b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-07] (Google Inc.) "{BF589992-F6BB-4FFC-8766-FB138C7DE18D}" task wurde entsperrt. <===== ACHTUNG "{C0A4DF9B-B00D-4626-8994-BF17C88860B0}" task wurde entsperrt. <===== ACHTUNG "{C1E1F555-5EEC-4D6B-98FB-9934616F00E9}" task wurde entsperrt. <===== ACHTUNG "{C349BB67-3672-4975-AE02-517BAD9318EE}" task wurde entsperrt. <===== ACHTUNG "{C4AE3C3E-C327-4689-B6FD-C11FB31AE88B}" task wurde entsperrt. <===== ACHTUNG "{C4E89737-E6D8-4D86-B15E-50A93654BBC1}" task wurde entsperrt. <===== ACHTUNG Task: {C4F948B4-2FBD-452A-BF6F-D2C9FA366B40} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG "{C7752DC6-148D-4AB0-93E1-D84AEB7AA014}" task wurde entsperrt. <===== ACHTUNG "{C880A9A1-137C-495D-92AC-40CE8DF7E253}" task wurde entsperrt. <===== ACHTUNG "{C881A742-1A15-4EAC-96B9-9C6EA38AC7FA}" task wurde entsperrt. <===== ACHTUNG "{C8DB9D2B-AB0A-4D3F-8409-427C806748D6}" task wurde entsperrt. <===== ACHTUNG "{CA1E905A-B064-48AF-9F06-68C7E71498B9}" task wurde entsperrt. <===== ACHTUNG "{CA4BE44E-107E-4B2D-91AF-FC3B077B02FC}" task wurde entsperrt. <===== ACHTUNG "{CC8236FF-A055-4083-A37E-D0F85E135DE3}" task wurde entsperrt. <===== ACHTUNG "{CE2DE968-E342-40D7-9566-427D45E4A886}" task wurde entsperrt. <===== ACHTUNG "{CFC77F13-E27C-4C44-8D9B-CB2163D27C89}" task wurde entsperrt. <===== ACHTUNG "{D7F0F250-0978-4FFA-BA28-A14C0AB462FF}" task wurde entsperrt. <===== ACHTUNG "{DAAFAEC3-BC03-44D7-A77D-05760FE578AD}" task wurde entsperrt. <===== ACHTUNG "{DB458018-DEBA-4577-AB8B-EA1506110FB8}" task wurde entsperrt. <===== ACHTUNG Task: {DE66408B-3228-41BD-9ED7-4D0C24A8F8AA} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.) "{DE9EF05D-D131-41FC-87C9-ABF449872934}" task wurde entsperrt. <===== ACHTUNG "{E03596C8-B2A4-4553-B379-B678F0EBCA95}" task wurde entsperrt. <===== ACHTUNG "{E15B0834-C96C-40E1-8995-12FE38D52648}" task wurde entsperrt. <===== ACHTUNG Task: {E395FCBC-1897-450F-8B0D-8347A4B5BBC4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG "{E506F4C9-20BB-40AE-AD65-2304E5EF9B80}" task wurde entsperrt. <===== ACHTUNG Task: {E51AF7B8-0976-43E5-892E-16C27550ECF3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG "{E5217668-D921-4907-8CE1-276EABA44515}" task wurde entsperrt. <===== ACHTUNG Task: {E6B51E2A-B1D1-42EF-94F7-CCAF98A4EABE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {E7D06876-5CD6-4FFC-97A0-8A138A9A7EF8} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] () "{E7D61507-58B7-44DC-8D1E-932F96FC2D62}" task wurde entsperrt. <===== ACHTUNG "{EA5D5FA7-79F4-4BC8-8C91-CA1A24F86527}" task wurde entsperrt. <===== ACHTUNG "{EC59CC4E-A8CB-476D-8421-92558446E9A3}" task wurde entsperrt. <===== ACHTUNG "{EF3EC7C4-1CB5-43F1-A074-D1D74BB07D7A}" task wurde entsperrt. <===== ACHTUNG "{EFB2C913-BFA0-4FB9-8130-48BEE6BD1B12}" task wurde entsperrt. <===== ACHTUNG "{F120A436-C215-4927-87AA-934387AF5782}" task wurde entsperrt. <===== ACHTUNG "{F2341244-5F02-41C5-BA40-4FBADCD67206}" task wurde entsperrt. <===== ACHTUNG "{F35162BA-CDE7-4746-A368-D590640A3FA9}" task wurde entsperrt. <===== ACHTUNG "{F4BF89A9-8488-4988-B163-F7F0341D521B}" task wurde entsperrt. <===== ACHTUNG "{F6734075-627C-47CE-918F-B51866D629BB}" task wurde entsperrt. <===== ACHTUNG "{F775C69D-FE09-4105-8F98-5DC6D956FA4E}" task wurde entsperrt. <===== ACHTUNG "{F98BB314-575B-453F-A9F9-A13B9D088426}" task wurde entsperrt. <===== ACHTUNG "{F98C81FF-D786-4067-AAFB-D67F2BA8542A}" task wurde entsperrt. <===== ACHTUNG "{FA625267-66E0-464A-AE95-8754007E78AD}" task wurde entsperrt. <===== ACHTUNG "{FB1868EE-5CA8-4DE9-A8B1-6171EB0EDB5A}" task wurde entsperrt. <===== ACHTUNG "{FC52F032-45F0-4B04-99DA-5A5F43CB0392}" task wurde entsperrt. <===== ACHTUNG "{FC5681F1-C930-414C-8049-16F7B32D0FEF}" task wurde entsperrt. <===== ACHTUNG "{FEF85651-4DD3-461C-AB7B-44FC3276E219}" task wurde entsperrt. <===== ACHTUNG (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04319189e9b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-04-11 12:08 - 2015-07-23 03:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2014-09-18 00:39 - 2012-04-24 12:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2016-04-14 00:07 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-14 00:07 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-04-25 02:33 - 2016-04-25 02:33 - 00959176 _____ () C:\Users\UNI\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll 2016-04-19 20:40 - 2016-04-19 20:41 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-02-13 19:02 - 2016-02-13 19:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-04-14 00:06 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-04-14 00:07 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-04-14 00:07 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-04-14 00:07 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-04-14 00:07 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-12-19 02:08 - 2015-12-19 02:08 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe 2014-09-18 00:00 - 2010-10-26 06:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe 2015-12-01 06:46 - 2015-12-01 06:46 - 00794920 _____ () C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\kpcengine.2.3.dll 2016-04-19 20:40 - 2016-04-19 20:41 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-04-19 20:40 - 2016-04-19 20:41 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-04-25 02:33 - 2016-04-25 02:33 - 00679624 _____ () C:\Users\UNI\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\ClientTelemetry.dll 2014-09-17 23:52 - 2013-09-16 21:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service" ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-3051385857-1379960724-2999109445-1001\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\UNI\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\reflections4.jpg DNS Servers: Datenträger ist nicht mit dem Internet verbunden. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\StartupApproved\Run: => "Spotify Web Helper" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [UDP Query User{CEFE383C-D24C-45C3-8A9F-0F291F7C8D34}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Block) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe FirewallRules: [TCP Query User{B3E9A836-107C-4A64-867A-BF64D1CE3991}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Block) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe FirewallRules: [{9AEDDD89-55B6-4887-89D2-A7FC9107A64C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C96D09BB-CBC0-4F42-92B7-DACF8038CE48}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{355F1E33-4B93-450D-9F3E-31F8CA46AAE5}] => (Allow) LPort=1900 FirewallRules: [{92CD0C81-7D18-4099-8C80-19731B09C34C}] => (Allow) LPort=2869 FirewallRules: [{50C680FD-F630-4227-AD9F-54377BA56EAC}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{ABE2C105-99A1-4496-A1D9-E4526DD24E43}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8 fix.exe FirewallRules: [{D6399097-5D44-458F-8AF9-1E677A487BF4}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8 fix.exe FirewallRules: [{FB0EE854-8EC3-4A2C-8EA1-F7E2B0043E00}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8.exe FirewallRules: [{E503346B-0B95-42F5-8840-64AC923D57BF}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8.exe FirewallRules: [UDP Query User{4F802E87-400C-4563-ABB9-87F76142A7E6}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Allow) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe FirewallRules: [TCP Query User{D461F6DD-13C3-4A0A-AF79-3C6EF69AE32A}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Allow) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe FirewallRules: [{D3C09483-BD71-435E-8879-B98BAE4481D6}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{B33F94FA-E6B9-4C98-B711-6D7818BD0DED}] => (Allow) LPort=5357 FirewallRules: [{A2FB1D09-1588-4899-9F78-07BAE6B6C8EF}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe FirewallRules: [UDP Query User{2C3558D6-3E3B-4D15-80FD-AA28289F1D74}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{9BC40B0A-A086-4A05-954B-35F960F8837D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{0C79AE82-A53D-48F6-B13B-7B3DD10E7A24}] => (Allow) C:\Users\UNI\AppData\Local\Temp\7zS50B8\HPDiagnosticCoreUI.exe FirewallRules: [{B78CD14A-3C02-40F4-93AA-73DEFE0453AB}] => (Allow) C:\Users\UNI\AppData\Local\Temp\7zS50B8\HPDiagnosticCoreUI.exe FirewallRules: [{DDC6E890-3BB4-4238-9F6F-D2731CD0EEA6}] => (Allow) C:\Users\UNI\AppData\Local\Temp\7zS507A\HPDiagnosticCoreUI.exe FirewallRules: [{64FA4642-3A13-456B-8666-882281C8E107}] => (Allow) C:\Users\UNI\AppData\Local\Temp\7zS507A\HPDiagnosticCoreUI.exe FirewallRules: [{5A8BAD8A-DE77-40DA-BE8D-0B87D1B5BAB4}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{203C9CFE-3C19-4FEE-B625-8D699D626DD6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{0380DC55-9582-4181-AA7D-5185EAE08093}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{FE985222-1F10-4D7A-B67F-1BD6CD467EBA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{0B42F863-0075-4AA4-8C24-756A391E4BD0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{A36D0CCD-3FAE-476E-83C4-7CCAD5FB3513}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C2DC8939-FD5F-4B46-995B-BED225818930}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{741E7EAE-D989-415F-80BF-15CD9F7C7324}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{440CEFA7-2E08-45C7-ACD3-62744A2847ED}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{B58A3D34-CF26-40A4-8351-68ADAA20B1AC}C:\users\UNI\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\UNI\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{93FF429B-A612-48B4-9AAD-7391B670E0D7}C:\users\UNI\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\UNI\appdata\roaming\spotify\spotify.exe FirewallRules: [{A269F050-2E1C-4786-8923-80096CD04F87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{8E690514-08F3-4D34-A2F0-AB367BF1BCDC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [UDP Query User{E231306D-466C-48E3-B3B9-85D18926E04D}C:\users\UNI\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\UNI\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{05E1788C-1FC3-4E5A-915E-D5AEAE38D081}C:\users\UNI\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\UNI\appdata\roaming\spotify\spotify.exe FirewallRules: [{2CE7DCAF-1612-45E0-B63E-8C819302E26B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [{C8F97C20-B1C2-46A4-A46E-957858FD8869}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [{1971CD84-ACCD-4F05-983B-0D0C2AAD84EE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{2570C57E-B1BC-4161-8CC2-2C32E0B612DF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{AB5289FF-B7C6-4B1F-9315-0BC35E0A233C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{67B2FE43-2117-4C61-885E-B2FD11B920BD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{4DA3ECC4-FC85-44DD-8106-6D382FA707A5}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe FirewallRules: [{3BCBB21E-0780-4655-93EE-980FE9029C61}] => (Allow) LPort=55100 FirewallRules: [{CA4A1513-F2E1-48D1-9B3A-726FD4C8B4E9}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE FirewallRules: [{4B4379A0-9983-49BC-BC73-2EFB29145779}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{27DD41BD-25CA-4288-AFF4-E6BF8587B7BF}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{0B42F4B5-3FBB-44C8-B924-1BA7B630396D}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe FirewallRules: [{C548901B-A7EF-4772-BF3D-5512915BBD8F}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe FirewallRules: [{A46F13CA-72AC-4292-B13E-DD960C1727A4}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe FirewallRules: [{5AE63078-F1F6-488D-9125-9FDCFFD37A7E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe FirewallRules: [{DDEC3351-80A9-417F-ABBB-50D745817DF3}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{993B0402-90EE-4026-929B-97D59670C539}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{74FA38CF-9061-4843-B660-34066DB08651}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{6443ECF1-E0F3-4FF5-A278-072D53617836}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{0CF7EB76-D013-4A67-9E70-39C40F34E8D0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{C43D9CF1-D83A-481E-BA81-C246BA006216}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{FD253542-9DE2-4C54-A058-AF2F7A220F2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{9C2B2186-C84F-4B04-9A03-8671D5CE66C2}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{77B6C35F-F7D6-480F-A1EA-91458D142107}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{9DD59E56-3542-48DB-9B6A-34A1D20920D1}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{558F65A3-09B1-40AA-9B64-5EBFD8AED31B}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe ==================== Wiederherstellungspunkte ========================= ACHTUNG: Systemwiederherstellung ist deaktiviert ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (04/29/2016 01:29:03 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2116-04-05T11:29:03Z. Fehlercode: 0x80070005. Error: (04/29/2016 01:28:33 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2116-04-05T11:28:33Z. Fehlercode: 0x80070005. Error: (04/29/2016 01:28:03 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2116-04-05T11:28:03Z. Fehlercode: 0x80070005. Error: (04/29/2016 01:27:33 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2116-04-05T11:27:33Z. Fehlercode: 0x80070005. Error: (04/29/2016 01:27:03 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2116-04-05T11:27:03Z. Fehlercode: 0x80070005. Error: (04/29/2016 01:26:33 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2116-04-05T11:26:33Z. Fehlercode: 0x80070005. Error: (04/29/2016 01:25:38 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2116-04-05T11:25:38Z. Fehlercode: 0x80070005. Error: (04/28/2016 10:17:35 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2116-04-04T20:17:35Z. Fehlercode: 0x80070005. Error: (04/28/2016 10:17:05 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2116-04-04T20:17:05Z. Fehlercode: 0x80070005. Error: (04/28/2016 10:16:35 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: ) Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2116-04-04T20:16:35Z. Fehlercode: 0x80070005. Systemfehler: ============= Error: (04/29/2016 01:22:15 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT) Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147942405. Error: (04/29/2016 01:22:15 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT) Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147942405. Error: (04/29/2016 01:22:15 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: NT-AUTORITÄT) Description: Die Aufgabenplanungdienst konnte durch den Computerstart ausgelöste Aufgaben nicht starten. Zusätzliche Daten: Fehlerwert: 2147942405. Error: (04/29/2016 01:21:57 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT) Description: 32212256841156512 Error: (04/29/2016 01:22:10 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 29.04.2016 um 12:57:38 unerwartet heruntergefahren. Error: (04/29/2016 12:57:45 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT) Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147942405. Error: (04/29/2016 12:57:45 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 413) (User: NT-AUTORITÄT) Description: Beim Start des Aufgabenplanungsdiensts konnten Aufgaben nicht geladen werden. Zusätzliche Daten: Fehlerwert: 2147942405. Error: (04/29/2016 12:57:45 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: NT-AUTORITÄT) Description: Die Aufgabenplanungdienst konnte durch den Computerstart ausgelöste Aufgaben nicht starten. Zusätzliche Daten: Fehlerwert: 2147942405. Error: (04/29/2016 12:57:28 PM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT-AUTORITÄT) Description: Der Systemüberwachungszeitgeber wurde ausgelöst. Error: (04/29/2016 12:57:38 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 29.04.2016 um 12:52:40 unerwartet heruntergefahren. CodeIntegrity: =================================== Date: 2016-04-18 13:35:57.572 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-18 13:26:41.335 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-14 12:46:40.805 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-11 16:00:34.354 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-11 13:46:49.302 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-11 12:33:49.290 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-11 12:26:25.190 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-11 12:04:38.922 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz Prozentuale Nutzung des RAM: 30% Installierter physikalischer RAM: 8084.27 MB Verfügbarer physikalischer RAM: 5578.46 MB Summe virtueller Speicher: 9364.27 MB Verfügbarer virtueller Speicher: 6858.89 MB ==================== Laufwerke ================================ Drive c: (Windows8_OS) (Fixed) (Total:889.49 GB) (Free:767.96 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.68 GB) NTFS Drive f: () (Removable) (Total:3.74 GB) (Free:3.46 GB) FAT32 ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 96AEBC74) Partition: GPT. ======================================================== Disk: 1 (Size: 3.8 GB) (Disk ID: EC10B82D) Partition 1: (Not Active) - (Size=3.8 GB) - (Type=0B) ==================== Ende von Addition.txt ============================ Code:
ATTFilter 13:36:16.0144 0x1c8c TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12 13:36:16.0144 0x1c8c UEFI system 13:36:45.0850 0x1c8c EULA was not accepted, exiting. For auto accept you could use -accepteula command line parameter. 13:36:45.0854 0x1334 Deinitialize success Code:
ATTFilter 13:37:33.0269 0x03e0 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12 13:37:33.0269 0x03e0 UEFI system 13:37:50.0027 0x03e0 ============================================================ 13:37:50.0027 0x03e0 Current date / time: 2016/04/29 13:37:50.0027 13:37:50.0027 0x03e0 SystemInfo: 13:37:50.0027 0x03e0 13:37:50.0027 0x03e0 OS Version: 10.0.10586 ServicePack: 0.0 13:37:50.0027 0x03e0 Product type: Workstation 13:37:50.0027 0x03e0 ComputerName: LENOVO-PC 13:37:50.0027 0x03e0 UserName: UNI 13:37:50.0027 0x03e0 Windows directory: C:\WINDOWS 13:37:50.0027 0x03e0 System windows directory: C:\WINDOWS 13:37:50.0027 0x03e0 Running under WOW64 13:37:50.0027 0x03e0 Processor architecture: Intel x64 13:37:50.0027 0x03e0 Number of processors: 4 13:37:50.0027 0x03e0 Page size: 0x1000 13:37:50.0027 0x03e0 Boot type: Normal boot 13:37:50.0027 0x03e0 ============================================================ 13:37:51.0741 0x03e0 KLMD registered as C:\WINDOWS\system32\drivers\73831547.sys 13:37:52.0000 0x03e0 System UUID: {CE297566-D7AD-DA9F-C1B9-6066A74751EF} 13:38:00.0893 0x03e0 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 13:38:00.0897 0x03e0 Drive \Device\Harddisk1\DR1 - Size: 0xF0100000 ( 3.75 Gb ), SectorSize: 0x200, Cylinders: 0x1E9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 13:38:00.0899 0x03e0 ============================================================ 13:38:00.0899 0x03e0 \Device\Harddisk0\DR0: 13:38:00.0900 0x03e0 GPT partitions: 13:38:00.0901 0x03e0 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F1A6676D-EAC4-418D-BCEB-5F77A9D72A9A}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000 13:38:00.0901 0x03e0 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {BC6697F8-E391-4AF9-BEF4-013D4A4DDB7E}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000 13:38:00.0901 0x03e0 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {7BB8898E-64C1-435F-9F6F-7E7261DE1434}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000 13:38:00.0901 0x03e0 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {14D32AF2-98DF-4719-9BED-AAD40809F5B3}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000 13:38:00.0901 0x03e0 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C8EA307D-B6E0-4B66-934A-F092620FE5A3}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x6F2F8800 13:38:00.0901 0x03e0 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7C30580E-32FF-40E1-9B1A-F3D3CBFD529E}, Name: Basic data partition, StartLBA 0x6F7A3000, BlocksNum 0x3200000 13:38:00.0901 0x03e0 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {80611826-E840-4DD9-9ABC-EA631D8BE7A2}, Name: Basic data partition, StartLBA 0x729A3000, BlocksNum 0x1D63800 13:38:00.0901 0x03e0 MBR partitions: 13:38:00.0901 0x03e0 \Device\Harddisk1\DR1: 13:38:00.0902 0x03e0 MBR partitions: 13:38:00.0902 0x03e0 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x250, BlocksNum 0x7805B0 13:38:00.0902 0x03e0 ============================================================ 13:38:00.0904 0x03e0 C: <-> \Device\Harddisk0\DR0\Partition5 13:38:00.0932 0x03e0 D: <-> \Device\Harddisk0\DR0\Partition6 13:38:00.0933 0x03e0 ============================================================ 13:38:00.0933 0x03e0 Initialize success 13:38:00.0933 0x03e0 ============================================================ 13:38:44.0606 0x0ab0 ============================================================ 13:38:44.0606 0x0ab0 Scan started 13:38:44.0606 0x0ab0 Mode: Manual; SigCheck; TDLFS; 13:38:44.0606 0x0ab0 ============================================================ 13:38:44.0606 0x0ab0 KSN ping started 13:38:46.0992 0x0ab0 KSN ping finished: true 13:38:48.0157 0x0ab0 ================ Scan system memory ======================== 13:38:48.0157 0x0ab0 System memory - ok 13:38:48.0158 0x0ab0 ================ Scan services ============================= 13:38:48.0312 0x0ab0 [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys 13:38:48.0400 0x0ab0 1394ohci - ok 13:38:48.0415 0x0ab0 [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys 13:38:48.0433 0x0ab0 3ware - ok 13:38:48.0464 0x0ab0 [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys 13:38:48.0492 0x0ab0 ACPI - ok 13:38:48.0502 0x0ab0 [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys 13:38:48.0520 0x0ab0 acpiex - ok 13:38:48.0526 0x0ab0 [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys 13:38:48.0544 0x0ab0 acpipagr - ok 13:38:48.0549 0x0ab0 [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys 13:38:48.0572 0x0ab0 AcpiPmi - ok 13:38:48.0577 0x0ab0 [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys 13:38:48.0599 0x0ab0 acpitime - ok 13:38:48.0605 0x0ab0 [ AF7A18603B0B82DFA5B420456FAF2201, 64AD831433778BB0B0B1615EEA7682960ED5815A091A9EFEE95A862EFBDE6D69 ] ACPIVPC C:\WINDOWS\System32\drivers\AcpiVpc.sys 13:38:48.0883 0x0ab0 ACPIVPC - ok 13:38:48.0898 0x0ab0 [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 13:38:48.0913 0x0ab0 AdobeARMservice - ok 13:38:48.0990 0x0ab0 [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS 13:38:49.0028 0x0ab0 ADP80XX - ok 13:38:49.0047 0x0ab0 [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD C:\WINDOWS\system32\drivers\afd.sys 13:38:49.0072 0x0ab0 AFD - ok 13:38:49.0077 0x0ab0 [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys 13:38:49.0091 0x0ab0 agp440 - ok 13:38:49.0101 0x0ab0 [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys 13:38:49.0122 0x0ab0 ahcache - ok 13:38:49.0128 0x0ab0 [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter C:\WINDOWS\System32\AJRouter.dll 13:38:49.0142 0x0ab0 AJRouter - ok 13:38:49.0148 0x0ab0 [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG C:\WINDOWS\System32\alg.exe 13:38:49.0165 0x0ab0 ALG - ok 13:38:49.0174 0x0ab0 [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys 13:38:49.0190 0x0ab0 AmdK8 - ok 13:38:49.0197 0x0ab0 [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys 13:38:49.0213 0x0ab0 AmdPPM - ok 13:38:49.0218 0x0ab0 [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys 13:38:49.0231 0x0ab0 amdsata - ok 13:38:49.0242 0x0ab0 [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys 13:38:49.0259 0x0ab0 amdsbs - ok 13:38:49.0263 0x0ab0 [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys 13:38:49.0277 0x0ab0 amdxata - ok 13:38:49.0320 0x0ab0 [ 37CD9EB03B36D8329F96BA921470DB54, 0CD3BFBA51F84D83E3B208D2BED7CE8E91B447B2037014663EC7CB8E5A925201 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe 13:38:49.0410 0x0ab0 AntiVirMailService - ok 13:38:49.0458 0x0ab0 [ 98C06275DB53A1E70AB8CB94013B20D4, 5DE48C829A66B0F4C8119E75D985D63C1020FA318696BD19E44E0A07CD6F1ED0 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 13:38:49.0508 0x0ab0 AntiVirSchedulerService - ok 13:38:49.0557 0x0ab0 [ 98C06275DB53A1E70AB8CB94013B20D4, 5DE48C829A66B0F4C8119E75D985D63C1020FA318696BD19E44E0A07CD6F1ED0 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 13:38:49.0608 0x0ab0 AntiVirService - ok 13:38:49.0748 0x0ab0 [ 1F5CC3C23E10290A3FF9CAA74AA30D07, A4F1F3465A5E0A914EE5A4FEF4A6B639956BA04B7145EF68820BC2A15DEE4162 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe 13:38:49.0866 0x0ab0 AntiVirWebService - ok 13:38:49.0890 0x0ab0 [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID C:\WINDOWS\system32\drivers\appid.sys 13:38:49.0937 0x0ab0 AppID - ok 13:38:49.0949 0x0ab0 [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll 13:38:50.0007 0x0ab0 AppIDSvc - ok 13:38:50.0024 0x0ab0 [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo C:\WINDOWS\System32\appinfo.dll 13:38:50.0065 0x0ab0 Appinfo - ok 13:38:50.0101 0x0ab0 [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 13:38:50.0129 0x0ab0 Apple Mobile Device Service - ok 13:38:50.0170 0x0ab0 [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll 13:38:50.0224 0x0ab0 AppReadiness - ok 13:38:50.0323 0x0ab0 [ 0F3C165B71F8140F50A1DB5DE3E6D695, 7AD0F130088B3A964739C3194CF09E79B6B5D761B064071B9AC11D9B65F5D523 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll 13:38:50.0401 0x0ab0 AppXSvc - ok 13:38:50.0413 0x0ab0 [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys 13:38:50.0426 0x0ab0 arcsas - ok 13:38:50.0432 0x0ab0 [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys 13:38:50.0448 0x0ab0 AsyncMac - ok 13:38:50.0452 0x0ab0 [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi C:\WINDOWS\system32\drivers\atapi.sys 13:38:50.0465 0x0ab0 atapi - ok 13:38:50.0484 0x0ab0 [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll 13:38:50.0504 0x0ab0 AudioEndpointBuilder - ok 13:38:50.0534 0x0ab0 [ 2A2C0983B6FE62F02E7183335B1F5C20, 07845269FE72894D31D3FC927EECE26333AE9A2149A995DA4AE007276B05C647 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll 13:38:50.0576 0x0ab0 Audiosrv - ok 13:38:50.0584 0x0ab0 [ 5CF5E80616F74B769AABCF76FEA791D1, CA56643D41DB4E139FE85098DCD67187AAC126CE2414276364A97334E15F9F53 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys 13:38:50.0593 0x0ab0 avgntflt - ok 13:38:50.0655 0x0ab0 [ 8AC3D6C2E2B0B22E918817A96DA4875E, AE6FB86A09373918DD7FA7E19DA9B2915AAAE6DDF5939245F44B5512E3710E1B ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys 13:38:50.0682 0x0ab0 avipbb - ok 13:38:50.0708 0x0ab0 [ 8B86696A7030DDBD85B64621BD5B9C44, 9C22C8C5AC39A7138A669A6C4CA9753A6D2F21CFDFB8A1F1A34CB0AFC9DA9F0D ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe 13:38:50.0743 0x0ab0 Avira.ServiceHost - ok 13:38:50.0770 0x0ab0 [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys 13:38:50.0798 0x0ab0 avkmgr - ok 13:38:50.0814 0x0ab0 [ 02488D56FE0DB002CE3B1E120A0ED889, 487067731C2CA1BA8A1CF1C403C2342C153E6BE0CE9B003D914D9647059EFDBD ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys 13:38:50.0834 0x0ab0 avnetflt - ok 13:38:50.0846 0x0ab0 [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll 13:38:50.0888 0x0ab0 AxInstSV - ok 13:38:50.0914 0x0ab0 [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys 13:38:50.0939 0x0ab0 b06bdrv - ok 13:38:50.0945 0x0ab0 [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys 13:38:50.0959 0x0ab0 BasicDisplay - ok 13:38:50.0970 0x0ab0 [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys 13:38:50.0983 0x0ab0 BasicRender - ok 13:38:50.0989 0x0ab0 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys 13:38:51.0003 0x0ab0 bcmfn - ok 13:38:51.0007 0x0ab0 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys 13:38:51.0021 0x0ab0 bcmfn2 - ok 13:38:51.0064 0x0ab0 [ F374C27099807E99A156953F8416D34A, D267B8CD837290F9FC6B4FFD2DB8F54867D808FB155698FC7713BCAB3AE475B5 ] BDESVC C:\WINDOWS\System32\bdesvc.dll 13:38:51.0111 0x0ab0 BDESVC - ok 13:38:51.0154 0x0ab0 [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 13:38:51.0187 0x0ab0 Beep - ok 13:38:51.0226 0x0ab0 [ 37F5E2385CB4D10AB42186974B9C241A, D38FA2B8CE19AC32056060F04B04D031F1621C07528DEDCCD5A8C01AB0A35995 ] BFE C:\WINDOWS\System32\bfe.dll 13:38:51.0268 0x0ab0 BFE - ok 13:38:51.0307 0x0ab0 [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS C:\WINDOWS\System32\qmgr.dll 13:38:51.0366 0x0ab0 BITS - ok 13:38:51.0382 0x0ab0 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 13:38:51.0397 0x0ab0 Bonjour Service - ok 13:38:51.0405 0x0ab0 [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys 13:38:51.0420 0x0ab0 bowser - ok 13:38:51.0437 0x0ab0 [ 492FB85E61768950CDD27C87AED6E8FA, 1BFF11D899581E406D1AB5F2C66C9D816161ECF4B81AAACCCA3663875E86C0A5 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll 13:38:51.0467 0x0ab0 BrokerInfrastructure - ok 13:38:51.0474 0x0ab0 [ A617BE5E429A035A1CA8217C1B16F0BB, 197EE6C6EB22FF8A626540886F5A2163CC4CB177504C5423856F54BF01EB0FF1 ] Browser C:\WINDOWS\System32\browser.dll 13:38:51.0490 0x0ab0 Browser - ok 13:38:51.0495 0x0ab0 [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys 13:38:51.0510 0x0ab0 BthAvrcpTg - ok 13:38:51.0515 0x0ab0 [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys 13:38:51.0530 0x0ab0 BthHFEnum - ok 13:38:51.0542 0x0ab0 [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys 13:38:51.0557 0x0ab0 bthhfhid - ok 13:38:51.0571 0x0ab0 [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll 13:38:51.0592 0x0ab0 BthHFSrv - ok 13:38:51.0598 0x0ab0 [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys 13:38:51.0614 0x0ab0 BTHMODEM - ok 13:38:51.0639 0x0ab0 [ 2A0EF9AF5FD3FCCC25E17C47198D6E25, 4B548DD7235EF5EEC36AC443F9F44A042332BA01CB38B3D2E804618F2DC31813 ] BTHPORT C:\WINDOWS\System32\drivers\BTHport.sys 13:38:51.0679 0x0ab0 BTHPORT - ok 13:38:51.0687 0x0ab0 [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv C:\WINDOWS\system32\bthserv.dll 13:38:51.0703 0x0ab0 bthserv - ok 13:38:51.0710 0x0ab0 [ B13CB5CCEE91ACA77C985B8E0D53A7D4, 1DB76A52E30B3DCC0FAF8579A7D5A24AD010ACA7613FB00B541FDDED7BE3F08E ] BTHUSB C:\WINDOWS\System32\drivers\BTHUSB.sys 13:38:51.0724 0x0ab0 BTHUSB - ok 13:38:51.0731 0x0ab0 [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys 13:38:51.0748 0x0ab0 buttonconverter - ok 13:38:51.0754 0x0ab0 [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg C:\WINDOWS\System32\drivers\capimg.sys 13:38:51.0769 0x0ab0 CapImg - ok 13:38:51.0776 0x0ab0 [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys 13:38:51.0792 0x0ab0 cdfs - ok 13:38:51.0804 0x0ab0 [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll 13:38:51.0829 0x0ab0 CDPSvc - ok 13:38:51.0836 0x0ab0 [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys 13:38:51.0855 0x0ab0 cdrom - ok 13:38:51.0864 0x0ab0 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc C:\WINDOWS\System32\certprop.dll 13:38:51.0885 0x0ab0 CertPropSvc - ok 13:38:51.0890 0x0ab0 [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass C:\WINDOWS\System32\drivers\circlass.sys 13:38:51.0904 0x0ab0 circlass - ok 13:38:51.0916 0x0ab0 [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys 13:38:51.0935 0x0ab0 CLFS - ok 13:38:51.0953 0x0ab0 [ F7526C133AC265F283012E9CD751F873, 6AABDD92FD880F49F63C1CC478C3D8291AF670802CEC58B32730E7675D858D88 ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll 13:38:51.0977 0x0ab0 ClipSVC - ok 13:38:51.0990 0x0ab0 [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys 13:38:52.0002 0x0ab0 CmBatt - ok 13:38:52.0028 0x0ab0 [ 3B866F8CB10719A5AF9E410B1B149714, B0A32B526290ED8E1DD93C70AB49DD417B82CA23D6B815163131247091D61DBA ] CNG C:\WINDOWS\system32\Drivers\cng.sys 13:38:52.0051 0x0ab0 CNG - ok 13:38:52.0057 0x0ab0 [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys 13:38:52.0069 0x0ab0 cnghwassist - ok 13:38:52.0110 0x0ab0 [ 579B8A665076612D65107D3C7F80CBF7, EDD2763544A71A580ABC6F3E1F3794B9D20B31522413A6B409398ED900392CCF ] CnxtHdAudService C:\WINDOWS\system32\drivers\CHDRT64.sys 13:38:52.0148 0x0ab0 CnxtHdAudService - ok 13:38:52.0177 0x0ab0 [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys 13:38:52.0191 0x0ab0 CompositeBus - ok 13:38:52.0194 0x0ab0 COMSysApp - ok 13:38:52.0201 0x0ab0 [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv C:\WINDOWS\system32\drivers\condrv.sys 13:38:52.0213 0x0ab0 condrv - ok 13:38:52.0235 0x0ab0 [ DE6DF2C34718EADCFF8776E597F2104D, 35D03E95853CEAC69F674FB09C819A4698EBEDFD8AC0474F0ADF02741492401E ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll 13:38:52.0263 0x0ab0 CoreMessagingRegistrar - ok 13:38:52.0333 0x0ab0 [ 137BC921135ECDA3E9917B56E3550D32, 6585F4FFEAB32583B867A14F7B7C09C563B1EA715AD9C3B850A7965C54A819A0 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe 13:38:52.0350 0x0ab0 cphs - ok 13:38:52.0358 0x0ab0 [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll 13:38:52.0373 0x0ab0 CryptSvc - ok 13:38:52.0382 0x0ab0 [ 4E6337DE03F36BCE168110E6B59F6A5B, 2DB940EBBA971B3801E273B80D8CBD975040A8B87908E7E0733E4DBB0EFC2611 ] CxAudMsg C:\WINDOWS\system32\CxAudMsg64.exe 13:38:52.0395 0x0ab0 CxAudMsg - ok 13:38:52.0400 0x0ab0 [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam C:\WINDOWS\system32\drivers\dam.sys 13:38:52.0412 0x0ab0 dam - ok 13:38:52.0438 0x0ab0 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 13:38:52.0479 0x0ab0 DcomLaunch - ok 13:38:52.0501 0x0ab0 [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll 13:38:52.0523 0x0ab0 DcpSvc - ok 13:38:52.0539 0x0ab0 [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc C:\WINDOWS\System32\defragsvc.dll 13:38:52.0573 0x0ab0 defragsvc - ok 13:38:52.0588 0x0ab0 [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll 13:38:52.0614 0x0ab0 DeviceAssociationService - ok 13:38:52.0620 0x0ab0 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll 13:38:52.0642 0x0ab0 DeviceInstall - ok 13:38:52.0648 0x0ab0 [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll 13:38:52.0662 0x0ab0 DevQueryBroker - ok 13:38:52.0670 0x0ab0 [ 935823F79CBEDB91637B63D37E3A5A36, BE9A46F1CA631B9252C71758901D55456DC3C143053003D9FA7D67811A1E5026 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys 13:38:52.0686 0x0ab0 Dfsc - ok 13:38:52.0687 0x0a60 Object required for P2P: [ 37CD9EB03B36D8329F96BA921470DB54 ] AntiVirMailService 13:38:52.0694 0x0ab0 [ 85137571AEC8AC757D497B9DD30D544D, 6E15C9FB4010B26A8E5AFD4E85F7362B2616EB8503ACCE28EC31AC1E7D18566F ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys 13:38:52.0708 0x0ab0 dg_ssudbus - ok 13:38:52.0722 0x0ab0 [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll 13:38:52.0752 0x0ab0 Dhcp - ok 13:38:52.0765 0x0ab0 [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe 13:38:52.0778 0x0ab0 diagnosticshub.standardcollector.service - ok 13:38:52.0821 0x0ab0 [ 15D174719872A30F2FDD6B5B1B8BA5D9, B0E6FF6FC47B731C204F110D4B768231906B144B31F602ECE8EAC24D70BA880D ] DiagTrack C:\WINDOWS\system32\diagtrack.dll 13:38:52.0874 0x0ab0 DiagTrack - ok 13:38:52.0883 0x0ab0 [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk C:\WINDOWS\system32\drivers\disk.sys 13:38:52.0896 0x0ab0 disk - ok 13:38:52.0907 0x0ab0 [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll 13:38:52.0932 0x0ab0 DmEnrollmentSvc - ok 13:38:52.0945 0x0ab0 [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys 13:38:52.0958 0x0ab0 dmvsc - ok 13:38:52.0963 0x0ab0 [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll 13:38:52.0981 0x0ab0 dmwappushservice - ok 13:38:52.0991 0x0ab0 [ 5839A317C25F70979433E0905DFABB1B, 7F1CD50C77A33A10259D8A208A355BE7ECAFEA69F810AD908EF8878A792741AF ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 13:38:53.0012 0x0ab0 Dnscache - ok 13:38:53.0024 0x0ab0 [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc C:\WINDOWS\System32\dot3svc.dll 13:38:53.0047 0x0ab0 dot3svc - ok 13:38:53.0055 0x0ab0 [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS C:\WINDOWS\system32\dps.dll 13:38:53.0072 0x0ab0 DPS - ok 13:38:53.0076 0x0ab0 [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud C:\WINDOWS\System32\drivers\drmkaud.sys 13:38:53.0087 0x0ab0 drmkaud - ok 13:38:53.0096 0x0ab0 [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll 13:38:53.0115 0x0ab0 DsmSvc - ok 13:38:53.0123 0x0ab0 [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc C:\WINDOWS\System32\DsSvc.dll 13:38:53.0142 0x0ab0 DsSvc - ok 13:38:53.0205 0x0ab0 [ F45665E77D11F3C1552EDBEAD1559DC8, C7C4B493CB36A1A35B8CA33C044BA0ED273CDA80E36F48BFF7CE3A0356246838 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys 13:38:53.0274 0x0ab0 DXGKrnl - ok 13:38:53.0291 0x0ab0 [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost C:\WINDOWS\System32\eapsvc.dll 13:38:53.0329 0x0ab0 Eaphost - ok 13:38:53.0535 0x0ab0 [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys 13:38:53.0750 0x0ab0 ebdrv - ok 13:38:53.0782 0x0ab0 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS C:\WINDOWS\System32\lsass.exe 13:38:53.0795 0x0ab0 EFS - ok 13:38:53.0820 0x0ab0 [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys 13:38:53.0835 0x0ab0 EhStorClass - ok 13:38:53.0865 0x0ab0 [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys 13:38:53.0881 0x0ab0 EhStorTcgDrv - ok 13:38:53.0888 0x0ab0 [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll 13:38:53.0911 0x0ab0 embeddedmode - ok 13:38:53.0931 0x0ab0 [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll 13:38:53.0953 0x0ab0 EntAppSvc - ok 13:38:53.0957 0x0ab0 [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys 13:38:53.0971 0x0ab0 ErrDev - ok 13:38:53.0977 0x0b0c Object required for P2P: [ 5CF5E80616F74B769AABCF76FEA791D1 ] avgntflt 13:38:53.0991 0x0ab0 [ 6BD85B39B7B23F03B24CF641ED29147B, 850F21750BB39E5239B1584E1117844CAAAF6A5C58E79366552309F917675CE5 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys 13:38:54.0013 0x0ab0 ETD - ok 13:38:54.0022 0x0ab0 [ 8916EACF1256E1C5A3AF81FD39C747E7, FF28FB95E9F9287C1005CF0D9EB84F7CA3D137689862860C9848398504E1EFFF ] ETDService C:\Program Files\Elantech\ETDService.exe 13:38:54.0032 0x0ab0 ETDService - ok 13:38:54.0050 0x0ab0 [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem C:\WINDOWS\system32\es.dll 13:38:54.0078 0x0ab0 EventSystem - ok 13:38:54.0089 0x0ab0 [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat C:\WINDOWS\system32\drivers\exfat.sys 13:38:54.0110 0x0ab0 exfat - ok 13:38:54.0121 0x0ab0 [ 03DE0EC072C5EBD5B018CAD83F1E522A, 9D0B30A2870FBA20B95017CE3A4205F2DD53FE169A0D16715E962D83DE040FB3 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys 13:38:54.0139 0x0ab0 fastfat - ok 13:38:54.0160 0x0ab0 [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax C:\WINDOWS\system32\fxssvc.exe 13:38:54.0191 0x0ab0 Fax - ok 13:38:54.0196 0x0ab0 [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc C:\WINDOWS\System32\drivers\fdc.sys 13:38:54.0209 0x0ab0 fdc - ok 13:38:54.0214 0x0ab0 [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost C:\WINDOWS\system32\fdPHost.dll 13:38:54.0233 0x0ab0 fdPHost - ok 13:38:54.0237 0x0ab0 [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub C:\WINDOWS\system32\fdrespub.dll 13:38:54.0258 0x0ab0 FDResPub - ok 13:38:54.0266 0x0ab0 [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc C:\WINDOWS\system32\fhsvc.dll 13:38:54.0286 0x0ab0 fhsvc - ok 13:38:54.0293 0x0ab0 [ 8F12AB59336143B680F71B217B495AD2, A28F62F065C68CC1A7EEF0CA52F83C3284B001565D8E154BF8568DE4A525104E ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys 13:38:54.0307 0x0ab0 FileCrypt - ok 13:38:54.0316 0x0ab0 [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys 13:38:54.0328 0x0ab0 FileInfo - ok 13:38:54.0332 0x0ab0 [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys 13:38:54.0352 0x0ab0 Filetrace - ok 13:38:54.0358 0x0ab0 [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys 13:38:54.0373 0x0ab0 flpydisk - ok 13:38:54.0385 0x0ab0 [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 13:38:54.0405 0x0ab0 FltMgr - ok 13:38:54.0446 0x0ab0 [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache C:\WINDOWS\system32\FntCache.dll 13:38:54.0511 0x0ab0 FontCache - ok 13:38:54.0518 0x0ab0 [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 13:38:54.0529 0x0ab0 FontCache3.0.0.0 - ok 13:38:54.0535 0x0ab0 [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys 13:38:54.0547 0x0ab0 FsDepends - ok 13:38:54.0551 0x0ab0 [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 13:38:54.0563 0x0ab0 Fs_Rec - ok 13:38:54.0578 0x0ab0 [ 421497634C86EF4B8F86D0EBC076728F, E0D1449555D8849364E00AA747DBC820EF914A9F5B796E35070072FCBC532ADE ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys 13:38:54.0603 0x0ab0 fvevol - ok 13:38:54.0609 0x0ab0 [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys 13:38:54.0621 0x0ab0 gagp30kx - ok 13:38:54.0626 0x0ab0 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 13:38:54.0635 0x0ab0 GEARAspiWDM - ok 13:38:54.0640 0x0ab0 [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys 13:38:54.0654 0x0ab0 gencounter - ok 13:38:54.0658 0x0ab0 [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys 13:38:54.0671 0x0ab0 genericusbfn - ok 13:38:54.0679 0x0ab0 [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys 13:38:54.0694 0x0ab0 GPIOClx0101 - ok 13:38:54.0736 0x0ab0 [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc C:\WINDOWS\System32\gpsvc.dll 13:38:54.0794 0x0ab0 gpsvc - ok 13:38:54.0799 0x0ab0 [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys 13:38:54.0818 0x0ab0 GpuEnergyDrv - ok 13:38:54.0827 0x0ab0 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 13:38:54.0836 0x0ab0 gupdate - ok 13:38:54.0841 0x0ab0 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 13:38:54.0851 0x0ab0 gupdatem - ok 13:38:54.0856 0x0ab0 [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys 13:38:54.0872 0x0ab0 HDAudBus - ok 13:38:54.0883 0x0ab0 [ 8E424DB88D6DC98F9C9F3F2890C4A3E1, 93ADD09CB1012B91951277D7FF8BA9FDD842F44999E7331DE73BFB2F5F0D2B6F ] HerculesDJControlMP3 C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE 13:38:54.0891 0x0ab0 HerculesDJControlMP3 - detected UnsignedFile.Multi.Generic ( 1 ) 13:38:54.0931 0x1940 Object required for P2P: [ 2619DC483579DB9FE804044C1ADFFD1A ] dam 13:38:55.0150 0x0a60 Object send P2P result: true 13:38:56.0417 0x0b0c Object send P2P result: true 13:38:56.0417 0x0b0c Object required for P2P: [ 8B86696A7030DDBD85B64621BD5B9C44 ] Avira.ServiceHost 13:38:57.0318 0x0ab0 Detect skipped due to KSN trusted 13:38:57.0319 0x0ab0 HerculesDJControlMP3 - ok 13:38:57.0328 0x0ab0 [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys 13:38:57.0366 0x0ab0 HidBatt - ok 13:38:57.0366 0x1940 Object send P2P result: true 13:38:57.0382 0x0ab0 [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys 13:38:57.0424 0x0ab0 HidBth - ok 13:38:57.0433 0x0ab0 [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys 13:38:57.0459 0x0ab0 hidi2c - ok 13:38:57.0468 0x0ab0 [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys 13:38:57.0491 0x0ab0 hidinterrupt - ok 13:38:57.0499 0x0ab0 [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys 13:38:57.0528 0x0ab0 HidIr - ok 13:38:57.0537 0x0ab0 [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv C:\WINDOWS\system32\hidserv.dll 13:38:57.0563 0x0ab0 hidserv - ok 13:38:57.0571 0x0ab0 [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys 13:38:57.0599 0x0ab0 HidUsb - ok 13:38:57.0616 0x0ab0 [ 2FEF4D90C0CAED258C93CFF72A8FFD71, 56473D90E9FE52849067D080FD88B29C0BBE76E5266657E2ABD6366B7A4E9474 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll 13:38:57.0658 0x0ab0 HomeGroupListener - ok 13:38:57.0682 0x0ab0 [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll 13:38:57.0711 0x0ab0 HomeGroupProvider - ok 13:38:57.0717 0x0ab0 [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys 13:38:57.0729 0x0ab0 HpSAMD - ok 13:38:57.0734 0x0ab0 [ A0FFCF6391B5270B2A34E379DE446878, 8AFD522ED2488723D2B72B7BA214272E6ABFAC4F3AA589888FFB35A0A44660CE ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe 13:38:57.0741 0x0ab0 HPSupportSolutionsFrameworkService - ok 13:38:57.0769 0x0ab0 [ 63C3F74DC398A1C1A77E39DFB9C312CA, 283A13899838B4313BFBC406E832042696C549640A1AB11E23C0B9E499289836 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys 13:38:57.0804 0x0ab0 HTTP - ok 13:38:57.0824 0x0ab0 [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys 13:38:57.0835 0x0ab0 hwpolicy - ok 13:38:57.0840 0x0ab0 [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys 13:38:57.0852 0x0ab0 hyperkbd - ok 13:38:57.0857 0x0ab0 [ 40115A0F8E7FF9E786EBBD1D33D39AD7, 5190D3970950251CD0946521C428BF26BF7D68C2984B990B8EFDD406EC9CDFE1 ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys 13:38:57.0873 0x0ab0 HyperVideo - ok 13:38:57.0879 0x0ab0 [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys 13:38:57.0894 0x0ab0 i8042prt - ok 13:38:57.0900 0x0ab0 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys 13:38:57.0916 0x0ab0 iai2c - ok 13:38:57.0925 0x0ab0 [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys 13:38:57.0942 0x0ab0 iaLPSS2i_I2C - ok 13:38:57.0957 0x0ab0 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 13:38:57.0975 0x0ab0 iaLPSSi_GPIO - ok 13:38:57.0988 0x0ab0 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys 13:38:58.0025 0x0ab0 iaLPSSi_I2C - ok 13:38:58.0074 0x0ab0 [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys 13:38:58.0097 0x0ab0 iaStorA - ok 13:38:58.0117 0x0ab0 [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys 13:38:58.0142 0x0ab0 iaStorAV - ok 13:38:58.0151 0x0ab0 [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 13:38:58.0157 0x0ab0 IAStorDataMgrSvc - ok 13:38:58.0172 0x0ab0 [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys 13:38:58.0191 0x0ab0 iaStorV - ok 13:38:58.0204 0x0ab0 [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys 13:38:58.0224 0x0ab0 ibbus - ok 13:38:58.0232 0x0ab0 [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc C:\WINDOWS\System32\tetheringservice.dll 13:38:58.0249 0x0ab0 icssvc - ok 13:38:58.0252 0x0ab0 IEEtwCollectorService - ok 13:38:58.0469 0x0ab0 [ 34E103A5EFF7EADA5ADE6D61294FAA7F, 29AFF3C2C03D75B55D124EBA35534C1D7E2115748C23EAC79CF0FA6CBC994C1F ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys 13:38:58.0627 0x0ab0 igfx - ok 13:38:58.0649 0x0ab0 [ 078DE1A9D9DB0BB617D4DCF1EF925928, 6E197785DE6F83FAB5E049F24CCC3838BB9B9EB20240BD48A2768103172B6242 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe 13:38:58.0665 0x0ab0 igfxCUIService2.0.0.0 - ok 13:38:58.0696 0x0ab0 [ 95A03F67830FDCB950E70261128D540D, D052CB703500E2871CF51E015E444F2A99FA9A7579AC422104F0E411F6107BD0 ] IKEEXT C:\WINDOWS\System32\ikeext.dll 13:38:58.0738 0x0ab0 IKEEXT - ok 13:38:58.0745 0x0ab0 [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys 13:38:58.0752 0x0ab0 intaud_WaveExtensible - ok 13:38:58.0769 0x0ab0 [ EC80E6B9E27DC3E22ED5B2E0E75A39C0, 8EEC89F88AE79DA256BB651983397773F6B25139006C8A7C8F77960F47774CF5 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys 13:38:58.0784 0x0ab0 IntcDAud - ok 13:38:58.0808 0x0ab0 [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 13:38:58.0838 0x0ab0 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 ) 13:38:58.0850 0x0b0c Object send P2P result: true 13:39:01.0279 0x0ab0 Detect skipped due to KSN trusted 13:39:01.0279 0x0ab0 Intel(R) Capability Licensing Service Interface - ok 13:39:01.0328 0x0ab0 [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe 13:39:01.0363 0x0ab0 Intel(R) Capability Licensing Service TCP IP Interface - ok 13:39:01.0368 0x0ab0 [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide C:\WINDOWS\system32\drivers\intelide.sys 13:39:01.0380 0x0ab0 intelide - ok 13:39:01.0385 0x0ab0 [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys 13:39:01.0396 0x0ab0 intelpep - ok 13:39:01.0404 0x0ab0 [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys 13:39:01.0421 0x0ab0 intelppm - ok 13:39:01.0425 0x0ab0 [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos C:\WINDOWS\system32\drivers\ioqos.sys 13:39:01.0439 0x0ab0 IoQos - ok 13:39:01.0444 0x0ab0 [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 13:39:01.0463 0x0ab0 IpFilterDriver - ok 13:39:01.0490 0x0ab0 [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll 13:39:01.0534 0x0ab0 iphlpsvc - ok 13:39:01.0540 0x0ab0 [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys 13:39:01.0555 0x0ab0 IPMIDRV - ok 13:39:01.0562 0x0ab0 [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys 13:39:01.0578 0x0ab0 IPNAT - ok 13:39:01.0596 0x0ab0 [ A4857E8B1DEB9740FB5ADEDF05ED69E0, 24FC7A188D32B08CE4F10EEEF17F37C45DB5433158A7A97A07D43F6BEE58DFFC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 13:39:01.0615 0x0ab0 iPod Service - ok 13:39:01.0620 0x0ab0 [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys 13:39:01.0636 0x0ab0 IRENUM - ok 13:39:01.0640 0x0ab0 [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys 13:39:01.0654 0x0ab0 isapnp - ok 13:39:01.0665 0x0ab0 [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys 13:39:01.0681 0x0ab0 iScsiPrt - ok 13:39:01.0710 0x0ab0 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 13:39:01.0720 0x0ab0 jhi_service - ok 13:39:01.0729 0x0ab0 [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys 13:39:01.0740 0x0ab0 kbdclass - ok 13:39:01.0744 0x0ab0 [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys 13:39:01.0760 0x0ab0 kbdhid - ok 13:39:01.0764 0x0ab0 [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys 13:39:01.0778 0x0ab0 kdnic - ok 13:39:01.0783 0x0ab0 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso C:\WINDOWS\system32\lsass.exe 13:39:01.0796 0x0ab0 KeyIso - ok 13:39:01.0812 0x0ab0 [ 62EBD4202B505ACADE2FBC56CC73E0A2, 2FCA80096B7DB5B42E76F527D9ABCF29AF7D52FC60BED6DD4C11C1BACA0D63F1 ] KL1 C:\WINDOWS\system32\DRIVERS\kl1.sys 13:39:01.0829 0x0ab0 KL1 - ok 13:39:01.0837 0x0ab0 [ E2097C8F18F1E8E3B7D09F12B51843A3, 0506A99BD0962AAE64692BD7F080DB080F8B678DC59685CF22830A47B486430C ] klelam C:\WINDOWS\system32\DRIVERS\klelam.sys 13:39:01.0852 0x0ab0 klelam - ok 13:39:01.0871 0x0ab0 [ 35C5969972905CAFC79E632000848FBB, CBFC9AC0FD629EE9611604976ECA987DE1D4D9E7CBFAC94D0E13F361F0354DB2 ] klflt C:\WINDOWS\system32\DRIVERS\klflt.sys 13:39:01.0883 0x0ab0 klflt - ok 13:39:01.0894 0x0ab0 [ 0698A6918DAF5B1710F5A5170C34FC03, 15CBA4089950812A5815D7517B6C25959A793A55A66F8AA6746618D42A849351 ] klhk C:\WINDOWS\system32\DRIVERS\klhk.sys 13:39:01.0906 0x0ab0 klhk - ok 13:39:01.0929 0x0ab0 [ 07D8BD68D2A173EFEFC788717B96B021, 5D3BB19B9775EACECF3E052183117C2F64969F10AF022227AEFF09455C66A80D ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys 13:39:01.0955 0x0ab0 KLIF - ok 13:39:01.0963 0x0ab0 [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys 13:39:01.0976 0x0ab0 KSecDD - ok 13:39:01.0983 0x0ab0 [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys 13:39:01.0998 0x0ab0 KSecPkg - ok 13:39:02.0002 0x0ab0 [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys 13:39:02.0015 0x0ab0 ksthunk - ok 13:39:02.0029 0x0ab0 [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm C:\WINDOWS\system32\msdtckrm.dll 13:39:02.0054 0x0ab0 KtmRm - ok 13:39:02.0065 0x0ab0 [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll 13:39:02.0087 0x0ab0 LanmanServer - ok 13:39:02.0099 0x0ab0 [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll 13:39:02.0120 0x0ab0 LanmanWorkstation - ok 13:39:02.0151 0x0ab0 [ DA297A7BAB4E3889CFF60C02AE7BFB5D, 9E533D6FE2C9777A298F1E09C6E74F4135CC32D406382655EA9C0B7B2C533F3E ] Lenovo EasyPlus Hotspot C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe 13:39:02.0170 0x0ab0 Lenovo EasyPlus Hotspot - ok 13:39:02.0198 0x0ab0 [ 8CD7568B0F809731D931144DE376FD16, 78902FA1BED048B336DE71FB82A3614A58BBAA834483F2F2B5ABF4A70FA491F3 ] Lenovo System Agent Service C:\Program Files\Lenovo\iMController\SystemAgentService.exe 13:39:02.0216 0x0ab0 Lenovo System Agent Service - ok 13:39:02.0225 0x0ab0 [ 031199B929009F268A478F0283E1CE32, B7BFB848A03535C16798085D489AB294935955F2982330B39190B2074BF9122B ] LenovoWiFiHotspotSvr C:\Windows\System32\LenovoWiFiHotspotSvr.exe 13:39:02.0236 0x0ab0 LenovoWiFiHotspotSvr - ok 13:39:02.0242 0x0ab0 [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc C:\WINDOWS\System32\lfsvc.dll 13:39:02.0255 0x0ab0 lfsvc - ok 13:39:02.0259 0x0ab0 [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll 13:39:02.0273 0x0ab0 LicenseManager - ok 13:39:02.0278 0x0ab0 [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys 13:39:02.0296 0x0ab0 lltdio - ok 13:39:02.0307 0x0ab0 [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll 13:39:02.0329 0x0ab0 lltdsvc - ok 13:39:02.0334 0x0ab0 [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll 13:39:02.0349 0x0ab0 lmhosts - ok 13:39:02.0362 0x0ab0 [ 3DE66F47365AA8CEB18B1EE272F4FEBA, 8DDD6AB4AEDE3B2FEA0D3B63DD24E3F3422D6ADE067756A3919FCED53C349167 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 13:39:02.0376 0x0ab0 LMS - ok 13:39:02.0385 0x0ab0 [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys 13:39:02.0398 0x0ab0 LSI_SAS - ok 13:39:02.0404 0x0ab0 [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys 13:39:02.0420 0x0ab0 LSI_SAS2i - ok 13:39:02.0425 0x0ab0 [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys 13:39:02.0438 0x0ab0 LSI_SAS3i - ok 13:39:02.0443 0x0ab0 [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys 13:39:02.0457 0x0ab0 LSI_SSS - ok 13:39:02.0478 0x0ab0 [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM C:\WINDOWS\System32\lsm.dll 13:39:02.0512 0x0ab0 LSM - ok 13:39:02.0519 0x0ab0 [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv C:\WINDOWS\system32\drivers\luafv.sys 13:39:02.0539 0x0ab0 luafv - ok 13:39:02.0544 0x0ab0 [ 9BC40C5A140B5F380042E391CC95993F, 4FFE8A6A473530CE171AC47C7E8D51B8C29BDC209E7129F66B06F8D40F07DAED ] MapsBroker C:\WINDOWS\System32\moshost.dll 13:39:02.0562 0x0ab0 MapsBroker - ok 13:39:02.0566 0x0ab0 [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas C:\WINDOWS\system32\drivers\megasas.sys 13:39:02.0580 0x0ab0 megasas - ok 13:39:02.0595 0x0ab0 [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr C:\WINDOWS\system32\drivers\megasr.sys 13:39:02.0619 0x0ab0 megasr - ok 13:39:02.0696 0x0ab0 [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys 13:39:02.0721 0x0ab0 MEIx64 - ok 13:39:02.0759 0x0ab0 [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll 13:39:02.0807 0x0ab0 MessagingService - ok 13:39:02.0883 0x0ab0 [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys 13:39:02.0924 0x0ab0 mlx4_bus - ok 13:39:02.0931 0x0ab0 [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys 13:39:02.0945 0x0ab0 MMCSS - ok 13:39:02.0950 0x0ab0 [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem C:\WINDOWS\system32\drivers\modem.sys 13:39:02.0969 0x0ab0 Modem - ok 13:39:02.0973 0x0ab0 [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor C:\WINDOWS\System32\drivers\monitor.sys 13:39:02.0986 0x0ab0 monitor - ok 13:39:02.0992 0x0ab0 [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\WINDOWS\System32\drivers\MijXfilt.sys 13:39:03.0006 0x0ab0 MotioninJoyXFilter - detected UnsignedFile.Multi.Generic ( 1 ) 13:39:05.0449 0x0ab0 Detect skipped due to KSN trusted 13:39:05.0449 0x0ab0 MotioninJoyXFilter - ok 13:39:05.0460 0x0ab0 [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys 13:39:05.0492 0x0ab0 mouclass - ok 13:39:05.0500 0x0ab0 [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys 13:39:05.0522 0x0ab0 mouhid - ok 13:39:05.0531 0x0ab0 [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys 13:39:05.0553 0x0ab0 mountmgr - ok |
29.04.2016, 14:26 | #6 |
| PC gehackt und Screenshots via Facebook verschickt TEIL 2 der zweiten Logfile von TDSSKiller: Code:
ATTFilter 13:39:05.0563 0x0ab0 [ F5CEB5CE82DC9CC94873C487DF2BA73C, 21F3335A9F01084F6F95F16D61D3E3ED80CE3D887ED15DD025D4E296F239B16B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 13:39:05.0584 0x0ab0 MozillaMaintenance - ok 13:39:05.0593 0x0ab0 [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys 13:39:05.0619 0x0ab0 mpsdrv - ok 13:39:05.0656 0x0ab0 [ 553F19DC6F3F73545CB17FCD7A8AE37B, 49ABB625EB9C2981254EEA1FE7858DF630BA2D65653CC91CD4FEEACF69C5392F ] MpsSvc C:\WINDOWS\system32\mpssvc.dll 13:39:05.0702 0x0ab0 MpsSvc - ok 13:39:05.0711 0x0ab0 [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys 13:39:05.0727 0x0ab0 MRxDAV - ok 13:39:05.0753 0x0ab0 [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 13:39:05.0792 0x0ab0 mrxsmb - ok 13:39:05.0808 0x0ab0 [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys 13:39:05.0842 0x0ab0 mrxsmb10 - ok 13:39:05.0854 0x0ab0 [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys 13:39:05.0879 0x0ab0 mrxsmb20 - ok 13:39:05.0887 0x0ab0 [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys 13:39:05.0903 0x0ab0 MsBridge - ok 13:39:05.0910 0x0ab0 [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe 13:39:05.0929 0x0ab0 MSDTC - ok 13:39:05.0938 0x0ab0 [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 13:39:05.0958 0x0ab0 Msfs - ok 13:39:05.0964 0x0ab0 [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys 13:39:05.0979 0x0ab0 msgpiowin32 - ok 13:39:05.0985 0x0ab0 [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys 13:39:05.0999 0x0ab0 mshidkmdf - ok 13:39:06.0004 0x0ab0 [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys 13:39:06.0017 0x0ab0 mshidumdf - ok 13:39:06.0020 0x0ab0 [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys 13:39:06.0034 0x0ab0 msisadrv - ok 13:39:06.0041 0x0ab0 [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll 13:39:06.0059 0x0ab0 MSiSCSI - ok 13:39:06.0063 0x0ab0 msiserver - ok 13:39:06.0068 0x0ab0 [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys 13:39:06.0081 0x0ab0 MSKSSRV - ok 13:39:06.0086 0x0ab0 [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys 13:39:06.0104 0x0ab0 MsLldp - ok 13:39:06.0123 0x0ab0 [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys 13:39:06.0136 0x0ab0 MSPCLOCK - ok 13:39:06.0140 0x0ab0 [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys 13:39:06.0153 0x0ab0 MSPQM - ok 13:39:06.0163 0x0ab0 [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys 13:39:06.0184 0x0ab0 MsRPC - ok 13:39:06.0190 0x0ab0 [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys 13:39:06.0202 0x0ab0 mssmbios - ok 13:39:06.0206 0x0ab0 [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys 13:39:06.0220 0x0ab0 MSTEE - ok 13:39:06.0224 0x0ab0 [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys 13:39:06.0238 0x0ab0 MTConfig - ok 13:39:06.0243 0x0ab0 [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup C:\WINDOWS\system32\Drivers\mup.sys 13:39:06.0258 0x0ab0 Mup - ok 13:39:06.0263 0x0ab0 [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys 13:39:06.0276 0x0ab0 mvumis - ok 13:39:06.0310 0x0ab0 [ AA4CD20708B7E0412A5316D7E2875103, 4E60A0865B7656735F3AB34AF5FE48304138F47DE961D4D16661617D711DEBC0 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys 13:39:06.0346 0x0ab0 NativeWifiP - ok 13:39:06.0355 0x0ab0 [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll 13:39:06.0374 0x0ab0 NcaSvc - ok 13:39:06.0386 0x0ab0 [ 24146738C422814EEB2A98FF1FC5C6E1, 3C70C6768681CE63DED339822EFB36194037B987D92456B9E955061A3A3C63BC ] NcbService C:\WINDOWS\System32\ncbservice.dll 13:39:06.0409 0x0ab0 NcbService - ok 13:39:06.0416 0x0ab0 [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll 13:39:06.0440 0x0ab0 NcdAutoSetup - ok 13:39:06.0445 0x0ab0 [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys 13:39:06.0458 0x0ab0 ndfltr - ok 13:39:06.0489 0x0ab0 [ E582DA849A58524E645545FB68B6625D, B74E2CF078F6C575EFC4A2E4293D03FE6BA933307D656E0E57FFA17EF324948D ] NDIS C:\WINDOWS\system32\drivers\ndis.sys 13:39:06.0524 0x0ab0 NDIS - ok 13:39:06.0531 0x0ab0 [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys 13:39:06.0546 0x0ab0 NdisCap - ok 13:39:06.0552 0x0ab0 [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys 13:39:06.0572 0x0ab0 NdisImPlatform - ok 13:39:06.0576 0x0ab0 [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 13:39:06.0593 0x0ab0 NdisTapi - ok 13:39:06.0598 0x0ab0 [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys 13:39:06.0612 0x0ab0 Ndisuio - ok 13:39:06.0616 0x0ab0 [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys 13:39:06.0632 0x0ab0 NdisVirtualBus - ok 13:39:06.0639 0x0ab0 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys 13:39:06.0660 0x0ab0 NdisWan - ok 13:39:06.0669 0x0ab0 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys 13:39:06.0691 0x0ab0 ndiswanlegacy - ok 13:39:06.0696 0x0ab0 [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys 13:39:06.0714 0x0ab0 ndproxy - ok 13:39:06.0721 0x0ab0 [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys 13:39:06.0737 0x0ab0 Ndu - ok 13:39:06.0742 0x0ab0 [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys 13:39:06.0755 0x0ab0 NetBIOS - ok 13:39:06.0766 0x0ab0 [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 13:39:06.0786 0x0ab0 NetBT - ok 13:39:06.0792 0x0ab0 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon C:\WINDOWS\system32\lsass.exe 13:39:06.0804 0x0ab0 Netlogon - ok 13:39:06.0814 0x0ab0 [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman C:\WINDOWS\System32\netman.dll 13:39:06.0838 0x0ab0 Netman - ok 13:39:06.0855 0x0ab0 [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm C:\WINDOWS\System32\netprofmsvc.dll 13:39:06.0886 0x0ab0 netprofm - ok 13:39:06.0897 0x0ab0 [ C5DEEC4F7ED591D1E322899ADC4EE45F, CA3BE40FA1216F77C6D5B9FD518378DB9561163BFDC90C8CB1C2C2EA4112B263 ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll 13:39:06.0917 0x0ab0 NetSetupSvc - ok 13:39:06.0933 0x0ab0 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 13:39:06.0944 0x0ab0 NetTcpPortSharing - ok 13:39:06.0951 0x0ab0 [ 2BB62723C835F75F0C7C9E6A736881FB, CBA690F5205BE8AE1E8ED8A47BC1594E05391DAC30AAEE0A055366F24602346C ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys 13:39:06.0968 0x0ab0 netvsc - ok 13:39:06.0982 0x0ab0 [ 91B32D7036700BEED5343E1F6A7122CC, 8123CA398A79F0E69126F962AA29C2464FAB50182E961CB6A6ADB6CEA09A6732 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll 13:39:07.0003 0x0ab0 NgcCtnrSvc - ok 13:39:07.0049 0x0ab0 [ C64B693DF26EB7BFF25F9BAD8B54D571, 12363E81B329D048E0148739AA542958F7CAF6FF3404BB001AF51850EF84338D ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll 13:39:07.0082 0x0ab0 NgcSvc - ok 13:39:07.0095 0x0ab0 [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll 13:39:07.0122 0x0ab0 NlaSvc - ok 13:39:07.0127 0x0ab0 [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 13:39:07.0143 0x0ab0 Npfs - ok 13:39:07.0148 0x0ab0 [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys 13:39:07.0160 0x0ab0 npsvctrig - ok 13:39:07.0167 0x0ab0 [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi C:\WINDOWS\system32\nsisvc.dll 13:39:07.0181 0x0ab0 nsi - ok 13:39:07.0186 0x0ab0 [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys 13:39:07.0200 0x0ab0 nsiproxy - ok 13:39:07.0306 0x0ab0 [ 19BD8A88AAC580592668B070AC0727D9, 60DB84895C40E6412BEB2D0E4D7F05891446B9DE992D70579CC90BA3FB27FC01 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys 13:39:07.0368 0x0ab0 NTFS - ok 13:39:07.0375 0x0ab0 [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null C:\WINDOWS\system32\drivers\Null.sys 13:39:07.0388 0x0ab0 Null - ok 13:39:07.0723 0x0ab0 [ DF0BB2C179476D312B7BC0056CEC50A6, 64CC3201FA903E0EC9C99BE167C439C14A4C9AC2A88898B64789EEB381DB97B6 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys 13:39:07.0946 0x0ab0 nvlddmkm - ok 13:39:07.0981 0x0ab0 [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys 13:39:07.0994 0x0ab0 nvraid - ok 13:39:08.0003 0x0ab0 [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys 13:39:08.0019 0x0ab0 nvstor - ok 13:39:08.0045 0x0ab0 [ DFCCA437717EACA8418F47992A41B39A, E587A629B894EE6A16AC414747D492FFC6B6E9F051B40F7D25F0D4406E2FF919 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe 13:39:08.0073 0x0ab0 nvsvc - ok 13:39:08.0134 0x0ab0 [ 10DEF604B1929D9515969E1CAE7D250A, AC343E716453B9CA16B4763A714FB4B09671D8EB56A8C46C22CBD769EB7937C4 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 13:39:08.0177 0x0ab0 nvUpdatusService - ok 13:39:08.0187 0x0ab0 [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys 13:39:08.0201 0x0ab0 nv_agp - ok 13:39:08.0213 0x0ab0 [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll 13:39:08.0239 0x0ab0 OneSyncSvc - ok 13:39:08.0267 0x0ab0 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll 13:39:08.0289 0x0ab0 p2pimsvc - ok 13:39:08.0321 0x0ab0 [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc C:\WINDOWS\system32\p2psvc.dll 13:39:08.0347 0x0ab0 p2psvc - ok 13:39:08.0353 0x0ab0 [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport C:\WINDOWS\System32\drivers\parport.sys 13:39:08.0368 0x0ab0 Parport - ok 13:39:08.0374 0x0ab0 [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys 13:39:08.0387 0x0ab0 partmgr - ok 13:39:08.0424 0x0ab0 [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll 13:39:08.0451 0x0ab0 PcaSvc - ok 13:39:08.0487 0x0ab0 [ 1D4E995955BDAE781C46CB97AE1CFB58, FF7475F19782CA253AA839DDB86E5AC20C5785D5CC1DD57D9FECBE4F5A5C0BFB ] pci C:\WINDOWS\system32\drivers\pci.sys 13:39:08.0522 0x0ab0 pci - ok 13:39:08.0526 0x0ab0 [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide C:\WINDOWS\system32\drivers\pciide.sys 13:39:08.0538 0x0ab0 pciide - ok 13:39:08.0563 0x0ab0 [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys 13:39:08.0575 0x0ab0 pcmcia - ok 13:39:08.0580 0x0ab0 [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw C:\WINDOWS\system32\drivers\pcw.sys 13:39:08.0592 0x0ab0 pcw - ok 13:39:08.0598 0x0ab0 [ 48F3A3222CF340FE31535CB6D49C6D6F, 5F8904871219FA6C1BD74747583855B0FBCE42F340A3BE10270D8D3F02766E9D ] pdc C:\WINDOWS\system32\drivers\pdc.sys 13:39:08.0610 0x0ab0 pdc - ok 13:39:08.0632 0x0ab0 [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys 13:39:08.0667 0x0ab0 PEAUTH - ok 13:39:08.0673 0x0ab0 [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys 13:39:08.0685 0x0ab0 percsas2i - ok 13:39:08.0691 0x0ab0 [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys 13:39:08.0703 0x0ab0 percsas3i - ok 13:39:08.0779 0x0ab0 [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe 13:39:08.0791 0x0ab0 PerfHost - ok 13:39:08.0819 0x0ab0 [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll 13:39:08.0855 0x0ab0 PhoneSvc - ok 13:39:08.0866 0x0ab0 [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll 13:39:08.0885 0x0ab0 PimIndexMaintenanceSvc - ok 13:39:08.0931 0x0ab0 [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla C:\WINDOWS\system32\pla.dll 13:39:08.0991 0x0ab0 pla - ok 13:39:08.0999 0x0ab0 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll 13:39:09.0020 0x0ab0 PlugPlay - ok 13:39:09.0028 0x0ab0 [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll 13:39:09.0042 0x0ab0 PNRPAutoReg - ok 13:39:09.0054 0x0ab0 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll 13:39:09.0078 0x0ab0 PNRPsvc - ok 13:39:09.0091 0x0ab0 [ 5A91C28F99043215121499257468C4BD, 816D2AEBA29B8A050747E01CE11EB12A05C1CDDF91835C44BBB6A7B9D348B15A ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll 13:39:09.0117 0x0ab0 PolicyAgent - ok 13:39:09.0126 0x0ab0 [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power C:\WINDOWS\system32\umpo.dll 13:39:09.0143 0x0ab0 Power - ok 13:39:09.0149 0x0ab0 [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys 13:39:09.0166 0x0ab0 PptpMiniport - ok 13:39:09.0317 0x0ab0 [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll 13:39:09.0425 0x0ab0 PrintNotify - ok 13:39:09.0447 0x0ab0 [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor C:\WINDOWS\System32\drivers\processr.sys 13:39:09.0461 0x0ab0 Processor - ok 13:39:09.0473 0x0ab0 [ 7E0078F1EFEB6F8F47CF85C1D73C7EBC, 831BC3CE72F29AD259DEE7121D6F785CE0A8462CFB69DD7FB1F3BDAF16CDBF3E ] ProfSvc C:\WINDOWS\system32\profsvc.dll 13:39:09.0496 0x0ab0 ProfSvc - ok 13:39:09.0515 0x0ab0 [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched C:\WINDOWS\system32\drivers\pacer.sys 13:39:09.0529 0x0ab0 Psched - ok 13:39:09.0557 0x0ab0 [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE C:\WINDOWS\system32\qwave.dll 13:39:09.0579 0x0ab0 QWAVE - ok 13:39:09.0584 0x0ab0 [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys 13:39:09.0598 0x0ab0 QWAVEdrv - ok 13:39:09.0602 0x0ab0 [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 13:39:09.0616 0x0ab0 RasAcd - ok 13:39:09.0621 0x0ab0 [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys 13:39:09.0639 0x0ab0 RasAgileVpn - ok 13:39:09.0645 0x0ab0 [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto C:\WINDOWS\System32\rasauto.dll 13:39:09.0661 0x0ab0 RasAuto - ok 13:39:09.0669 0x0ab0 [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys 13:39:09.0684 0x0ab0 Rasl2tp - ok 13:39:09.0703 0x0ab0 [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan C:\WINDOWS\System32\rasmans.dll 13:39:09.0740 0x0ab0 RasMan - ok 13:39:09.0746 0x0ab0 [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe C:\WINDOWS\System32\drivers\raspppoe.sys 13:39:09.0766 0x0ab0 RasPppoe - ok 13:39:09.0771 0x0ab0 [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys 13:39:09.0787 0x0ab0 RasSstp - ok 13:39:09.0800 0x0ab0 [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 13:39:09.0824 0x0ab0 rdbss - ok 13:39:09.0831 0x0ab0 [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys 13:39:09.0846 0x0ab0 rdpbus - ok 13:39:09.0854 0x0ab0 [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys 13:39:09.0878 0x0ab0 RDPDR - ok 13:39:09.0888 0x0ab0 [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys 13:39:09.0900 0x0ab0 RdpVideoMiniport - ok 13:39:09.0909 0x0ab0 [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys 13:39:09.0924 0x0ab0 rdyboost - ok 13:39:09.0969 0x0ab0 [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys 13:39:10.0001 0x0ab0 ReFSv1 - ok 13:39:10.0031 0x0ab0 [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 13:39:10.0060 0x0ab0 RemoteAccess - ok 13:39:10.0068 0x0ab0 [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 13:39:10.0089 0x0ab0 RemoteRegistry - ok 13:39:10.0118 0x0ab0 [ 518A992A6700A86A47F79388F91737C0, 29B5D48F1E360714F9BCB26939AD49ED07F6D9C82E0DB5C9C6AF5B0BBFF04341 ] RetailDemo C:\WINDOWS\system32\RDXService.dll 13:39:10.0163 0x0ab0 RetailDemo - ok 13:39:10.0184 0x0ab0 [ FBA61BB4C484A01A655AFB18FF86C417, D53B2110CB09D0A909C4E330C468351BFE076BB056CCDDCB8ADA2FB91E96352E ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe 13:39:10.0197 0x0ab0 RichVideo64 - ok 13:39:10.0208 0x0ab0 [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll 13:39:10.0235 0x0ab0 RpcEptMapper - ok 13:39:10.0239 0x0ab0 [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator C:\WINDOWS\system32\locator.exe 13:39:10.0254 0x0ab0 RpcLocator - ok 13:39:10.0279 0x0ab0 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs C:\WINDOWS\system32\rpcss.dll 13:39:10.0318 0x0ab0 RpcSs - ok 13:39:10.0327 0x0ab0 [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys 13:39:10.0345 0x0ab0 rspndr - ok 13:39:10.0469 0x0ab0 [ FA00B16D06217288AFD700223DA131BA, 90688C3A8403FEF2A90550781CBA932A522125B47D71F3F0AF73E21E43BC5564 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys 13:39:10.0509 0x0ab0 rt640x64 - ok 13:39:10.0541 0x0ab0 [ 8CF15A5A9FC24323E2B63DDF9788C74E, 4E91D45DB6E811B5DC75DD96EEE8813414F243D82AA789F7C2D464463B4DE7F4 ] RtkBtFilter C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys 13:39:10.0560 0x0ab0 RtkBtFilter - ok 13:39:10.0574 0x0ab0 [ 87CCF37EC2858FCF7689F8FC0B72F39A, 60B71BDC7388887AC7EB2C869DEAF86DD06B7EB9DEE3CF4F4DFE2D1BCE3BDAA8 ] RTSUER C:\WINDOWS\system32\Drivers\RtsUer.sys 13:39:10.0589 0x0ab0 RTSUER - ok 13:39:10.0718 0x0ab0 [ 14F73F34745B8EEF780181910B3BF41F, 7A7073334C84E7488656058202772E3861A5A81B14D4CF0899F712C8C3F26A95 ] rtsuvc C:\WINDOWS\system32\DRIVERS\rtsuvc.sys 13:39:10.0814 0x0ab0 rtsuvc - ok 13:39:10.0914 0x0ab0 [ 52BFDF19FBFDC7C8E811C73350CA2B52, E8385F78C133B06D6A7F488DAB7308A7D3ED7181C7CE02D150912CA9ABFC4C94 ] RTWlanE C:\WINDOWS\System32\drivers\rtwlane.sys 13:39:11.0027 0x0ab0 RTWlanE - ok 13:39:11.0039 0x0ab0 [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys 13:39:11.0051 0x0ab0 s3cap - ok 13:39:11.0056 0x0ab0 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs C:\WINDOWS\system32\lsass.exe 13:39:11.0069 0x0ab0 SamSs - ok 13:39:11.0072 0x0ab0 SAService - ok 13:39:11.0080 0x0ab0 [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys 13:39:11.0092 0x0ab0 sbp2port - ok 13:39:11.0128 0x0ab0 [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll 13:39:11.0150 0x0ab0 SCardSvr - ok 13:39:11.0158 0x0ab0 [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll 13:39:11.0180 0x0ab0 ScDeviceEnum - ok 13:39:11.0186 0x0ab0 [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys 13:39:11.0205 0x0ab0 scfilter - ok 13:39:11.0234 0x0ab0 [ EA195B8BC11C1CDB313CFD456EFFA0E9, EEDF349C59ED0645B04040707906BB4496527243858C2A6BE46BE7029B4A7F37 ] Schedule C:\WINDOWS\system32\schedsvc.dll 13:39:11.0282 0x0ab0 Schedule - ok 13:39:11.0301 0x0ab0 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc C:\WINDOWS\System32\certprop.dll 13:39:11.0330 0x0ab0 SCPolicySvc - ok 13:39:11.0342 0x0ab0 [ B24408471C1BCB17FC44F5B47EA8DEA3, 1CFE07C793F2A3D883E9071B8703C01A7619C8C0A02AAEBAA1130F36654AFD4F ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys 13:39:11.0359 0x0ab0 sdbus - ok 13:39:11.0368 0x0ab0 [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll 13:39:11.0386 0x0ab0 SDRSVC - ok 13:39:11.0402 0x0ab0 [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys 13:39:11.0414 0x0ab0 sdstor - ok 13:39:11.0419 0x0ab0 [ EBD07BD20B5E0E92A398566EF8720F79, 8A88C861D4113B9938C32CBD28FD3D7F1C3133E700E23E17F5DFD7B26CCDA04A ] seclogon C:\WINDOWS\system32\seclogon.dll 13:39:11.0433 0x0ab0 seclogon - ok 13:39:11.0439 0x0ab0 [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS C:\WINDOWS\System32\sens.dll 13:39:11.0460 0x0ab0 SENS - ok 13:39:11.0493 0x0ab0 [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe 13:39:11.0573 0x0ab0 SensorDataService - ok 13:39:11.0598 0x0ab0 [ 45D26646E3AD737E5DE3DB91CCCE7DBA, B05AB32700998C8347BC5797B18EB97F303FCB2302BED852348F2703DEDE72F9 ] SensorService C:\WINDOWS\system32\SensorService.dll 13:39:11.0646 0x0ab0 SensorService - ok 13:39:11.0661 0x0ab0 [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll 13:39:11.0696 0x0ab0 SensrSvc - ok 13:39:11.0730 0x0ab0 [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys 13:39:11.0763 0x0ab0 SerCx - ok 13:39:11.0783 0x0ab0 [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys 13:39:11.0807 0x0ab0 SerCx2 - ok 13:39:11.0814 0x0ab0 [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys 13:39:11.0837 0x0ab0 Serenum - ok 13:39:11.0849 0x0ab0 [ 249A563C48DFD9E42A37587653E003BB, D022FAE2B7AC9D99B9F230A4DF0B045891588162587E1F468B5E05C8DA98AA9A ] Serial C:\WINDOWS\System32\drivers\serial.sys 13:39:11.0873 0x0ab0 Serial - ok 13:39:11.0881 0x0ab0 [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys 13:39:11.0905 0x0ab0 sermouse - ok 13:39:11.0928 0x0ab0 [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv C:\WINDOWS\system32\sessenv.dll 13:39:11.0953 0x0ab0 SessionEnv - ok 13:39:11.0957 0x0ab0 [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys 13:39:11.0975 0x0ab0 sfloppy - ok 13:39:11.0989 0x0ab0 [ F8083C536BEDE61AFB4069D8A8C16DA7, 13AADAD7B5582911B8ABBE0CF7132CC517F7413A361CCF8ED502F803D061FFA3 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 13:39:12.0017 0x0ab0 SharedAccess - ok 13:39:12.0058 0x0ab0 [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 13:39:12.0096 0x0ab0 ShellHWDetection - ok 13:39:12.0102 0x0ab0 [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys 13:39:12.0114 0x0ab0 SiSRaid2 - ok 13:39:12.0120 0x0ab0 [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys 13:39:12.0134 0x0ab0 SiSRaid4 - ok 13:39:12.0144 0x0ab0 [ 3E98CE04689597C76B3EF4D3D0323836, F7FFF675066281190C236F2995EB003A1779231E5164EEE6BEE334A4240B1DF9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 13:39:12.0162 0x0ab0 SkypeUpdate - ok 13:39:12.0167 0x0ab0 [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost C:\WINDOWS\System32\smphost.dll 13:39:12.0185 0x0ab0 smphost - ok 13:39:12.0204 0x0ab0 [ F07301C282AA222C33F8C28B4F545275, 2938943A3A62B33C8296DF3B57897D32293F5395A5E2A01C76B0160A98C12520 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll 13:39:12.0248 0x0ab0 SmsRouter - ok 13:39:12.0270 0x0ab0 [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe 13:39:12.0309 0x0ab0 SNMPTRAP - ok 13:39:12.0342 0x0ab0 [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys 13:39:12.0380 0x0ab0 spaceport - ok 13:39:12.0414 0x0ab0 [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys 13:39:12.0449 0x0ab0 SpbCx - ok 13:39:12.0486 0x0ab0 [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler C:\WINDOWS\System32\spoolsv.exe 13:39:12.0533 0x0ab0 Spooler - ok 13:39:12.0770 0x0ab0 [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc C:\WINDOWS\system32\sppsvc.exe 13:39:12.0929 0x0ab0 sppsvc - ok 13:39:12.0951 0x0ab0 [ ACC1709EC7FE6EB8999DBC91C50C2B34, 83ABF51751A264291C53A32B86239A607361E56CB045CD2CBE6E41DBB8A01F54 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys 13:39:12.0977 0x0ab0 srv - ok 13:39:12.0994 0x0ab0 [ AFBCFC946FAE7483E27BD316D03F94A5, CC9478EA717E85C38304957E923997821DFE2A995D7C8DF98C15267D952BEFBE ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys 13:39:13.0026 0x0ab0 srv2 - ok 13:39:13.0035 0x0ab0 [ 107C1EBE79710E4A759449BD6604245A, 963D693F4E61EDC7B3AA9006CC274D56E577CE0035A61DDB2A6DE72116D5C52B ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys 13:39:13.0054 0x0ab0 srvnet - ok 13:39:13.0064 0x0ab0 [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 13:39:13.0087 0x0ab0 SSDPSRV - ok 13:39:13.0096 0x0ab0 [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll 13:39:13.0117 0x0ab0 SstpSvc - ok 13:39:13.0126 0x0ab0 [ 9B74226E10CD57E965F87014841016F9, 95C76049DBBF3B31A9B01CFD0EDAAC47DE9A1F096B61D05C47FB85E1AFC07288 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys 13:39:13.0138 0x0ab0 ssudmdm - ok 13:39:13.0267 0x0ab0 [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll 13:39:13.0369 0x0ab0 StateRepository - ok 13:39:13.0397 0x0ab0 [ D27C8C88CEB69075465B41DA6ECF3374, B1A70A30787080474E901E4743996EEE4FCD09BEDBBA89CE57ACAE05A67907AB ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 13:39:13.0505 0x0ab0 Steam Client Service - ok 13:39:13.0521 0x0ab0 [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys 13:39:13.0561 0x0ab0 stexstor - ok 13:39:13.0590 0x0ab0 [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc C:\WINDOWS\System32\wiaservc.dll 13:39:13.0662 0x0ab0 stisvc - ok 13:39:13.0674 0x0ab0 [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci C:\WINDOWS\system32\drivers\storahci.sys 13:39:13.0699 0x0ab0 storahci - ok 13:39:13.0716 0x0ab0 [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys 13:39:13.0734 0x0ab0 storflt - ok 13:39:13.0743 0x0ab0 [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys 13:39:13.0766 0x0ab0 stornvme - ok 13:39:13.0773 0x0ab0 [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys 13:39:13.0789 0x0ab0 storqosflt - ok 13:39:13.0809 0x0ab0 [ E5C3042B68D4EA89B3C52E150E553DA0, 83428E8EFC584778745F6B30F6F8FD96A645AD33F39AA955E97F9A0D458847B1 ] StorSvc C:\WINDOWS\system32\storsvc.dll 13:39:13.0855 0x0ab0 StorSvc - ok 13:39:13.0865 0x0ab0 [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs C:\WINDOWS\system32\drivers\storufs.sys 13:39:13.0889 0x0ab0 storufs - ok 13:39:13.0897 0x0ab0 [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys 13:39:13.0920 0x0ab0 storvsc - ok 13:39:13.0929 0x0ab0 [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc C:\WINDOWS\system32\svsvc.dll 13:39:13.0967 0x0ab0 svsvc - ok 13:39:13.0975 0x0ab0 [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum C:\WINDOWS\System32\drivers\swenum.sys 13:39:13.0998 0x0ab0 swenum - ok 13:39:14.0019 0x0ab0 [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv C:\WINDOWS\System32\swprv.dll 13:39:14.0049 0x0ab0 swprv - ok 13:39:14.0055 0x0ab0 [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys 13:39:14.0069 0x0ab0 Synth3dVsc - ok 13:39:14.0099 0x0ab0 [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain C:\WINDOWS\system32\sysmain.dll 13:39:14.0157 0x0ab0 SysMain - ok 13:39:14.0173 0x0ab0 [ AF2C8D7C1D4DCFD5C31501F009DF42B7, 3DDF9353F014EE99B031BBC969620CA07647FBB8D78EB4697C8D633021B46B11 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll 13:39:14.0205 0x0ab0 SystemEventsBroker - ok 13:39:14.0215 0x0ab0 [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll 13:39:14.0238 0x0ab0 TabletInputService - ok 13:39:14.0260 0x0ab0 [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 13:39:14.0287 0x0ab0 TapiSrv - ok 13:39:14.0353 0x0ab0 [ 083A727D784009F9CCFB120C7841B7AF, 14242ECC3EB17154AD856A2C5229324BA6914291F4E2CD93E6AE251A31130448 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys 13:39:14.0429 0x0ab0 Tcpip - ok 13:39:14.0481 0x0ab0 [ 083A727D784009F9CCFB120C7841B7AF, 14242ECC3EB17154AD856A2C5229324BA6914291F4E2CD93E6AE251A31130448 ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys 13:39:14.0544 0x0ab0 Tcpip6 - ok 13:39:14.0567 0x0ab0 [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys 13:39:14.0583 0x0ab0 tcpipreg - ok 13:39:14.0592 0x0ab0 [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys 13:39:14.0604 0x0ab0 tdx - ok 13:39:14.0610 0x0ab0 [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys 13:39:14.0621 0x0ab0 terminpt - ok 13:39:14.0649 0x0ab0 [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService C:\WINDOWS\System32\termsrv.dll 13:39:14.0694 0x0ab0 TermService - ok 13:39:14.0707 0x0ab0 [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes C:\WINDOWS\system32\themeservice.dll 13:39:14.0730 0x0ab0 Themes - ok 13:39:14.0741 0x0ab0 [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe 13:39:14.0766 0x0ab0 TieringEngineService - ok 13:39:14.0783 0x0ab0 [ 62300878366762EABAC7834543964A6E, 84E3DE6C93B31CBA71BA90669EB52C3122774E0EF803390EE8A483164D2CFE18 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll 13:39:14.0810 0x0ab0 tiledatamodelsvc - ok 13:39:14.0818 0x0ab0 [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll 13:39:14.0835 0x0ab0 TimeBroker - ok 13:39:14.0844 0x0ab0 [ 169B0A246067457FEF8A18EED7EED9D5, BF5AC0CB29E1E456253B881CD0608B578D7343E9DFE1738A14598D1DFFE1AB66 ] TPM C:\WINDOWS\System32\drivers\tpm.sys 13:39:14.0860 0x0ab0 TPM - ok 13:39:14.0866 0x0ab0 [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks C:\WINDOWS\System32\trkwks.dll 13:39:14.0884 0x0ab0 TrkWks - ok 13:39:14.0890 0x0ab0 [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe 13:39:14.0908 0x0ab0 TrustedInstaller - ok 13:39:14.0915 0x0ab0 [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys 13:39:14.0929 0x0ab0 tsusbflt - ok 13:39:14.0933 0x0ab0 [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys 13:39:14.0947 0x0ab0 TsUsbGD - ok 13:39:14.0954 0x0ab0 [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys 13:39:14.0974 0x0ab0 tunnel - ok 13:39:14.0981 0x0ab0 [ 56C238ACFE4CB020D3E38508249039EA, 172868080F07D98175229A02410FE751B5958ED5A3D567D4AE5736F4025DF432 ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll 13:39:14.0996 0x0ab0 tzautoupdate - ok 13:39:15.0012 0x0ab0 [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys 13:39:15.0023 0x0ab0 uagp35 - ok 13:39:15.0029 0x0ab0 [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys 13:39:15.0041 0x0ab0 UASPStor - ok 13:39:15.0046 0x0ab0 [ 3995CC3DEDED258768B8EBC2F4C0DC73, 130E99EF13EB494B8BB6A8E037DD8D59C195190EA3C27CA9E3A695AF4349DC7C ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys 13:39:15.0060 0x0ab0 UcmCx0101 - ok 13:39:15.0065 0x0ab0 [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys 13:39:15.0079 0x0ab0 UcmUcsi - ok 13:39:15.0087 0x0ab0 [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys 13:39:15.0102 0x0ab0 Ucx01000 - ok 13:39:15.0107 0x0ab0 [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys 13:39:15.0121 0x0ab0 UdeCx - ok 13:39:15.0134 0x0ab0 [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys 13:39:15.0160 0x0ab0 udfs - ok 13:39:15.0165 0x0ab0 [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys 13:39:15.0179 0x0ab0 UEFI - ok 13:39:15.0189 0x0ab0 [ 28B8E1C6CBCF9FFE2FABFF3160C26ADF, 1C90E6C4E17C9B5555151943970BB6CC196E7EFC6665D9B9DCBB1EC51C70C715 ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys 13:39:15.0205 0x0ab0 Ufx01000 - ok 13:39:15.0213 0x0ab0 [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys 13:39:15.0225 0x0ab0 UfxChipidea - ok 13:39:15.0233 0x0ab0 [ DB630FC660443D63EBAB2C830C298EFE, 7698772FF9C988DF752DF3FAF1B154E923EBA425B92F288ABB6EF0805ABD3296 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys 13:39:15.0246 0x0ab0 ufxsynopsys - ok 13:39:15.0255 0x0ab0 [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe 13:39:15.0272 0x0ab0 UI0Detect - ok 13:39:15.0279 0x0ab0 [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys 13:39:15.0291 0x0ab0 uliagpkx - ok 13:39:15.0296 0x0ab0 [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus C:\WINDOWS\System32\drivers\umbus.sys 13:39:15.0311 0x0ab0 umbus - ok 13:39:15.0315 0x0ab0 [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys 13:39:15.0329 0x0ab0 UmPass - ok 13:39:15.0340 0x0ab0 [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService C:\WINDOWS\System32\umrdp.dll 13:39:15.0361 0x0ab0 UmRdpService - ok 13:39:15.0391 0x0ab0 [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc C:\WINDOWS\System32\unistore.dll 13:39:15.0441 0x0ab0 UnistoreSvc - ok 13:39:15.0468 0x0ab0 [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost C:\WINDOWS\System32\upnphost.dll 13:39:15.0497 0x0ab0 upnphost - ok 13:39:15.0503 0x0ab0 [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys 13:39:15.0513 0x0ab0 UrsChipidea - ok 13:39:15.0518 0x0ab0 [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys 13:39:15.0535 0x0ab0 UrsCx01000 - ok 13:39:15.0551 0x0ab0 [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys 13:39:15.0566 0x0ab0 UrsSynopsys - ok 13:39:15.0574 0x0ab0 [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys 13:39:15.0590 0x0ab0 usbccgp - ok 13:39:15.0599 0x0ab0 [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys 13:39:15.0617 0x0ab0 usbcir - ok 13:39:15.0623 0x0ab0 [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys 13:39:15.0637 0x0ab0 usbehci - ok 13:39:15.0651 0x0ab0 [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys 13:39:15.0672 0x0ab0 usbhub - ok 13:39:15.0690 0x0ab0 [ B7E1CAA9429E4C3E7E01CB35B97E1536, 11A6431C27821F247202AC9F18441FEA26544630461522C129F1671257C527BA ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys 13:39:15.0712 0x0ab0 USBHUB3 - ok 13:39:15.0719 0x0ab0 [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys 13:39:15.0733 0x0ab0 usbohci - ok 13:39:15.0737 0x0ab0 [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys 13:39:15.0751 0x0ab0 usbprint - ok 13:39:15.0756 0x0ab0 [ D67B6A4A6FB99D29444C2DBA2B636799, 62BC778D60593B2AB0DA13C4DB3EA5971895AE09DA06E8AB2D03973C940C890C ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 13:39:15.0771 0x0ab0 usbscan - ok 13:39:15.0778 0x0ab0 [ F259A45D6B555B14CC8365AA6BC8DC20, 28A588656449307F6E9C999BE5D73E34A2542A5771F4B504D9D36B9F93F32303 ] usbser C:\WINDOWS\System32\drivers\usbser.sys 13:39:15.0792 0x0ab0 usbser - ok 13:39:15.0798 0x0ab0 [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS 13:39:15.0812 0x0ab0 USBSTOR - ok 13:39:15.0833 0x0ab0 [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys 13:39:15.0846 0x0ab0 usbuhci - ok 13:39:15.0871 0x0ab0 [ 9E9D58F5E1702955B2F4D62996F80E8E, 6C21C250B9D98346D0D5CB7D6C11AB120A1D195C28313BDB0CE532663F0114E2 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS 13:39:15.0890 0x0ab0 USBXHCI - ok 13:39:15.0928 0x0ab0 [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll 13:39:15.0987 0x0ab0 UserDataSvc - ok 13:39:16.0124 0x0ab0 [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager C:\WINDOWS\System32\usermgr.dll 13:39:16.0210 0x0ab0 UserManager - ok 13:39:16.0255 0x0ab0 [ 05F4CB5991D897E4253BF61FA5E828F8, 25B5B6751B4455491E9A050DF5C12F788B5677F70FB4844E0BF851090AC1F74C ] UsoSvc C:\WINDOWS\system32\usocore.dll 13:39:16.0328 0x0ab0 UsoSvc - ok 13:39:16.0344 0x0ab0 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc C:\WINDOWS\system32\lsass.exe 13:39:16.0386 0x0ab0 VaultSvc - ok 13:39:16.0399 0x0ab0 [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys 13:39:16.0434 0x0ab0 vdrvroot - ok 13:39:16.0506 0x0ab0 [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds C:\WINDOWS\System32\vds.exe 13:39:16.0628 0x0ab0 vds - ok 13:39:16.0652 0x0ab0 [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys 13:39:16.0684 0x0ab0 VerifierExt - ok 13:39:16.0720 0x0ab0 [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys 13:39:16.0746 0x0ab0 vhdmp - ok 13:39:16.0752 0x0ab0 [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf C:\WINDOWS\System32\drivers\vhf.sys 13:39:16.0765 0x0ab0 vhf - ok 13:39:16.0771 0x0ab0 [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys 13:39:16.0785 0x0ab0 vmbus - ok 13:39:16.0790 0x0ab0 [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys 13:39:16.0804 0x0ab0 VMBusHID - ok 13:39:16.0819 0x0ab0 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll 13:39:16.0847 0x0ab0 vmicguestinterface - ok 13:39:16.0860 0x0ab0 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll 13:39:16.0888 0x0ab0 vmicheartbeat - ok 13:39:16.0901 0x0ab0 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll 13:39:16.0928 0x0ab0 vmickvpexchange - ok 13:39:16.0941 0x0ab0 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv C:\WINDOWS\System32\ICSvc.dll 13:39:16.0968 0x0ab0 vmicrdv - ok 13:39:16.0981 0x0ab0 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll 13:39:17.0008 0x0ab0 vmicshutdown - ok 13:39:17.0021 0x0ab0 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync C:\WINDOWS\System32\ICSvc.dll 13:39:17.0048 0x0ab0 vmictimesync - ok 13:39:17.0063 0x0ab0 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession C:\WINDOWS\System32\ICSvc.dll 13:39:17.0091 0x0ab0 vmicvmsession - ok 13:39:17.0103 0x0ab0 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss C:\WINDOWS\System32\ICSvc.dll 13:39:17.0130 0x0ab0 vmicvss - ok 13:39:17.0136 0x0ab0 [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys 13:39:17.0148 0x0ab0 volmgr - ok 13:39:17.0159 0x0ab0 [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys 13:39:17.0178 0x0ab0 volmgrx - ok 13:39:17.0191 0x0ab0 [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys 13:39:17.0210 0x0ab0 volsnap - ok 13:39:17.0218 0x0ab0 [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys 13:39:17.0232 0x0ab0 vpci - ok 13:39:17.0246 0x0ab0 [ 190FE0CE4D43AD8EED97AAA68827E2C6, 1C43F33573A0815C5EDC5E18BA1038AFDD11F55A7CD8B08BA59B8F7357117E4C ] Vsdatant C:\WINDOWS\system32\drivers\vsdatant.sys 13:39:17.0264 0x0ab0 Vsdatant - ok 13:39:17.0422 0x0ab0 [ 5F4548DBABDF037CE2B45122EA85666B, 8DD3DC08854D288D3F5CE96DF9E1F63432DEAC1252679F5C09783BDAA696A9F6 ] vsmon C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe 13:39:17.0502 0x0ab0 vsmon - ok 13:39:17.0515 0x0ab0 [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys 13:39:17.0529 0x0ab0 vsmraid - ok 13:39:17.0566 0x0ab0 [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS C:\WINDOWS\system32\vssvc.exe 13:39:17.0627 0x0ab0 VSS - ok 13:39:17.0640 0x0ab0 [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys 13:39:17.0657 0x0ab0 VSTXRAID - ok 13:39:17.0669 0x0ab0 [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys 13:39:17.0684 0x0ab0 vwifibus - ok 13:39:17.0690 0x0ab0 [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys 13:39:17.0706 0x0ab0 vwififlt - ok 13:39:17.0735 0x0ab0 [ 3BE5AAC930447FD18D4A8255A2FEC95C, A517357188FE4A5BD98A3CDB2165ACCE96CCE4BE2B90DDBEAF70B6DDF393F506 ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys 13:39:17.0770 0x0ab0 vwifimp - ok 13:39:17.0833 0x0ab0 [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time C:\WINDOWS\system32\w32time.dll 13:39:17.0923 0x0ab0 W32Time - ok 13:39:17.0934 0x0ab0 [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys 13:39:17.0957 0x0ab0 WacomPen - ok 13:39:17.0983 0x0ab0 [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService C:\WINDOWS\system32\WalletService.dll 13:39:18.0016 0x0ab0 WalletService - ok 13:39:18.0023 0x0ab0 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 13:39:18.0040 0x0ab0 wanarp - ok 13:39:18.0046 0x0ab0 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys 13:39:18.0062 0x0ab0 wanarpv6 - ok 13:39:18.0129 0x0ab0 [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine C:\WINDOWS\system32\wbengine.exe 13:39:18.0189 0x0ab0 wbengine - ok 13:39:18.0211 0x0ab0 [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll 13:39:18.0242 0x0ab0 WbioSrvc - ok 13:39:18.0260 0x0ab0 [ E9A0D466F6D8EC349DB526146618BCB6, CFD6F3F979E4366A68FBEC3BE90A42BF3D65403A987E80741A720C0622871F32 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll 13:39:18.0292 0x0ab0 Wcmsvc - ok 13:39:18.0327 0x0ab0 [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll 13:39:18.0369 0x1254 Object required for P2P: [ 9A2A2F3C69B9A30B6E78536F6D258BAD ] iai2c 13:39:18.0392 0x0ab0 wcncsvc - ok 13:39:18.0397 0x0ab0 [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll 13:39:18.0412 0x0ab0 WcsPlugInService - ok 13:39:18.0416 0x0ab0 [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys 13:39:18.0429 0x0ab0 WdBoot - ok 13:39:18.0449 0x0ab0 [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys 13:39:18.0476 0x0ab0 Wdf01000 - ok 13:39:18.0489 0x0ab0 [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys 13:39:18.0505 0x0ab0 WdFilter - ok 13:39:18.0512 0x0ab0 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost C:\WINDOWS\system32\wdi.dll 13:39:18.0532 0x0ab0 WdiServiceHost - ok 13:39:18.0537 0x0ab0 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost C:\WINDOWS\system32\wdi.dll 13:39:18.0558 0x0ab0 WdiSystemHost - ok 13:39:18.0578 0x0ab0 [ 2BC2E99623119521EEF7910A11D0FDE0, 3F3E48A79534F0F65F961D9B170D534562E04901B630127B16DF02E6D42F2BBF ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys 13:39:18.0611 0x0ab0 wdiwifi - ok 13:39:18.0618 0x0ab0 [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys 13:39:18.0630 0x0ab0 WdNisDrv - ok 13:39:18.0634 0x0ab0 WdNisSvc - ok 13:39:18.0672 0x0ab0 [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient C:\WINDOWS\System32\webclnt.dll 13:39:18.0734 0x0ab0 WebClient - ok 13:39:18.0764 0x0ab0 [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll 13:39:18.0822 0x0ab0 Wecsvc - ok 13:39:18.0838 0x0ab0 [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll 13:39:18.0889 0x0ab0 WEPHOSTSVC - ok 13:39:18.0904 0x0ab0 [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll 13:39:18.0937 0x0ab0 wercplsupport - ok 13:39:18.0945 0x0ab0 [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc C:\WINDOWS\System32\WerSvc.dll 13:39:18.0968 0x0ab0 WerSvc - ok 13:39:18.0976 0x0ab0 [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys 13:39:18.0990 0x0ab0 WFPLWFS - ok 13:39:18.0996 0x0ab0 [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc C:\WINDOWS\System32\wiarpc.dll 13:39:19.0014 0x0ab0 WiaRpc - ok 13:39:19.0022 0x0ab0 [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys 13:39:19.0034 0x0ab0 WIMMount - ok 13:39:19.0037 0x0ab0 WinDefend - ok 13:39:19.0050 0x0ab0 [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys 13:39:19.0062 0x0ab0 WindowsTrustedRT - ok 13:39:19.0067 0x0ab0 [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys 13:39:19.0079 0x0ab0 WindowsTrustedRTProxy - ok 13:39:19.0125 0x0ab0 [ FFD04E8263FC9CDB89BAD8C27C337223, 7021161D354F1536DA261D001524B92301466631DCFA161A7C6355AAC86BBE40 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll 13:39:19.0172 0x0ab0 WinHttpAutoProxySvc - ok 13:39:19.0218 0x0ab0 [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys 13:39:19.0229 0x0ab0 WinMad - ok 13:39:19.0283 0x0ab0 [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 13:39:19.0332 0x0ab0 Winmgmt - ok 13:39:19.0483 0x0ab0 [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM C:\WINDOWS\system32\WsmSvc.dll 13:39:19.0588 0x0ab0 WinRM - ok 13:39:19.0621 0x0ab0 [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS 13:39:19.0652 0x0ab0 WINUSB - ok 13:39:19.0662 0x0ab0 [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys 13:39:19.0687 0x0ab0 WinVerbs - ok 13:39:19.0830 0x0ab0 [ 453740989239803FE363FF8B40EA2E08, 25499705627C38D3431B3C336E0CF3BF55ABB0C461B88DA6D3767CAAE1E2B893 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll 13:39:19.0910 0x0ab0 WlanSvc - ok 13:39:19.0980 0x0ab0 [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll 13:39:20.0054 0x0ab0 wlidsvc - ok 13:39:20.0060 0x0ab0 [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys 13:39:20.0074 0x0ab0 WmiAcpi - ok 13:39:20.0086 0x0ab0 [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe 13:39:20.0103 0x0ab0 wmiApSrv - ok 13:39:20.0107 0x0ab0 WMPNetworkSvc - ok 13:39:20.0117 0x0ab0 [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\WINDOWS\system32\drivers\Wof.sys 13:39:20.0131 0x0ab0 Wof - ok 13:39:20.0181 0x0ab0 [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll 13:39:20.0251 0x0ab0 workfolderssvc - ok 13:39:20.0259 0x0ab0 [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys 13:39:20.0271 0x0ab0 wpcfltr - ok 13:39:20.0278 0x0ab0 [ D282ECA35ADAC7A93D6B4943E775010B, A76A9698A95646FA63AC18DFFA02B744D7C6043934CBF6C37832ED2E6B21F570 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll 13:39:20.0297 0x0ab0 WPDBusEnum - ok 13:39:20.0302 0x0ab0 [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys 13:39:20.0313 0x0ab0 WpdUpFltr - ok 13:39:20.0319 0x0ab0 [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService C:\WINDOWS\system32\WpnService.dll 13:39:20.0334 0x0ab0 WpnService - ok 13:39:20.0340 0x0ab0 [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys 13:39:20.0357 0x0ab0 ws2ifsl - ok 13:39:20.0366 0x0ab0 [ 9C17CF2D05F8DA5AC66880B6BEE64E7D, 8930079A1AFA97657BE567038EE57C988D3DE9A6C24EA46160E2974837082535 ] wscsvc C:\WINDOWS\System32\wscsvc.dll 13:39:20.0386 0x0ab0 wscsvc - ok 13:39:20.0389 0x0ab0 WSearch - ok 13:39:20.0536 0x0ab0 [ 6E04BBE242E2889B37300C4DF5CE1126, FBDAEAC62C48A4FC5EF412AE47FF10590AE83E8871412F76F6F9BAE910542DFA ] WSService C:\WINDOWS\System32\WSService.dll 13:39:20.0626 0x0ab0 WSService - ok 13:39:20.0638 0x0ab0 [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd C:\WINDOWS\system32\DRIVERS\wsvd.sys 13:39:20.0648 0x0ab0 wsvd - ok 13:39:20.0707 0x0ab0 [ 3D0DE8170ECCEC20CBF205D79C535BA1, 9249A420B9024AB3B18D7E4DAC20E2080E0759C620F46D37D467DC25A77F2025 ] wuauserv C:\WINDOWS\system32\wuaueng.dll 13:39:20.0788 0x0ab0 wuauserv - ok 13:39:20.0799 0x0ab0 [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys 13:39:20.0801 0x1254 Object send P2P result: true 13:39:20.0801 0x1254 Object required for P2P: [ 59A20F5AD9F4AE54098154359519408E ] iaLPSS2i_I2C 13:39:20.0818 0x0ab0 WudfPf - ok 13:39:20.0827 0x0ab0 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys 13:39:20.0846 0x0ab0 WUDFRd - ok 13:39:20.0854 0x0ab0 [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll 13:39:20.0871 0x0ab0 wudfsvc - ok 13:39:20.0880 0x0ab0 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 13:39:20.0899 0x0ab0 WUDFWpdFs - ok 13:39:20.0908 0x0ab0 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 13:39:20.0928 0x0ab0 WUDFWpdMtp - ok 13:39:20.0966 0x0ab0 [ 7F7591CCC146EC7D9EB77C1277D605F4, 80D6D45BD3C3C7F79BFA98B864CBFA443245416ED64C0BC16E9E7C8C5E958AFB ] WwanSvc C:\WINDOWS\System32\wwansvc.dll 13:39:21.0025 0x0ab0 WwanSvc - ok 13:39:21.0054 0x0ab0 [ 5DFAF8BE5A3CABAABF6795BC09EB7876, 1AFD0BC50EA5C2CCB2874E97FE5205175C80849BD6C9BDAF9FBC49174D478997 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll 13:39:21.0113 0x0ab0 XblAuthManager - ok 13:39:21.0154 0x0ab0 [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll 13:39:21.0200 0x0ab0 XblGameSave - ok 13:39:21.0211 0x0ab0 [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys 13:39:21.0231 0x0ab0 xboxgip - ok 13:39:21.0259 0x0ab0 [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll 13:39:21.0303 0x0ab0 XboxNetApiSvc - ok 13:39:21.0309 0x0ab0 [ DA0807D87A62D076C29C4E30F1E84F46, CA3079350038091AEE04D4DA7C06865E9DB3095120AE61AAB575AA77E86A6223 ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys 13:39:21.0322 0x0ab0 xinputhid - ok 13:39:21.0330 0x0ab0 [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21 C:\WINDOWS\System32\drivers\xusb21.sys 13:39:21.0341 0x0ab0 xusb21 - ok 13:39:21.0347 0x0ab0 [ CEC8ED565F3663F0B8A862561BF08D79, FDDBEDC79C7061B20AA450BB3D09EDADEDD5F531D8EA100BBF542A63BDFCE593 ] ZAPrivacyService C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe 13:39:21.0360 0x0ab0 ZAPrivacyService - ok 13:39:21.0360 0x0ab0 ================ Scan global =============================== 13:39:21.0367 0x0ab0 [ 82E25186617BA6C15010F0D47C705705, 5BF9E38918E6EAE86448137E2D120B80318AA1143CDDF539A2BFBEE227646816 ] C:\WINDOWS\system32\basesrv.dll 13:39:21.0377 0x0ab0 [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\WINDOWS\system32\winsrv.dll 13:39:21.0386 0x0ab0 [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll 13:39:21.0401 0x0ab0 [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\WINDOWS\system32\services.exe 13:39:21.0409 0x0ab0 [ Global ] - ok 13:39:21.0410 0x0ab0 ================ Scan MBR ================================== 13:39:21.0421 0x0ab0 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 13:39:21.0519 0x0ab0 \Device\Harddisk0\DR0 - ok 13:39:21.0526 0x0ab0 [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk1\DR1 13:39:21.0989 0x0ab0 \Device\Harddisk1\DR1 - ok 13:39:21.0990 0x0ab0 ================ Scan VBR ================================== 13:39:22.0017 0x0ab0 [ 2CD677512073802FB745CF10770C1A81 ] \Device\Harddisk0\DR0\Partition1 13:39:22.0072 0x0ab0 \Device\Harddisk0\DR0\Partition1 - ok 13:39:22.0077 0x0ab0 [ 333042A5BA8489DF44EE73165DC58BAB ] \Device\Harddisk0\DR0\Partition2 13:39:22.0127 0x0ab0 \Device\Harddisk0\DR0\Partition2 - ok 13:39:22.0138 0x0ab0 [ 30CF3121CA01B2BDAAB1EF9965B2A5B7 ] \Device\Harddisk0\DR0\Partition3 13:39:22.0171 0x0ab0 \Device\Harddisk0\DR0\Partition3 - ok 13:39:22.0176 0x0ab0 [ ABC349806DB8E12A9B5D915669AEBDD7 ] \Device\Harddisk0\DR0\Partition4 13:39:22.0176 0x0ab0 \Device\Harddisk0\DR0\Partition4 - ok 13:39:22.0184 0x0ab0 [ 331555CDE2B1CABFB21BD12D7FABEBAB ] \Device\Harddisk0\DR0\Partition5 13:39:22.0223 0x0ab0 \Device\Harddisk0\DR0\Partition5 - ok 13:39:22.0228 0x0ab0 [ 80802AA0C9C54DFED76A1E97A5BE4E26 ] \Device\Harddisk0\DR0\Partition6 13:39:22.0259 0x0ab0 \Device\Harddisk0\DR0\Partition6 - ok 13:39:22.0264 0x0ab0 [ A06FC6E8C95523DA5907278A9E0C625D ] \Device\Harddisk0\DR0\Partition7 13:39:22.0276 0x0ab0 \Device\Harddisk0\DR0\Partition7 - ok 13:39:22.0283 0x0ab0 [ E93DA87EFAB64CAE9C4FE0837627ED2A ] \Device\Harddisk1\DR1\Partition1 13:39:22.0286 0x0ab0 \Device\Harddisk1\DR1\Partition1 - ok 13:39:22.0288 0x0ab0 ================ Scan generic autorun ====================== 13:39:22.0288 0x0ab0 ETDCtrl - ok 13:39:22.0540 0x0ab0 [ 130E6464AACBFE9FD4DA002FD0E98FEE, 8A792058BBE266F2F3BE8072A74FC32CF3888EF20AD9D703D93BB99F415BC1C3 ] C:\WINDOWS\RTFTrack.exe 13:39:22.0643 0x0ab0 RtsFT - ok 13:39:22.0660 0x0ab0 [ 3A19FD28BF891CB67FD89A94BEC88C3F, 6D9F5FA55A4B8A386691E91305C8CA9323B91680FA2DC4585DDDECA69BB80FA0 ] C:\WINDOWS\system32\igfxtray.exe 13:39:22.0677 0x0ab0 IgfxTray - ok 13:39:22.0680 0x0ab0 HotKeysCmds - ok 13:39:22.0682 0x0ab0 Persistence - ok 13:39:22.0711 0x0ab0 [ 7FCF3650242F8F8C1EE2E7E98CBD88BB, 5AE46713C7D96E30661F67A95414FF12181974788929C11C2F623695153A77D1 ] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe 13:39:22.0739 0x0ab0 Nvtmru - ok 13:39:22.0745 0x0ab0 [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe 13:39:22.0751 0x0ab0 IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 ) 13:39:23.0232 0x1254 Object send P2P result: true 13:39:23.0249 0x1254 Object required for P2P: [ F5CEB5CE82DC9CC94873C487DF2BA73C ] MozillaMaintenance 13:39:25.0171 0x0ab0 Detect skipped due to KSN trusted 13:39:25.0171 0x0ab0 IAStorIcon - ok 13:39:25.0235 0x0ab0 [ 7C3CD9D9B2C1336D5FEABD6EC06316F5, F68714C3697E1882D6FA5D822D99559FF07B2E2E6979E44EA104F56B93F7853F ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe 13:39:25.0282 0x0ab0 cAudioFilterAgent - ok 13:39:25.0290 0x0ab0 [ 42361B4BD80768E82B80285851037665, A555A6BF8016645B838FEA993AD273D1F472586F3600619DC243B1C33438FA07 ] C:\Program Files\Conexant\ForteConfig\fmapp.exe 13:39:25.0304 0x0ab0 ForteConfig - ok 13:39:25.0359 0x0ab0 [ 8970A59A838FF1CDC3D62D85823AA61E, 5842DAFD20C1A024CF8984652A08D12DBA1DE15788794D01FF6070D4E24D2479 ] C:\Program Files\CONEXANT\SAII\SACpl.exe 13:39:25.0441 0x0ab0 SmartAudio - detected UnsignedFile.Multi.Generic ( 1 ) 13:39:25.0668 0x1254 Object send P2P result: true 13:39:25.0670 0x1254 Object required for P2P: [ 807A6636828E5F43C10A01474B8907EE ] MSDTC 13:39:27.0890 0x0ab0 Detect skipped due to KSN trusted 13:39:27.0890 0x0ab0 SmartAudio - ok 13:39:28.0124 0x1254 Object send P2P result: true 13:39:28.0155 0x1254 Object required for P2P: [ 3E98CE04689597C76B3EF4D3D0323836 ] SkypeUpdate 13:39:28.0320 0x0ab0 [ E7C8E8D71978722E1D3C4D6FBC7D98C0, C45B79FCAA1D3D25DD50A525CE26D1469E4C6183E117DDD7950B57BBAB31E8D9 ] C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe 13:39:28.0424 0x0ab0 OnekeyStudio - ok 13:39:29.0166 0x0ab0 [ 8AFBDD458A6CBBC5654D959C03C2A87A, D27889AEA72F316A2FBAF06AAF3D94B823875D6108E12CAF7B76B3293C22D1CD ] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe 13:39:29.0581 0x0ab0 Energy Manager - ok 13:39:29.0623 0x0ab0 [ F0627CE818DA58BAE771DCD4669FA343, 070CE17C9DAC01CC5AE465DFA3FDD8A44ABF97AC8101ED238C96668027B6F10B ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe 13:39:29.0646 0x0ab0 Lenovo Utility - ok 13:39:29.0666 0x0ab0 [ D0B542256A968DFCB8896C140FCE6047, 3F92A9871B521BCCCDFE6D9BFF88930B26C5DB86F6F6578554A3F2ECC5C5EBA0 ] C:\Program Files\iTunes\iTunesHelper.exe 13:39:29.0699 0x0ab0 iTunesHelper - ok 13:39:29.0814 0x0ab0 [ DBC0D16BD2B5BA537C530315BCBA2ED0, 46503F100B9C395BF627FF6D50B985E0948BBDB01829DC807F283DCAFEF0E204 ] C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe 13:39:29.0860 0x0ab0 Hercules DJ Series TrayAgent - ok 13:39:29.0871 0x0ab0 [ 8F83160C43C61FC6775391B46B7C16BF, 648588126B2CD0B9F50F478BF4F7474137D1285061A3B22B56C1CB5B4FD3C3BF ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe 13:39:29.0882 0x0ab0 UpdateP2GShortCut - ok 13:39:29.0919 0x0ab0 [ 1CE11C53E562D5F7EAFCF47E0E696516, 4E8264DB3CA9B2344905BC2CAE6A9E73190A3CCF3D154B3CBDAF4F73F8FCD64B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 13:39:29.0943 0x0ab0 avgnt - ok 13:39:29.0968 0x0ab0 [ 916A2C4EB028604783FD5EA169236C1D, C97DAA1BE5C912DDCEDBA7619631BB98F4A9B32B1E40C5374A64E25305E0A1C4 ] C:\Program Files (x86)\QuickTime\QTTask.exe 13:39:29.0997 0x0ab0 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 ) 13:39:30.0585 0x1254 Object send P2P result: true 13:39:30.0586 0x1254 Object required for P2P: [ 7C58AFEC26E9F7730A8AA7FD40225937 ] sppsvc 13:39:30.0852 0x1b4c Object required for P2P: [ 4CF5A1E0C4FCA956ACD6C654E2A8610E ] VSS 13:39:32.0443 0x0ab0 Detect skipped due to KSN trusted 13:39:32.0443 0x0ab0 QuickTime Task - ok 13:39:32.0452 0x0ab0 [ C94EBFBCD3018DCC50E193DFD02C8CEF, 93E48E0B2E9794CBE59C57226E5AF4CBAD03A1C04F76830530DDFD746794F0A2 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe 13:39:32.0477 0x0ab0 Avira SystrayStartTrigger - ok 13:39:32.0491 0x0ab0 [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe 13:39:32.0524 0x0ab0 HP Software Update - ok 13:39:32.0874 0x0ab0 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe 13:39:33.0058 0x1254 Object send P2P result: true 13:39:33.0061 0x1254 Object required for P2P: [ 34A3EB84B2A830E6F450B8F885AE4E6E ] SysMain 13:39:33.0173 0x0ab0 OneDriveSetup - ok 13:39:33.0294 0x1b4c Object send P2P result: true 13:39:33.0401 0x0ab0 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe 13:39:33.0558 0x0ab0 OneDriveSetup - ok 13:39:33.0833 0x0ab0 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe 13:39:33.0989 0x0ab0 OneDriveSetup - ok 13:39:34.0108 0x0ab0 [ CB396B37F21C205F00ACE39CF999295A, FD8CB2426D4B9F13480DD823F0479E75316F6486262E88E420398A2C7AB91F57 ] C:\Program Files (x86)\Windows Mail\wab.exe 13:39:34.0187 0x0ab0 WAB Migrate - ok 13:39:34.0330 0x0ab0 [ 2CD5F1053AB2BC2ED35EF1B253B9E44A, 28A0A3785797D9DDD0A0D0D07B291E24E68B3523F55DE223C60EF59F5FD3361C ] C:\Program Files (x86)\Steam\steam.exe 13:39:34.0425 0x0ab0 Steam - ok 13:39:34.0447 0x0ab0 [ F9387D080BF8566354CDB0445AB8F87B, 4EE5D4A15E2D3DF578FA0370449C0894166B1B2998B63D9F02A994845350B86A ] C:\Users\UNI\AppData\Local\Microsoft\OneDrive\OneDrive.exe 13:39:34.0467 0x0ab0 OneDrive - ok 13:39:34.0482 0x0ab0 [ 91DD4AD85BB341CC8CF5187EA06FD171, 68330A5EBDA7E4A51926EC2085D71C11BD2857A6EB1D4749DEE7A6D1D5679B98 ] C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDrive.exe 13:39:34.0500 0x0ab0 OneDrive - ok 13:39:34.0511 0x0ab0 Waiting for KSN requests completion. In queue: 56 13:39:35.0498 0x1254 Object send P2P result: true 13:39:35.0511 0x0ab0 Waiting for KSN requests completion. In queue: 9 13:39:36.0512 0x0ab0 Waiting for KSN requests completion. In queue: 9 13:39:37.0550 0x0ab0 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.16.273 ), 0x41000 ( enabled : updated ) 13:39:37.0552 0x0ab0 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated ) 13:39:37.0553 0x0ab0 AV detected via SS2: ZoneAlarm Antivirus, C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZA_WSC_Remediation.exe ( 14.1.48.0 ), 0x40000 ( disabled : updated ) 13:39:37.0557 0x0ab0 FW detected via SS2: ZoneAlarm Firewall, C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZA_WSC_Remediation.exe ( 14.1.48.0 ), 0x41010 ( enabled ) 13:39:39.0943 0x0ab0 ============================================================ 13:39:39.0943 0x0ab0 Scan finished 13:39:39.0944 0x0ab0 ============================================================ 13:39:39.0959 0x1d44 Detected object count: 0 13:39:39.0959 0x1d44 Actual detected object count: 0 Aufgrund der zu großen Länge der Textdatei musste ich die Logfiles in 3 bzw 4 Antworten packen! Danke im Voraus und mit freundlichen Grüßen, CaptainM |
29.04.2016, 15:02 | #7 | |
/// Malwareteam | PC gehackt und Screenshots via Facebook verschickt Mehrere Anti-Virus-Programme Code:
ATTFilter Avira ZoneAlarm Kaspersky Zitat:
Dieses Tool kann dir dabei helfen: ESET :: Download :: Dienstprogramme :: Detail :: ESET AV Remover Um Kaspersky zu entfernen da die Installaion beschädigt ist, führe noch extra aus: http://media.kaspersky.com/utilities...s/kavremvr.exe Melde dich, wenn du alle Produkte entfernt hast.
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
29.04.2016, 16:57 | #8 |
| PC gehackt und Screenshots via Facebook verschickt Habe jetzt jegliche Viren-Software deinstalliert, Avira Antivir, Kaspersky (der Remover hat nichts zum deinstallieren gefunden) und auch ZoneAlarm. Liebe Grüße, CaptainM |
29.04.2016, 17:13 | #9 |
/// Malwareteam | PC gehackt und Screenshots via Facebook verschickt Hast du das Kaspersky Removal Tool ausgeführt? Erstelle bitte neue FRST Logs, setze dabei zusätzlich den Haken bei Addition und drücke auf 'Untersuchen'
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
29.04.2016, 17:39 | #10 |
| PC gehackt und Screenshots via Facebook verschickt Ja, habe das Removal Tool ausgeführt, allerdings hat das Programm selbst keine Kaspersky Komponente gefunden, die es löschen möchte und auch in der Systemsteuerung habe ich keine gefunden. Die neue FRST Log lautet wie folgt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-04-2016 durchgeführt von UNI (Administrator) auf LENOVO-PC (29-04-2016 18:24:35) Gestartet von C:\Users\UNI\Desktop Geladene Profile: UpdatusUser & UNI (Verfügbare Profile: UpdatusUser & UNI & Administrator) Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Edge) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Guillemot Corporation ®) C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Realtek semiconductor) C:\Windows\RTFTrack.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe (Lenovo) C:\Program Files\lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (DJHERCULESMIX®) C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (DJHERCULESMIX®) C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\HDJSeriesCPL.exe (DJHERCULESMIX®) C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\cpl2\HDJSeries2CPL.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.) HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5060864 2015-06-16] (Realtek semiconductor) HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [402344 2015-12-19] () HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe" HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe" HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-04] (Conexant Systems, Inc.) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] () HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo) HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-09-18] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-09-18] (Lenovo(beijing) Limited) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.) HKLM\...\Run: [Hercules DJ Series TrayAgent] => C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe [1817248 2015-06-17] (DJHERCULESMIX®) HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-3051385857-1379960724-2999109445-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation) HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation) HKU\S-1-5-18\...\Run: [ZoneAlarm Windows 10 Upgrader] => "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.) ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.) ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.) ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.) ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.) ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.) ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG CHR HKU\S-1-5-21-3051385857-1379960724-2999109445-1001\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG CHR HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1 Tcpip\..\Interfaces\{1b699058-3915-4380-a5bc-f14d4d7fb6f8}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{55033769-0caa-4633-90fa-9ee58816cc7f}: [DhcpNameServer] 192.168.2.1 192.168.2.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-01] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-01] (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\UNI\AppData\Roaming\Mozilla\Firefox\Profiles\louw1oEV.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-14] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-14] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-01] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-01] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.) FF Extension: Avira Browser Safety - C:\Users\UNI\AppData\Roaming\Mozilla\Firefox\Profiles\louw1oEV.default\Extensions\abs@avira.com [2016-04-14] FF Extension: Ghostery - C:\Users\UNI\AppData\Roaming\Mozilla\Firefox\Profiles\louw1oEV.default\Extensions\firefox@ghostery.com.xpi [2016-03-30] FF Extension: Adblock Plus - C:\Users\UNI\AppData\Roaming\Mozilla\Firefox\Profiles\louw1oEV.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-27] Chrome: ======= CHR HomePage: Default -> hxxps://startpage.com/ CHR StartupUrls: Default -> "hxxp://www.google.de/" CHR Profile: C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-07] CHR Extension: (Google Docs) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07] CHR Extension: (Google Drive) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Agar.io Mods) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmofencpfjfladdmoiflekmblmhflbkp [2015-06-24] CHR Extension: (Google-Suche) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Google Tabellen) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-07] CHR Extension: (Avira Browserschutz) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-04-12] CHR Extension: (Google Docs Offline) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (AdBlock) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-18] CHR Extension: (Java for Web Pages) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpomcmpdonjdffeabllcklpbnfdknnko [2015-02-28] CHR Extension: (Ghostery) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-02-20] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03] CHR Extension: (Google Mail) - C:\Users\UNI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.) R2 HerculesDJControlMP3; C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [91136 2015-04-17] (Guillemot Corporation ®) [Datei ist nicht signiert] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo) R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.) R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-18] (Lenovo(beijing) Limited) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek ) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [593624 2015-03-11] (Realtek Semiconductor Corporation) R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3068160 2015-06-16] (Realtek Semiconductor Corp.) R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [3445248 2015-10-30] (Realtek Semiconductor Corporation ) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-04-29 18:24 - 2016-04-29 18:25 - 00020420 _____ C:\Users\UNI\Desktop\FRST.txt 2016-04-29 18:23 - 2016-04-29 18:24 - 00000000 ____D C:\Users\UNI\Desktop\Alt 2016-04-29 13:37 - 2016-04-29 13:43 - 00275710 _____ C:\TDSSKiller.3.1.0.9_29.04.2016_13.37.33_log.txt 2016-04-29 13:36 - 2016-04-29 13:36 - 00000560 _____ C:\TDSSKiller.3.1.0.9_29.04.2016_13.36.16_log.txt 2016-04-29 13:34 - 2016-04-29 13:08 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\UNI\Desktop\tdsskiller.exe 2016-04-29 13:27 - 2016-04-29 18:24 - 00000000 ____D C:\FRST 2016-04-29 13:26 - 2016-04-29 13:06 - 02376704 _____ (Farbar) C:\Users\UNI\Desktop\FRST64.exe 2016-04-28 20:47 - 2016-04-29 18:21 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-04-28 20:45 - 2016-04-28 20:45 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla 2016-04-28 20:45 - 2016-04-28 20:45 - 00000000 ____D C:\Users\Administrator\AppData\Local\Mozilla 2016-04-28 17:15 - 2016-04-28 17:15 - 00000000 ____D C:\Program Files\Common Files\AV 2016-04-28 16:54 - 2016-04-28 16:54 - 00000000 ____D C:\ProgramData\CheckPoint 2016-04-28 16:51 - 2016-04-28 16:54 - 03412200 _____ (Check Point Software Technologies Ltd.) C:\Users\Administrator\Downloads\zaSetupWeb_141_048_000.exe 2016-04-28 16:29 - 2016-04-28 16:35 - 222776824 _____ (COMODO) C:\Users\Administrator\Downloads\cfw5005_installer_6106_53.exe 2016-04-28 16:16 - 2016-04-28 18:34 - 00000000 ____D C:\ProgramData\SecTaskMan 2016-04-28 16:15 - 2016-04-28 16:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics 2016-04-28 16:13 - 2016-04-28 16:13 - 00002429 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-04-28 16:13 - 2016-04-28 16:13 - 00000000 ___RD C:\Users\Administrator\OneDrive 2016-04-28 16:13 - 2016-04-28 16:13 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation 2016-04-28 16:13 - 2016-04-28 16:13 - 00000000 ____D C:\Users\Administrator\AppData\Local\ActiveSync 2016-04-28 16:11 - 2016-04-28 16:11 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Hightail for Lenovo 2016-04-28 16:11 - 2016-04-28 16:11 - 00000000 ____D C:\Users\Administrator\AppData\Local\Publishers 2016-04-28 16:10 - 2016-04-28 16:36 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages 2016-04-28 16:10 - 2016-04-28 16:10 - 00000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles 2016-04-28 16:10 - 2016-04-28 16:10 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe 2016-04-28 16:09 - 2016-04-28 19:14 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google 2016-04-28 16:09 - 2016-04-28 16:13 - 00000000 ____D C:\Users\Administrator 2016-04-28 16:09 - 2016-04-28 16:09 - 00000020 ___SH C:\Users\Administrator\ntuser.ini 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Vorlagen 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Startmenü 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 ____D C:\Users\Administrator\AppData\Local\TileDataLayer 2016-04-28 16:09 - 2016-04-11 15:57 - 00000000 ____D C:\Users\Administrator\Documents\Visual Studio 2010 2016-04-28 16:09 - 2014-09-18 00:34 - 00000187 _____ C:\Users\Administrator\Desktop\Google Play Music.url 2016-04-28 16:09 - 2014-09-18 00:32 - 00000126 _____ C:\Users\Administrator\Desktop\Adobe Photo Offer.url 2016-04-28 16:09 - 2014-03-26 12:21 - 00000190 _____ C:\Users\Administrator\Desktop\FREE CALLS with Voxox.url 2016-04-28 15:56 - 2016-04-28 15:56 - 03394856 _____ (Check Point Software Technologies Ltd.) C:\Users\UNI\Desktop\zasetupweb_132_015_000.exe 2016-04-28 15:27 - 2016-04-28 15:33 - 222776824 _____ (COMODO) C:\Users\UNI\Desktop\cfw_installer_6106_53.exe 2016-04-28 12:57 - 2016-04-28 22:10 - 00000000 ____D C:\AdwCleaner 2016-04-28 12:56 - 2016-04-28 12:57 - 03581504 _____ C:\Users\UNI\Desktop\AdwCleaner.exe 2016-04-28 12:21 - 2016-04-28 12:21 - 00001242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk 2016-04-28 12:21 - 2016-04-28 12:21 - 00001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk 2016-04-28 12:21 - 2016-04-28 12:21 - 00001219 _____ C:\Users\Public\Desktop\Security Task Manager.lnk 2016-04-28 12:21 - 2016-04-28 12:21 - 00000000 ____D C:\Program Files (x86)\Security Task Manager 2016-04-27 18:57 - 2016-04-28 14:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-04-25 00:02 - 2016-04-25 00:02 - 00000979 _____ C:\Users\Public\Desktop\DS3 Tool.lnk 2016-04-25 00:02 - 2016-04-25 00:02 - 00000000 ____D C:\Users\UNI\Desktop\MotioninJoy_071001_signed 2016-04-24 23:59 - 2016-04-25 00:01 - 04117346 _____ C:\Users\UNI\Desktop\MotioninJoy_071001_signed.zip 2016-04-24 18:34 - 2016-04-24 18:39 - 00000000 ____D C:\Users\UNI\Desktop\LRG CD 2016-04-24 14:51 - 2016-04-24 14:51 - 00000000 ____D C:\Users\UNI\Desktop\LRG-Playlist 2016-04-14 00:08 - 2016-03-29 12:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-04-14 00:08 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2016-04-14 00:08 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2016-04-14 00:08 - 2016-03-29 09:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-04-14 00:08 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2016-04-14 00:08 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2016-04-14 00:08 - 2016-03-29 08:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-04-14 00:08 - 2016-03-29 08:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-04-14 00:08 - 2016-03-29 08:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-04-14 00:08 - 2016-03-29 08:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-04-14 00:08 - 2016-03-29 08:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-04-14 00:08 - 2016-03-29 08:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-04-14 00:08 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-04-14 00:08 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-04-14 00:08 - 2016-03-29 07:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-04-14 00:08 - 2016-03-29 07:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-04-14 00:08 - 2016-03-29 07:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-04-14 00:08 - 2016-03-29 07:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-04-14 00:08 - 2016-03-29 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-04-14 00:08 - 2016-03-29 07:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-04-14 00:08 - 2016-03-29 07:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-04-14 00:07 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2016-04-14 00:07 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll 2016-04-14 00:07 - 2016-04-02 06:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2016-04-14 00:07 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2016-04-14 00:07 - 2016-04-02 05:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll 2016-04-14 00:07 - 2016-04-02 05:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll 2016-04-14 00:07 - 2016-04-02 05:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll 2016-04-14 00:07 - 2016-04-02 05:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll 2016-04-14 00:07 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll 2016-04-14 00:07 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll 2016-04-14 00:07 - 2016-04-02 05:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2016-04-14 00:07 - 2016-04-02 05:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-04-14 00:07 - 2016-04-02 05:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2016-04-14 00:07 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-04-14 00:07 - 2016-04-02 05:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2016-04-14 00:07 - 2016-04-02 05:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2016-04-14 00:07 - 2016-04-02 05:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-04-14 00:07 - 2016-04-02 05:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-04-14 00:07 - 2016-04-02 05:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2016-04-14 00:07 - 2016-04-02 05:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2016-04-14 00:07 - 2016-04-02 05:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-04-14 00:07 - 2016-04-02 05:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2016-04-14 00:07 - 2016-04-02 05:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-04-14 00:07 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2016-04-14 00:07 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-04-14 00:07 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-04-14 00:07 - 2016-03-29 12:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-14 00:07 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-04-14 00:07 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-04-14 00:07 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2016-04-14 00:07 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll 2016-04-14 00:07 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2016-04-14 00:07 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2016-04-14 00:07 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2016-04-14 00:07 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2016-04-14 00:07 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2016-04-14 00:07 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2016-04-14 00:07 - 2016-03-29 11:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-04-14 00:07 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2016-04-14 00:07 - 2016-03-29 11:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2016-04-14 00:07 - 2016-03-29 11:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys 2016-04-14 00:07 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll 2016-04-14 00:07 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2016-04-14 00:07 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2016-04-14 00:07 - 2016-03-29 11:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2016-04-14 00:07 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2016-04-14 00:07 - 2016-03-29 11:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-04-14 00:07 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe 2016-04-14 00:07 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll 2016-04-14 00:07 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll 2016-04-14 00:07 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-04-14 00:07 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe 2016-04-14 00:07 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll 2016-04-14 00:07 - 2016-03-29 10:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-04-14 00:07 - 2016-03-29 10:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-04-14 00:07 - 2016-03-29 10:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2016-04-14 00:07 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll 2016-04-14 00:07 - 2016-03-29 10:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-04-14 00:07 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2016-04-14 00:07 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2016-04-14 00:07 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll 2016-04-14 00:07 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll 2016-04-14 00:07 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-04-14 00:07 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll 2016-04-14 00:07 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2016-04-14 00:07 - 2016-03-29 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll 2016-04-14 00:07 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll 2016-04-14 00:07 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll 2016-04-14 00:07 - 2016-03-29 10:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2016-04-14 00:07 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll 2016-04-14 00:07 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll 2016-04-14 00:07 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-04-14 00:07 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe 2016-04-14 00:07 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll 2016-04-14 00:07 - 2016-03-29 10:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll 2016-04-14 00:07 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe 2016-04-14 00:07 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll 2016-04-14 00:07 - 2016-03-29 09:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll 2016-04-14 00:07 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll 2016-04-14 00:07 - 2016-03-29 09:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-04-14 00:07 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys 2016-04-14 00:07 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll 2016-04-14 00:07 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-04-14 00:07 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll 2016-04-14 00:07 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe 2016-04-14 00:07 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2016-04-14 00:07 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll 2016-04-14 00:07 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll 2016-04-14 00:07 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2016-04-14 00:07 - 2016-03-29 09:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll 2016-04-14 00:07 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll 2016-04-14 00:07 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll 2016-04-14 00:07 - 2016-03-29 09:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2016-04-14 00:07 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll 2016-04-14 00:07 - 2016-03-29 09:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-04-14 00:07 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll 2016-04-14 00:07 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll 2016-04-14 00:07 - 2016-03-29 09:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2016-04-14 00:07 - 2016-03-29 09:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2016-04-14 00:07 - 2016-03-29 09:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-04-14 00:07 - 2016-03-29 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-04-14 00:07 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2016-04-14 00:07 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2016-04-14 00:07 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll 2016-04-14 00:07 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll 2016-04-14 00:07 - 2016-03-29 09:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2016-04-14 00:07 - 2016-03-29 09:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-04-14 00:07 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys 2016-04-14 00:07 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2016-04-14 00:07 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll 2016-04-14 00:07 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2016-04-14 00:07 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-04-14 00:07 - 2016-03-29 09:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2016-04-14 00:07 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2016-04-14 00:07 - 2016-03-29 09:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll 2016-04-14 00:07 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2016-04-14 00:07 - 2016-03-29 09:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2016-04-14 00:07 - 2016-03-29 09:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2016-04-14 00:07 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll 2016-04-14 00:07 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-04-14 00:07 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll 2016-04-14 00:07 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll 2016-04-14 00:07 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll 2016-04-14 00:07 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2016-04-14 00:07 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll 2016-04-14 00:07 - 2016-03-29 09:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2016-04-14 00:07 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2016-04-14 00:07 - 2016-03-29 09:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2016-04-14 00:07 - 2016-03-29 09:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-04-14 00:07 - 2016-03-29 09:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2016-04-14 00:07 - 2016-03-29 09:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2016-04-14 00:07 - 2016-03-29 09:14 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2016-04-14 00:07 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2016-04-14 00:07 - 2016-03-29 09:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-04-14 00:07 - 2016-03-29 09:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2016-04-14 00:07 - 2016-03-29 09:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2016-04-14 00:07 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2016-04-14 00:07 - 2016-03-29 09:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll 2016-04-14 00:07 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll 2016-04-14 00:07 - 2016-03-29 09:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-04-14 00:07 - 2016-03-29 09:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2016-04-14 00:07 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2016-04-14 00:07 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll 2016-04-14 00:07 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2016-04-14 00:07 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2016-04-14 00:07 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2016-04-14 00:07 - 2016-03-29 09:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2016-04-14 00:07 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2016-04-14 00:07 - 2016-03-29 09:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2016-04-14 00:07 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe 2016-04-14 00:07 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2016-04-14 00:07 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll 2016-04-14 00:07 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys 2016-04-14 00:07 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2016-04-14 00:07 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll 2016-04-14 00:07 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-04-14 00:07 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2016-04-14 00:07 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll 2016-04-14 00:07 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2016-04-14 00:07 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe 2016-04-14 00:07 - 2016-03-29 08:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2016-04-14 00:07 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-04-14 00:07 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll 2016-04-14 00:07 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll 2016-04-14 00:07 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll 2016-04-14 00:07 - 2016-03-29 08:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2016-04-14 00:07 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll 2016-04-14 00:07 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll 2016-04-14 00:07 - 2016-03-29 08:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2016-04-14 00:07 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-04-14 00:07 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll 2016-04-14 00:07 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2016-04-14 00:07 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2016-04-14 00:07 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll 2016-04-14 00:07 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2016-04-14 00:07 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll 2016-04-14 00:07 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2016-04-14 00:07 - 2016-03-29 08:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-04-14 00:07 - 2016-03-29 08:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-04-14 00:07 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll 2016-04-14 00:07 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2016-04-14 00:07 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2016-04-14 00:07 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-04-14 00:07 - 2016-03-29 08:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2016-04-14 00:07 - 2016-03-29 08:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-04-14 00:07 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2016-04-14 00:07 - 2016-03-29 08:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2016-04-14 00:07 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2016-04-14 00:07 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2016-04-14 00:07 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2016-04-14 00:07 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2016-04-14 00:07 - 2016-03-29 08:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2016-04-14 00:07 - 2016-03-29 08:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2016-04-14 00:07 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll 2016-04-14 00:07 - 2016-03-29 08:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-04-14 00:07 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2016-04-14 00:07 - 2016-03-29 08:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2016-04-14 00:07 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2016-04-14 00:07 - 2016-03-29 08:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll 2016-04-14 00:07 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll 2016-04-14 00:07 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-04-14 00:07 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll 2016-04-14 00:07 - 2016-03-29 08:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-04-14 00:07 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-04-14 00:07 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-04-14 00:07 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll 2016-04-14 00:07 - 2016-03-29 08:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2016-04-14 00:07 - 2016-03-29 08:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-04-14 00:07 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2016-04-14 00:07 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2016-04-14 00:07 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2016-04-14 00:07 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2016-04-14 00:07 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2016-04-14 00:07 - 2016-03-29 08:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-04-14 00:07 - 2016-03-29 08:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-04-14 00:07 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll 2016-04-14 00:07 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2016-04-14 00:07 - 2016-03-29 08:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2016-04-14 00:07 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2016-04-14 00:07 - 2016-03-29 08:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-04-14 00:07 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2016-04-14 00:07 - 2016-03-29 08:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-04-14 00:07 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-04-14 00:07 - 2016-03-29 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-04-14 00:07 - 2016-03-29 07:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-04-14 00:07 - 2016-03-29 07:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-04-14 00:07 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2016-04-14 00:07 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll 2016-04-14 00:07 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-04-14 00:07 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2016-04-14 00:07 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-04-14 00:07 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2016-04-14 00:07 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll 2016-04-14 00:07 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll 2016-04-14 00:07 - 2016-03-29 07:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-04-14 00:07 - 2016-03-29 07:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-04-14 00:07 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2016-04-14 00:07 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll 2016-04-14 00:07 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2016-04-14 00:07 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll 2016-04-14 00:07 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2016-04-14 00:07 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll 2016-04-14 00:06 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys 2016-04-14 00:06 - 2016-03-29 10:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-04-14 00:06 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll 2016-04-14 00:06 - 2016-03-29 10:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2016-04-14 00:06 - 2016-03-29 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-04-14 00:06 - 2016-03-29 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2016-04-14 00:06 - 2016-03-29 09:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-04-14 00:06 - 2016-03-29 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-04-14 00:06 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll 2016-04-14 00:06 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-04-14 00:06 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll 2016-04-14 00:06 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2016-04-14 00:06 - 2016-03-29 09:14 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS 2016-04-14 00:06 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-04-14 00:06 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll 2016-04-14 00:06 - 2016-03-29 09:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-04-14 00:06 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-04-14 00:06 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll 2016-04-14 00:06 - 2016-03-29 09:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll 2016-04-14 00:06 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2016-04-14 00:06 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2016-04-14 00:06 - 2016-03-29 08:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2016-04-14 00:06 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll 2016-04-14 00:06 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2016-04-12 16:57 - 2016-04-12 17:19 - 00000000 ____D C:\Users\UNI\Desktop\HandyMusik 2016-04-11 15:57 - 2016-04-11 15:57 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010 2016-04-11 15:57 - 2016-04-11 15:57 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010 2016-04-11 15:56 - 2016-04-11 15:56 - 00000000 ____D C:\ProgramData\VS 2016-04-11 14:13 - 2016-04-11 14:13 - 00000000 ____D C:\Users\UNI\AppData\Local\MicrosoftEdge 2016-04-11 13:57 - 2016-04-11 13:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2016-04-11 13:34 - 2016-04-25 02:33 - 00002441 _____ C:\Users\UNI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-04-11 13:33 - 2016-04-11 13:33 - 00000000 ____D C:\Users\UNI\AppData\Local\NetworkTiles 2016-04-11 13:32 - 2016-04-11 13:32 - 00000000 ____D C:\Users\UNI\AppData\Local\ActiveSync 2016-04-11 13:31 - 2016-04-29 18:21 - 00000000 __SHD C:\Users\UNI\IntelGraphicsProfiles 2016-04-11 13:31 - 2016-04-11 13:31 - 00000000 ____D C:\Users\UNI\AppData\Local\TileDataLayer 2016-04-11 13:31 - 2016-04-11 13:31 - 00000000 ____D C:\Users\UNI\AppData\Local\Publishers 2016-04-11 13:31 - 2016-04-11 13:31 - 00000000 ____D C:\Users\UNI\AppData\Local\Comms 2016-04-11 13:30 - 2016-04-11 13:30 - 00000020 ___SH C:\Users\UNI\ntuser.ini 2016-04-11 13:02 - 2016-04-11 12:49 - 00000000 ___DC C:\WINDOWS\Panther 2016-04-11 12:59 - 2016-04-11 12:59 - 00000000 ____D C:\Windows.old 2016-04-11 12:57 - 2016-04-11 12:57 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2016-04-11 12:57 - 2016-04-11 12:57 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2016-04-11 12:57 - 2016-04-11 12:57 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2016-04-11 12:57 - 2016-04-11 12:57 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2016-04-11 12:57 - 2016-04-11 12:57 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll 2016-04-11 12:43 - 2016-04-11 12:43 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Vorlagen 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Startmenü 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 ____D C:\Program Files\Reference Assemblies 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 ____D C:\Program Files\MSBuild 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2016-04-11 12:41 - 2016-04-11 12:13 - 00000000 ____D C:\Program Files (x86)\MSBuild 2016-04-11 12:40 - 2015-10-23 18:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2016-04-11 12:40 - 2015-10-23 18:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2016-04-11 12:40 - 2015-10-23 18:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2016-04-11 12:40 - 2015-10-23 18:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2016-04-11 12:40 - 2015-10-23 18:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2016-04-11 12:40 - 2015-10-23 18:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2016-04-11 12:39 - 2016-04-11 12:39 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2016-04-11 12:39 - 2016-04-11 12:39 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2016-04-11 12:38 - 2016-04-11 12:38 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat 2016-04-11 12:31 - 2016-04-29 13:25 - 01802588 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-04-11 12:28 - 2016-04-11 12:28 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini 2016-04-11 12:21 - 2016-04-11 12:21 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-04-11 12:12 - 2016-04-11 12:21 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2016-04-11 12:11 - 2016-04-29 17:51 - 00000000 ____D C:\Users\UNI 2016-04-11 12:11 - 2016-04-29 12:52 - 00000000 ____D C:\Users\UpdatusUser 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Videos 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Vorlagen 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Startmenü 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Netzwerkumgebung 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Lokale Einstellungen 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Eigene Dateien 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Druckumgebung 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Documents\Eigene Videos 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Documents\Eigene Musik 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Documents\Eigene Bilder 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\AppData\Local\Verlauf 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\AppData\Local\Anwendungsdaten 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UNI\Anwendungsdaten 2016-04-11 12:08 - 2016-04-11 12:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-04-11 12:08 - 2016-04-11 12:14 - 00000000 ____D C:\ProgramData\NVIDIA 2016-04-11 12:08 - 2016-04-11 12:13 - 00000000 ____D C:\ProgramData\Conexant 2016-04-11 12:08 - 2016-04-11 12:13 - 00000000 ____D C:\Program Files\CONEXANT 2016-04-11 12:08 - 2016-04-11 12:08 - 00000000 ____H C:\ProgramData\DP45977C.lfl 2016-04-11 12:08 - 2016-04-11 12:08 - 00000000 ____D C:\WINDOWS\SysWOW64\sda 2016-04-11 12:08 - 2016-04-11 12:08 - 00000000 ____D C:\Program Files\Elantech 2016-04-11 12:08 - 2015-07-23 03:10 - 06873928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2016-04-11 12:08 - 2015-07-23 03:10 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2016-04-11 12:08 - 2015-07-23 03:10 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2016-04-11 12:08 - 2015-07-23 03:10 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2016-04-11 12:08 - 2015-07-23 03:10 - 00937800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2016-04-11 12:08 - 2015-07-23 03:10 - 00579912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll 2016-04-11 12:08 - 2015-07-23 03:10 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2016-04-11 12:08 - 2015-07-23 03:10 - 00074896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2016-04-11 12:08 - 2015-07-23 03:10 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2016-04-11 12:08 - 2015-07-22 06:29 - 05121613 _____ C:\WINDOWS\system32\nvcoproc.bin 2016-04-11 12:07 - 2016-04-11 12:13 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-04-11 12:07 - 2016-04-11 12:07 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2016-04-11 12:07 - 2016-04-11 12:07 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2016-04-11 12:07 - 2015-12-19 02:08 - 00103944 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2016-04-11 12:07 - 2015-12-19 02:08 - 00099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2016-04-11 12:06 - 2016-04-11 12:13 - 00000000 ____D C:\Program Files\Intel 2016-04-11 11:23 - 2016-04-11 12:39 - 00013338 _____ C:\WINDOWS\diagwrn.xml 2016-04-11 11:23 - 2016-04-11 12:39 - 00013338 _____ C:\WINDOWS\diagerr.xml 2016-04-01 17:42 - 2016-04-01 17:42 - 00734784 _____ (Oracle Corporation) C:\Users\UNI\Downloads\jxpiinstall(4).exe 2016-03-30 18:56 - 2016-03-30 18:56 - 00088372 _____ C:\Users\UNI\Desktop\Studienbescheinigung_334281_30.03.2016.pdf ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-04-29 18:22 - 2015-02-07 22:59 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-04-29 17:52 - 2016-02-13 19:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-04-29 17:52 - 2015-02-07 22:51 - 00000000 ____D C:\Program Files (x86)\Avira 2016-04-29 17:51 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-04-29 17:49 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-04-29 17:48 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF 2016-04-29 17:32 - 2015-02-07 22:51 - 00000000 ____D C:\ProgramData\Avira 2016-04-29 17:32 - 2014-09-17 23:56 - 00000000 ____D C:\ProgramData\Package Cache 2016-04-29 17:29 - 2015-02-07 23:01 - 00000000 ____D C:\Users\UNI\AppData\Roaming\Avira 2016-04-29 13:25 - 2016-02-13 18:59 - 00777804 _____ C:\WINDOWS\system32\perfh007.dat 2016-04-29 13:25 - 2016-02-13 18:59 - 00156080 _____ C:\WINDOWS\system32\perfc007.dat 2016-04-28 16:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-04-28 16:10 - 2016-02-13 19:30 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-04-28 14:52 - 2015-03-10 01:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-04-28 14:14 - 2015-02-07 22:59 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04319189e9b.job 2016-04-28 12:31 - 2015-02-07 22:47 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CA4DEE2A-E881-46E0-B4B0-079D45A23913} 2016-04-27 23:21 - 2015-02-08 22:27 - 00000000 ____D C:\Users\UNI\AppData\Local\Spotify 2016-04-27 23:18 - 2015-02-08 22:21 - 00000000 ____D C:\Users\UNI\AppData\Roaming\Spotify 2016-04-27 01:08 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-04-25 02:33 - 2015-02-07 20:41 - 00000000 __RDO C:\Users\UNI\OneDrive 2016-04-25 01:48 - 2015-02-07 23:53 - 00000000 ____D C:\Program Files (x86)\Steam 2016-04-25 00:02 - 2015-11-30 01:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy 2016-04-25 00:02 - 2015-11-30 01:54 - 00000000 ____D C:\Program Files\MotioninJoy 2016-04-22 01:20 - 2015-02-17 18:24 - 00000000 ____D C:\Users\UNI\AppData\Roaming\vlc 2016-04-21 01:27 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache 2016-04-18 13:33 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-04-18 13:25 - 2016-02-13 10:21 - 00245472 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-04-18 03:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-04-18 03:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-04-18 03:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2016-04-18 03:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-04-14 12:44 - 2015-02-09 23:56 - 00000000 ____D C:\Users\UNI\AppData\Local\Adobe 2016-04-14 00:17 - 2015-02-09 02:08 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-04-14 00:11 - 2015-02-09 02:08 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-04-13 14:41 - 2015-02-07 20:39 - 00000000 ____D C:\Users\UNI\AppData\Local\Packages 2016-04-12 13:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\appcompat 2016-04-11 22:04 - 2015-02-07 23:00 - 00002275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-04-11 22:04 - 2015-02-07 23:00 - 00002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-04-11 16:07 - 2015-04-20 12:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express 2016-04-11 15:59 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-04-11 13:31 - 2014-09-17 23:44 - 00000000 ___HD C:\Intel 2016-04-11 13:02 - 2015-10-30 09:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2016-04-11 12:58 - 2016-02-13 19:12 - 00000000 ____D C:\Program Files\Windows Journal 2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media 2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices 2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform 2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices 2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2016-04-11 12:58 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2016-04-11 12:58 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism 2016-04-11 12:54 - 2016-02-13 19:03 - 00000000 ____D C:\WINDOWS\OCR 2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm 2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN 2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr 2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\system32\winrm 2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\system32\WCN 2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\system32\slmgr 2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\F12 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\dsc 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\MiracastView 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\migwiz 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2016-04-11 12:50 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\servicing 2016-04-11 12:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2016-04-11 12:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\MUI 2016-04-11 12:41 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows NT 2016-04-11 12:41 - 2015-10-30 09:17 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll 2016-04-11 12:41 - 2015-10-30 09:17 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll 2016-04-11 12:41 - 2015-10-30 09:17 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll 2016-04-11 12:41 - 2015-10-30 09:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe 2016-04-11 12:40 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2016-04-11 12:40 - 2015-10-30 09:17 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe 2016-04-11 12:40 - 2015-10-30 09:17 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe 2016-04-11 12:40 - 2015-10-30 09:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll 2016-04-11 12:39 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Registration 2016-04-11 12:37 - 2015-03-08 15:05 - 00002764 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2016-04-11 12:37 - 2015-02-07 22:59 - 00003506 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d04319189e9b 2016-04-11 12:37 - 2015-02-07 22:59 - 00003498 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-04-11 12:37 - 2015-02-07 22:59 - 00003278 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-04-11 12:37 - 2015-02-07 20:44 - 00002812 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3051385857-1379960724-2999109445-1002 2016-04-11 12:37 - 2014-09-18 00:41 - 00002060 _____ C:\WINDOWS\System32\Tasks\PDVDServ Task 2016-04-11 12:37 - 2014-09-17 23:12 - 00002320 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3051385857-1379960724-2999109445-500 2016-04-11 12:32 - 2015-10-30 09:24 - 00000000 __RHD C:\Users\Public\Libraries 2016-04-11 12:31 - 2014-09-17 23:53 - 01799166 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2016-04-11 12:21 - 2016-03-12 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixMeister 2016-04-11 12:21 - 2015-09-25 16:48 - 00000000 ____D C:\WINDOWS\de 2016-04-11 12:21 - 2015-09-15 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-04-11 12:21 - 2015-09-04 22:09 - 00000000 ____D C:\Users\UNI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ 2016-04-11 12:21 - 2015-09-04 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DJUCED 18 2016-04-11 12:21 - 2015-08-05 12:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2016-04-11 12:21 - 2015-06-19 16:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2016-04-11 12:21 - 2015-04-23 15:49 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1 2016-04-11 12:21 - 2015-04-16 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dymola 2013 2016-04-11 12:21 - 2015-03-24 16:23 - 00000000 ____D C:\Users\UNI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center 2016-04-11 12:21 - 2015-03-24 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2016-04-11 12:21 - 2015-03-24 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-04-11 12:21 - 2015-02-28 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-04-11 12:21 - 2015-02-25 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher 2016-04-11 12:21 - 2015-02-17 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2016-04-11 12:21 - 2015-02-08 00:14 - 00000000 ____D C:\Program Files\Classic Shell 2016-04-11 12:21 - 2015-02-07 23:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2016-04-11 12:21 - 2014-09-18 00:39 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10 2016-04-11 12:21 - 2014-09-18 00:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo 2016-04-11 12:21 - 2014-09-18 00:34 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaStory 2016-04-11 12:21 - 2014-09-18 00:02 - 00000000 ____D C:\Program Files\Dolby Digital Plus 2016-04-11 12:21 - 2014-09-17 23:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2016-04-11 12:21 - 2014-09-17 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-04-11 12:21 - 2013-08-22 15:36 - 00000000 ____D C:\Users\Default.migrated 2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE 2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB 2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV 2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT 2016-04-11 12:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared 2016-04-11 12:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared 2016-04-11 12:15 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod 2016-04-11 12:15 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\et-EE 2016-04-11 12:15 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\en-GB 2016-04-11 12:14 - 2016-01-16 22:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2016-04-11 12:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-04-11 12:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\InputMethod 2016-04-11 12:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\MediaViewer 2016-04-11 12:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\ADFS 2016-04-11 12:13 - 2015-09-04 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DJUCED 2016-04-11 12:13 - 2015-09-04 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hercules 2016-04-11 12:13 - 2015-06-14 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games 2016-04-11 12:13 - 2014-09-18 00:35 - 00000000 ____D C:\ProgramData\Lenovo 2016-04-11 12:13 - 2014-09-18 00:35 - 00000000 ____D C:\Program Files\lenovo 2016-04-11 12:13 - 2014-09-18 00:35 - 00000000 ____D C:\Program Files (x86)\Lenovo 2016-04-11 12:13 - 2014-09-18 00:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hightail 2016-04-11 12:13 - 2014-09-17 23:52 - 00000000 ____D C:\Program Files (x86)\Realtek 2016-04-11 12:10 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-04-11 12:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Help 2016-04-11 11:30 - 2014-09-18 00:41 - 00012800 _____ C:\WINDOWS\system32\VfService.trf 2016-04-11 11:23 - 2016-02-13 20:35 - 00000000 ___HD C:\$WINDOWS.~BT 2016-04-09 13:13 - 2015-02-08 00:16 - 00000000 ____D C:\Users\UNI\AppData\Roaming\ClassicShell 2016-04-08 19:47 - 2015-05-04 01:12 - 00000000 ____D C:\Users\UNI\AppData\Local\ElevatedDiagnostics 2016-04-07 16:15 - 2015-02-10 17:32 - 02406400 ___SH C:\Users\UNI\Desktop\Thumbs.db 2016-04-06 20:32 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-04-06 20:32 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-04-01 19:02 - 2015-02-08 00:52 - 00000000 ____D C:\Users\UNI\AppData\Roaming\Skype 2016-04-01 17:45 - 2015-02-28 20:00 - 00000000 ____D C:\ProgramData\Oracle 2016-04-01 17:44 - 2015-12-23 01:40 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-04-01 17:44 - 2015-11-02 01:22 - 00000000 ____D C:\Users\UNI\.oracle_jre_usage 2016-04-01 17:44 - 2015-02-28 20:01 - 00000000 ____D C:\Program Files (x86)\Java ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-02-07 20:39 - 2016-04-11 11:23 - 0884004 _____ () C:\Users\UNI\AppData\Local\BTServer.log 2015-02-10 02:35 - 2015-06-24 23:24 - 0007601 _____ () C:\Users\UNI\AppData\Local\Resmon.ResmonCfg 2015-06-02 13:25 - 2015-06-02 13:25 - 0000000 _____ () C:\Users\UNI\AppData\Local\{497248A6-D5F2-4EBD-9352-1C7DA4C66689} 2015-12-27 02:56 - 2015-12-27 02:56 - 0000085 ___SH () C:\ProgramData\.zreglib 2015-02-09 23:34 - 2015-02-09 23:34 - 0000057 _____ () C:\ProgramData\Ament.ini 2016-04-11 12:08 - 2016-04-11 12:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== C:\Users\Administrator\AppData\Local\Temp\avgnt.exe C:\Users\UNI\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-04-25 18:43 ==================== Ende von FRST.txt ============================ |
29.04.2016, 17:40 | #11 |
| PC gehackt und Screenshots via Facebook verschickt Die Addition Log sieht wie folgt aus: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-04-2016 durchgeführt von UNI (2016-04-29 18:25:40) Gestartet von C:\Users\UNI\Desktop Windows 10 Home Version 1511 (X64) (2016-04-11 10:49:31) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-3051385857-1379960724-2999109445-500 - Administrator - Enabled) => C:\Users\Administrator DefaultAccount (S-1-5-21-3051385857-1379960724-2999109445-503 - Limited - Disabled) Gast (S-1-5-21-3051385857-1379960724-2999109445-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3051385857-1379960724-2999109445-1004 - Limited - Enabled) UNI (S-1-5-21-3051385857-1379960724-2999109445-1002 - Administrator - Enabled) => C:\Users\UNI UpdatusUser (S-1-5-21-3051385857-1379960724-2999109445-1001 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 15.06 beta (x64) (HKLM\...\7-Zip) (Version: 15.06 - Igor Pavlov) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated) Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.) Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.62 - Conexant) CopyTrans Control Center Uninstall Only (HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\CopyTrans Suite) (Version: 3.01 - WindSolutions) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve) CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden DJ Control Instinct (HKLM-x32\...\{931FD350-D575-47FE-A741-9517C4DDDA10}) (Version: 1.00.0000 - Guillemot) DJHERCULESMIX Products Series drivers (HKLM-x32\...\{33999F1F-EA46-4E55-A239-1BA803235396}) (Version: 4.HDJS.2015 - Guillemot Corporation) DJUCED 18° (HKLM-x32\...\{34F730A3-77BA-4741-A02A-D40762FEF274}) (Version: 1.0.97 - Guillemot) Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc) Dymola 2013 (HKLM-x32\...\{40EF555D-5BC4-4EAB-922B-1DD994EC40E6}) (Version: 13.0.282 - Dassault Systems) ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.) Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo) Energy Manager (x32 Version: 1.0.0.35 - Lenovo) Hidden Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games) Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.) Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation) Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2635973) (Version: 1 - Microsoft Corporation) HP Deskjet 2540 series - Grundlegende Software für das Gerät (HKLM\...\{E1F12296-09D5-4B82-9D2C-E54CC9FF1D15}) (Version: 30.0.1093.41190 - Hewlett-Packard Co.) HP Deskjet 2540 series Hilfe (HKLM-x32\...\{B3E5B153-CC4B-40F2-9802-288B0AF2A966}) (Version: 30.0.0 - Hewlett Packard) HP Support Solutions Framework (HKLM-x32\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.0.30.81 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.) Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation) Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.) Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.) Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.) Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 46.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0 (x86 de)) (Version: 46.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.0.5955 - Mozilla) NVIDIA GeForce Experience 1.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7 - NVIDIA Corporation) NVIDIA Grafiktreiber 332.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.33 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation) Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo) OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation) paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC) Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.) QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.) REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.805.802.010814 - REALTEK Semiconductor Corp.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek) REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0238 - REALTEK Semiconductor Corp.) Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix) Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.) Security Task Manager 2.1f (HKLM-x32\...\Security Task Manager) (Version: 2.1f - Neuber Software) Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) VirtualDJ 8 (HKLM-x32\...\{13E44DA9-FE06-4298-9179-BEF27214B47B}) (Version: 8.0.2094.0 - Atomix Productions) Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo) Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo) ZoneAlarm Antivirus (x32 Version: 14.1.048.000 - Check Point Software Technologies Ltd.) Hidden ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-3051385857-1379960724-2999109445-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\UNI\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {01044E07-E126-421A-9322-6025044076A3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {0ED93F3F-85F5-491C-8A82-8C359FEA9BEE} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG Task: {1C8556F6-1371-4B3D-AB98-C681CF08BCBB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG Task: {1F2F49C0-EED1-4C80-9E65-718510EA5106} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {2D6337A8-679F-4C4E-817F-4A79578ED778} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-14] (Microsoft Corporation) Task: {554CDFB6-DC49-4C95-8149-E73FCFF67D22} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-07] (Google Inc.) Task: {60E824C2-BC2D-4472-94E2-E1D39AF41CB2} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG Task: {62860EB0-2228-4165-9630-AC5AF0450FD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-07] (Google Inc.) Task: {71EA80FA-9CB3-4910-81DF-3E483434D909} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {89635FFC-A77D-4BD8-88C8-DE3A5A2E241F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo) Task: {8A01716D-ACC3-4B57-B324-C20C68587BBA} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG Task: {8E02C3E6-11B5-452B-8732-92B5556EFD2C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated) Task: {99D61BD2-0EE8-4F01-AA06-FDCAF3252F37} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {AD9B3702-B356-4CEE-B598-040227687DE9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {B810A7BE-66FD-4E61-8B5D-D1DCCC8E9D6D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {BF094C70-5E35-4812-AE3F-1B41B2DD570C} - System32\Tasks\GoogleUpdateTaskMachineUA1d04319189e9b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-07] (Google Inc.) Task: {C4F948B4-2FBD-452A-BF6F-D2C9FA366B40} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {DE66408B-3228-41BD-9ED7-4D0C24A8F8AA} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.) Task: {E395FCBC-1897-450F-8B0D-8347A4B5BBC4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {E51AF7B8-0976-43E5-892E-16C27550ECF3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {E6B51E2A-B1D1-42EF-94F7-CCAF98A4EABE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {E7D06876-5CD6-4FFC-97A0-8A138A9A7EF8} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] () (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04319189e9b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2014-09-18 00:39 - 2012-04-24 12:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-04-11 12:08 - 2015-07-23 03:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-04-14 00:07 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-14 00:07 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-04-25 02:33 - 2016-04-25 02:33 - 00959176 _____ () C:\Users\UNI\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll 2016-04-19 20:40 - 2016-04-19 20:41 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-12-19 02:08 - 2015-12-19 02:08 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe 2016-02-13 19:02 - 2016-02-13 19:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-04-14 00:06 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-04-14 00:07 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-04-14 00:07 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-04-14 00:07 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-04-14 00:07 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2014-09-18 00:00 - 2010-10-26 06:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe 2016-04-19 20:40 - 2016-04-19 20:41 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-04-19 20:40 - 2016-04-19 20:41 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-04-25 02:33 - 2016-04-25 02:33 - 00679624 _____ () C:\Users\UNI\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\ClientTelemetry.dll 2014-09-17 23:52 - 2013-09-16 21:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-3051385857-1379960724-2999109445-1001\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\UNI\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\reflections4.jpg DNS Servers: Datenträger ist nicht mit dem Internet verbunden. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\StartupApproved\Run: => "Spotify Web Helper" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [UDP Query User{CEFE383C-D24C-45C3-8A9F-0F291F7C8D34}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Block) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe FirewallRules: [TCP Query User{B3E9A836-107C-4A64-867A-BF64D1CE3991}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Block) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe FirewallRules: [{9AEDDD89-55B6-4887-89D2-A7FC9107A64C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C96D09BB-CBC0-4F42-92B7-DACF8038CE48}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{355F1E33-4B93-450D-9F3E-31F8CA46AAE5}] => (Allow) LPort=1900 FirewallRules: [{92CD0C81-7D18-4099-8C80-19731B09C34C}] => (Allow) LPort=2869 FirewallRules: [{50C680FD-F630-4227-AD9F-54377BA56EAC}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{ABE2C105-99A1-4496-A1D9-E4526DD24E43}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8 fix.exe FirewallRules: [{D6399097-5D44-458F-8AF9-1E677A487BF4}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8 fix.exe FirewallRules: [{FB0EE854-8EC3-4A2C-8EA1-F7E2B0043E00}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8.exe FirewallRules: [{E503346B-0B95-42F5-8840-64AC923D57BF}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8.exe FirewallRules: [UDP Query User{4F802E87-400C-4563-ABB9-87F76142A7E6}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Allow) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe FirewallRules: [TCP Query User{D461F6DD-13C3-4A0A-AF79-3C6EF69AE32A}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Allow) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe FirewallRules: [{D3C09483-BD71-435E-8879-B98BAE4481D6}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{B33F94FA-E6B9-4C98-B711-6D7818BD0DED}] => (Allow) LPort=5357 FirewallRules: [{A2FB1D09-1588-4899-9F78-07BAE6B6C8EF}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe FirewallRules: [UDP Query User{2C3558D6-3E3B-4D15-80FD-AA28289F1D74}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{9BC40B0A-A086-4A05-954B-35F960F8837D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{0C79AE82-A53D-48F6-B13B-7B3DD10E7A24}] => (Allow) C:\Users\UNI\AppData\Local\Temp\7zS50B8\HPDiagnosticCoreUI.exe FirewallRules: [{B78CD14A-3C02-40F4-93AA-73DEFE0453AB}] => (Allow) C:\Users\UNI\AppData\Local\Temp\7zS50B8\HPDiagnosticCoreUI.exe FirewallRules: [{DDC6E890-3BB4-4238-9F6F-D2731CD0EEA6}] => (Allow) C:\Users\UNI\AppData\Local\Temp\7zS507A\HPDiagnosticCoreUI.exe FirewallRules: [{64FA4642-3A13-456B-8666-882281C8E107}] => (Allow) C:\Users\UNI\AppData\Local\Temp\7zS507A\HPDiagnosticCoreUI.exe FirewallRules: [{5A8BAD8A-DE77-40DA-BE8D-0B87D1B5BAB4}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{203C9CFE-3C19-4FEE-B625-8D699D626DD6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{0380DC55-9582-4181-AA7D-5185EAE08093}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{FE985222-1F10-4D7A-B67F-1BD6CD467EBA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{0B42F863-0075-4AA4-8C24-756A391E4BD0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{A36D0CCD-3FAE-476E-83C4-7CCAD5FB3513}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C2DC8939-FD5F-4B46-995B-BED225818930}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{741E7EAE-D989-415F-80BF-15CD9F7C7324}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{440CEFA7-2E08-45C7-ACD3-62744A2847ED}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{B58A3D34-CF26-40A4-8351-68ADAA20B1AC}C:\users\UNI\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\UNI\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{93FF429B-A612-48B4-9AAD-7391B670E0D7}C:\users\UNI\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\UNI\appdata\roaming\spotify\spotify.exe FirewallRules: [{A269F050-2E1C-4786-8923-80096CD04F87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{8E690514-08F3-4D34-A2F0-AB367BF1BCDC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [UDP Query User{E231306D-466C-48E3-B3B9-85D18926E04D}C:\users\UNI\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\UNI\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{05E1788C-1FC3-4E5A-915E-D5AEAE38D081}C:\users\UNI\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\UNI\appdata\roaming\spotify\spotify.exe FirewallRules: [{2CE7DCAF-1612-45E0-B63E-8C819302E26B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [{C8F97C20-B1C2-46A4-A46E-957858FD8869}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [{1971CD84-ACCD-4F05-983B-0D0C2AAD84EE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{2570C57E-B1BC-4161-8CC2-2C32E0B612DF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{AB5289FF-B7C6-4B1F-9315-0BC35E0A233C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{67B2FE43-2117-4C61-885E-B2FD11B920BD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{4DA3ECC4-FC85-44DD-8106-6D382FA707A5}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe FirewallRules: [{3BCBB21E-0780-4655-93EE-980FE9029C61}] => (Allow) LPort=55100 FirewallRules: [{CA4A1513-F2E1-48D1-9B3A-726FD4C8B4E9}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE FirewallRules: [{4B4379A0-9983-49BC-BC73-2EFB29145779}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{27DD41BD-25CA-4288-AFF4-E6BF8587B7BF}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{0B42F4B5-3FBB-44C8-B924-1BA7B630396D}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe FirewallRules: [{C548901B-A7EF-4772-BF3D-5512915BBD8F}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe FirewallRules: [{A46F13CA-72AC-4292-B13E-DD960C1727A4}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe FirewallRules: [{5AE63078-F1F6-488D-9125-9FDCFFD37A7E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe FirewallRules: [{DDEC3351-80A9-417F-ABBB-50D745817DF3}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{993B0402-90EE-4026-929B-97D59670C539}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{74FA38CF-9061-4843-B660-34066DB08651}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{6443ECF1-E0F3-4FF5-A278-072D53617836}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{0CF7EB76-D013-4A67-9E70-39C40F34E8D0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{C43D9CF1-D83A-481E-BA81-C246BA006216}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{FD253542-9DE2-4C54-A058-AF2F7A220F2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{9C2B2186-C84F-4B04-9A03-8671D5CE66C2}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{77B6C35F-F7D6-480F-A1EA-91458D142107}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{9DD59E56-3542-48DB-9B6A-34A1D20920D1}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{558F65A3-09B1-40AA-9B64-5EBFD8AED31B}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe ==================== Wiederherstellungspunkte ========================= ACHTUNG: Systemwiederherstellung ist deaktiviert ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (04/29/2016 06:21:04 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1685578 Error: (04/29/2016 06:21:04 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1685578 Error: (04/29/2016 06:21:04 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/29/2016 05:53:00 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1094 Error: (04/29/2016 05:53:00 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1094 Error: (04/29/2016 05:53:00 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/29/2016 05:51:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba Name des fehlerhaften Moduls: ESENT.dll, Version: 10.0.10586.212, Zeitstempel: 0x56fa1686 Ausnahmecode: 0xc0000602 Fehleroffset: 0x000000000022885f ID des fehlerhaften Prozesses: 0xa0c Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0 Pfad der fehlerhaften Anwendung: svchost.exe1 Pfad des fehlerhaften Moduls: svchost.exe2 Berichtskennung: svchost.exe3 Vollständiger Name des fehlerhaften Pakets: svchost.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5 Error: (04/29/2016 05:51:53 PM) (Source: ESENT) (EventID: 908) (User: ) Description: svchost (2572) Der Prozess wird aufgrund eines nicht behebbaren Fehlers beendet: PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1603(fucb.cxx:359): dllentry.cxx(103) (ESENT[10.0.10586.0] RETAIL RTM MBCS) Error: (04/29/2016 05:50:35 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: LENOVO-PC) Description: Die Anwendung oder der Dienst "ZoneAlarm Privacy Service" konnte nicht heruntergefahren werden. Error: (04/29/2016 05:50:35 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: LENOVO-PC) Description: Die Anwendung oder der Dienst "ZoneAlarm Privacy Service" konnte nicht heruntergefahren werden. Systemfehler: ============= Error: (04/29/2016 05:52:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (04/29/2016 05:51:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "StateRepository-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts. Error: (04/29/2016 05:51:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenzugriff_3676e" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (04/29/2016 05:51:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenspeicher _3676e" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (04/29/2016 05:51:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Kontaktdaten_3676e" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (04/29/2016 05:51:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Synchronisierungshost_3676e" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (04/29/2016 05:51:51 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (04/29/2016 05:48:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "TrueVector Internet Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (04/29/2016 05:27:19 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 29.04.2016 um 14:02:28 unerwartet heruntergefahren. Error: (04/29/2016 01:44:16 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC) Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF} CodeIntegrity: =================================== Date: 2016-04-18 13:35:57.572 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-18 13:26:41.335 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-14 12:46:40.805 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-11 16:00:34.354 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-11 13:46:49.302 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-11 12:33:49.290 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-11 12:26:25.190 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-04-11 12:04:38.922 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz Prozentuale Nutzung des RAM: 22% Installierter physikalischer RAM: 8084.27 MB Verfügbarer physikalischer RAM: 6242.68 MB Summe virtueller Speicher: 9364.27 MB Verfügbarer virtueller Speicher: 7580.54 MB ==================== Laufwerke ================================ Drive c: (Windows8_OS) (Fixed) (Total:889.49 GB) (Free:770.57 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.68 GB) NTFS Drive f: () (Removable) (Total:3.74 GB) (Free:3.44 GB) FAT32 ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 96AEBC74) Partition: GPT. ======================================================== Disk: 1 (Size: 3.8 GB) (Disk ID: EC10B82D) Partition 1: (Not Active) - (Size=3.8 GB) - (Type=0B) ==================== Ende von Addition.txt ============================ Liebe Grüße, CaptainM |
30.04.2016, 19:53 | #12 |
/// Malwareteam | PC gehackt und Screenshots via Facebook verschickt okay sehr gut bislang Schritt 1 Lade dir folgendes Programm herunter und installiere es: Malwarebytes Anti-Malware Hier findest du dazu eine bebilderte Anleitung
Schritt 2 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 3 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen. Bitte poste in deiner nächsten Antwort also:
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
01.05.2016, 21:54 | #13 |
| PC gehackt und Screenshots via Facebook verschickt Habe alle Tests ausgeführt, allerdings muss ich dazu sagen, dass es sich dabei um den zweiten Suchlauf mit AdwCleaner handelt und ich bereits am Tag nach dem Vorfall einen Durchlauf gemacht habe, bei dem es einige Funde gab. Bei dem jetzigen Durchlauf wurde fast nichts gefunden. Ich kann auch den Bericht des ersten Durchlaufs noch posten. Eine weitere wichtige Sache ist, dass ich mit dem Laptop, auf dem es den Vorfall gab, während der gesamten letzten Tage und der von dir geforderten Tests nicht mehr mit dem Internet verbunden war und dadurch auch z.B. Malwarebites Anti-Malware die Datenbank vor dem Suchlauf nicht mehr aktualisiert hat. Falls das Auswirkungen auf die Ergebnisse der Tests hat, kann ich diese auch nochmal wiederholen. Hier ist die mbam.txt: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 01.05.2016 Suchlaufzeit: 21:08 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.02.16.06 Rootkit-Datenbank: v2016.02.08.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Uni Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 490911 Abgelaufene Zeit: 46 Min., 12 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Update, 01.05.2016 21:06, SYSTEM, LENOVO-PC, Manual, Failed, No Internet connection detected, Update, 01.05.2016 21:08, SYSTEM, LENOVO-PC, Manual, Failed, No Internet connection detected, Scan, 01.05.2016 21:54, SYSTEM, LENOVO-PC, Manual, Start: 01.05.2016 21:08, Dauer: 46 Min. 12 Sek., Bedrohungssuchlauf, Abgeschlossen, 0 Malware-Erkennung, 0 Nicht-Malware-Erkennungen, (end) Code:
ATTFilter # AdwCleaner v5.114 - Bericht erstellt am 01/05/2016 um 22:27:35 # Aktualisiert am 27/04/2016 von Xplode # Datenbank : 2016-04-27.1 [Lokal] # Betriebssystem : Windows 10 Home (X64) # Benutzername : UNI - LENOVO-PC # Gestartet von : F:\AdwCleaner_5.114.exe # Option : Löschen # Unterstützung : hxxp://toolslib.net/forum ***** [ Dienste ] ***** ***** [ Ordner ] ***** [-] Ordner gelöscht : C:\ProgramData\SecTaskMan ***** [ Dateien ] ***** ***** [ DLLs ] ***** ***** [ WMI ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** ***** [ Registrierungsdatenbank ] ***** ***** [ Internetbrowser ] ***** ************************* :: "Tracing" Schlüssel gelöscht :: Proxy Einstellungen zurückgesetzt :: Winsock Einstellungen zurückgesetzt :: Internet Explorer Richtlinien gelöscht :: Chrome Richtlinien gelöscht ************************* C:\AdwCleaner\AdwCleaner[C1].txt - [3659 Bytes] - [28/04/2016 13:03:30] C:\AdwCleaner\AdwCleaner[C2].txt - [1002 Bytes] - [01/05/2016 22:27:35] C:\AdwCleaner\AdwCleaner[S1].txt - [3615 Bytes] - [28/04/2016 12:57:20] C:\AdwCleaner\AdwCleaner[S2].txt - [351 Bytes] - [28/04/2016 16:02:30] C:\AdwCleaner\AdwCleaner[S3].txt - [1092 Bytes] - [28/04/2016 16:26:31] C:\AdwCleaner\AdwCleaner[S4].txt - [1159 Bytes] - [28/04/2016 22:10:25] C:\AdwCleaner\AdwCleaner[S5].txt - [1216 Bytes] - [01/05/2016 22:26:06] ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1439 Bytes] ########## Die Addition.txt: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-04-2016 durchgeführt von Uni (2016-05-01 22:32:17) Gestartet von C:\Users\Uni\Desktop Windows 10 Home Version 1511 (X64) (2016-04-11 10:49:31) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-3051385857-1379960724-2999109445-500 - Administrator - Enabled) => C:\Users\Administrator DefaultAccount (S-1-5-21-3051385857-1379960724-2999109445-503 - Limited - Disabled) Gast (S-1-5-21-3051385857-1379960724-2999109445-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3051385857-1379960724-2999109445-1004 - Limited - Enabled) Uni (S-1-5-21-3051385857-1379960724-2999109445-1002 - Administrator - Enabled) => C:\Users\Uni UpdatusUser (S-1-5-21-3051385857-1379960724-2999109445-1001 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 15.06 beta (x64) (HKLM\...\7-Zip) (Version: 15.06 - Igor Pavlov) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated) Apple Application Support (32-Bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.) Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.62 - Conexant) CopyTrans Control Center Uninstall Only (HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\CopyTrans Suite) (Version: 3.01 - WindSolutions) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve) CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden DJ Control Instinct (HKLM-x32\...\{931FD350-D575-47FE-A741-9517C4DDDA10}) (Version: 1.00.0000 - Guillemot) DJHERCULESMIX Products Series drivers (HKLM-x32\...\{33999F1F-EA46-4E55-A239-1BA803235396}) (Version: 4.HDJS.2015 - Guillemot Corporation) DJUCED 18° (HKLM-x32\...\{34F730A3-77BA-4741-A02A-D40762FEF274}) (Version: 1.0.97 - Guillemot) Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc) Dymola 2013 (HKLM-x32\...\{40EF555D-5BC4-4EAB-922B-1DD994EC40E6}) (Version: 13.0.282 - Dassault Systems) ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.) Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo) Energy Manager (x32 Version: 1.0.0.35 - Lenovo) Hidden Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games) Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.) Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation) Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2635973) (Version: 1 - Microsoft Corporation) HP Deskjet 2540 series - Grundlegende Software für das Gerät (HKLM\...\{E1F12296-09D5-4B82-9D2C-E54CC9FF1D15}) (Version: 30.0.1093.41190 - Hewlett-Packard Co.) HP Deskjet 2540 series Hilfe (HKLM-x32\...\{B3E5B153-CC4B-40F2-9802-288B0AF2A966}) (Version: 30.0.0 - Hewlett Packard) HP Support Solutions Framework (HKLM-x32\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.0.30.81 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.) Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation) Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.) Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.) Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.) Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 46.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0 (x86 de)) (Version: 46.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.0.5955 - Mozilla) NVIDIA GeForce Experience 1.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7 - NVIDIA Corporation) NVIDIA Grafiktreiber 332.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.33 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation) Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo) OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation) paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC) Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.) QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.) REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.805.802.010814 - REALTEK Semiconductor Corp.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek) REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0238 - REALTEK Semiconductor Corp.) Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix) Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.) Security Task Manager 2.1f (HKLM-x32\...\Security Task Manager) (Version: 2.1f - Neuber Software) Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.) Spotify (HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) VirtualDJ 8 (HKLM-x32\...\{13E44DA9-FE06-4298-9179-BEF27214B47B}) (Version: 8.0.2094.0 - Atomix Productions) Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo) Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo) ZoneAlarm Antivirus (x32 Version: 14.1.048.000 - Check Point Software Technologies Ltd.) Hidden ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-3051385857-1379960724-2999109445-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Uni\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {01044E07-E126-421A-9322-6025044076A3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {0ED93F3F-85F5-491C-8A82-8C359FEA9BEE} - \CCleanerSkipUAC -> Keine Datei <==== ACHTUNG Task: {1C8556F6-1371-4B3D-AB98-C681CF08BCBB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG Task: {1F2F49C0-EED1-4C80-9E65-718510EA5106} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {2D6337A8-679F-4C4E-817F-4A79578ED778} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-14] (Microsoft Corporation) Task: {554CDFB6-DC49-4C95-8149-E73FCFF67D22} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-07] (Google Inc.) Task: {60E824C2-BC2D-4472-94E2-E1D39AF41CB2} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG Task: {62860EB0-2228-4165-9630-AC5AF0450FD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-07] (Google Inc.) Task: {71EA80FA-9CB3-4910-81DF-3E483434D909} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {89635FFC-A77D-4BD8-88C8-DE3A5A2E241F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo) Task: {8A01716D-ACC3-4B57-B324-C20C68587BBA} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG Task: {8E02C3E6-11B5-452B-8732-92B5556EFD2C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated) Task: {99D61BD2-0EE8-4F01-AA06-FDCAF3252F37} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {AD9B3702-B356-4CEE-B598-040227687DE9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {B810A7BE-66FD-4E61-8B5D-D1DCCC8E9D6D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {BF094C70-5E35-4812-AE3F-1B41B2DD570C} - System32\Tasks\GoogleUpdateTaskMachineUA1d04319189e9b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-07] (Google Inc.) Task: {C4F948B4-2FBD-452A-BF6F-D2C9FA366B40} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {DE66408B-3228-41BD-9ED7-4D0C24A8F8AA} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.) Task: {E395FCBC-1897-450F-8B0D-8347A4B5BBC4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {E51AF7B8-0976-43E5-892E-16C27550ECF3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {E6B51E2A-B1D1-42EF-94F7-CCAF98A4EABE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {E7D06876-5CD6-4FFC-97A0-8A138A9A7EF8} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] () (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04319189e9b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-04-11 12:08 - 2015-07-23 03:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-09-18 00:39 - 2012-04-24 12:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-04-14 00:07 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-14 00:07 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-04-25 02:33 - 2016-04-25 02:33 - 00959176 _____ () C:\Users\Uni\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll 2016-04-19 20:40 - 2016-04-19 20:41 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-02-13 19:02 - 2016-02-13 19:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-04-14 00:06 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-12-19 02:08 - 2015-12-19 02:08 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe 2016-04-14 00:07 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-04-14 00:07 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-04-14 00:07 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-04-14 00:07 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2014-09-18 00:00 - 2010-10-26 06:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe 2016-04-19 20:40 - 2016-04-19 20:41 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-04-19 20:40 - 2016-04-19 20:41 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-04-25 02:33 - 2016-04-25 02:33 - 00679624 _____ () C:\Users\Uni\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\ClientTelemetry.dll 2014-09-17 23:52 - 2013-09-16 21:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-3051385857-1379960724-2999109445-1001\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Uni\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\reflections4.jpg DNS Servers: Datenträger ist nicht mit dem Internet verbunden. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\StartupApproved\Run: => "Spotify Web Helper" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [UDP Query User{CEFE383C-D24C-45C3-8A9F-0F291F7C8D34}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Block) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe FirewallRules: [TCP Query User{B3E9A836-107C-4A64-867A-BF64D1CE3991}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Block) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe FirewallRules: [{9AEDDD89-55B6-4887-89D2-A7FC9107A64C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C96D09BB-CBC0-4F42-92B7-DACF8038CE48}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{355F1E33-4B93-450D-9F3E-31F8CA46AAE5}] => (Allow) LPort=1900 FirewallRules: [{92CD0C81-7D18-4099-8C80-19731B09C34C}] => (Allow) LPort=2869 FirewallRules: [{50C680FD-F630-4227-AD9F-54377BA56EAC}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{ABE2C105-99A1-4496-A1D9-E4526DD24E43}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8 fix.exe FirewallRules: [{D6399097-5D44-458F-8AF9-1E677A487BF4}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8 fix.exe FirewallRules: [{FB0EE854-8EC3-4A2C-8EA1-F7E2B0043E00}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8.exe FirewallRules: [{E503346B-0B95-42F5-8840-64AC923D57BF}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8.exe FirewallRules: [UDP Query User{4F802E87-400C-4563-ABB9-87F76142A7E6}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Allow) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe FirewallRules: [TCP Query User{D461F6DD-13C3-4A0A-AF79-3C6EF69AE32A}C:\program files\guillemot\hdjtray\hdjseries2traybar.exe] => (Allow) C:\program files\guillemot\hdjtray\hdjseries2traybar.exe FirewallRules: [{D3C09483-BD71-435E-8879-B98BAE4481D6}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{B33F94FA-E6B9-4C98-B711-6D7818BD0DED}] => (Allow) LPort=5357 FirewallRules: [{A2FB1D09-1588-4899-9F78-07BAE6B6C8EF}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe FirewallRules: [UDP Query User{2C3558D6-3E3B-4D15-80FD-AA28289F1D74}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{9BC40B0A-A086-4A05-954B-35F960F8837D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{0C79AE82-A53D-48F6-B13B-7B3DD10E7A24}] => (Allow) C:\Users\Uni\AppData\Local\Temp\7zS50B8\HPDiagnosticCoreUI.exe FirewallRules: [{B78CD14A-3C02-40F4-93AA-73DEFE0453AB}] => (Allow) C:\Users\Uni\AppData\Local\Temp\7zS50B8\HPDiagnosticCoreUI.exe FirewallRules: [{DDC6E890-3BB4-4238-9F6F-D2731CD0EEA6}] => (Allow) C:\Users\Uni\AppData\Local\Temp\7zS507A\HPDiagnosticCoreUI.exe FirewallRules: [{64FA4642-3A13-456B-8666-882281C8E107}] => (Allow) C:\Users\Uni\AppData\Local\Temp\7zS507A\HPDiagnosticCoreUI.exe FirewallRules: [{5A8BAD8A-DE77-40DA-BE8D-0B87D1B5BAB4}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{203C9CFE-3C19-4FEE-B625-8D699D626DD6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{0380DC55-9582-4181-AA7D-5185EAE08093}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{FE985222-1F10-4D7A-B67F-1BD6CD467EBA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{0B42F863-0075-4AA4-8C24-756A391E4BD0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{A36D0CCD-3FAE-476E-83C4-7CCAD5FB3513}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C2DC8939-FD5F-4B46-995B-BED225818930}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{741E7EAE-D989-415F-80BF-15CD9F7C7324}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{440CEFA7-2E08-45C7-ACD3-62744A2847ED}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{B58A3D34-CF26-40A4-8351-68ADAA20B1AC}C:\users\Uni\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\Uni\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{93FF429B-A612-48B4-9AAD-7391B670E0D7}C:\users\Uni\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\Uni\appdata\roaming\spotify\spotify.exe FirewallRules: [{A269F050-2E1C-4786-8923-80096CD04F87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{8E690514-08F3-4D34-A2F0-AB367BF1BCDC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [UDP Query User{E231306D-466C-48E3-B3B9-85D18926E04D}C:\users\Uni\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\Uni\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{05E1788C-1FC3-4E5A-915E-D5AEAE38D081}C:\users\Uni\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\Uni\appdata\roaming\spotify\spotify.exe FirewallRules: [{2CE7DCAF-1612-45E0-B63E-8C819302E26B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [{C8F97C20-B1C2-46A4-A46E-957858FD8869}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [{1971CD84-ACCD-4F05-983B-0D0C2AAD84EE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{2570C57E-B1BC-4161-8CC2-2C32E0B612DF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{AB5289FF-B7C6-4B1F-9315-0BC35E0A233C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{67B2FE43-2117-4C61-885E-B2FD11B920BD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{4DA3ECC4-FC85-44DD-8106-6D382FA707A5}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe FirewallRules: [{3BCBB21E-0780-4655-93EE-980FE9029C61}] => (Allow) LPort=55100 FirewallRules: [{CA4A1513-F2E1-48D1-9B3A-726FD4C8B4E9}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE FirewallRules: [{4B4379A0-9983-49BC-BC73-2EFB29145779}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{27DD41BD-25CA-4288-AFF4-E6BF8587B7BF}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{0B42F4B5-3FBB-44C8-B924-1BA7B630396D}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe FirewallRules: [{C548901B-A7EF-4772-BF3D-5512915BBD8F}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe FirewallRules: [{A46F13CA-72AC-4292-B13E-DD960C1727A4}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe FirewallRules: [{5AE63078-F1F6-488D-9125-9FDCFFD37A7E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe FirewallRules: [{DDEC3351-80A9-417F-ABBB-50D745817DF3}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{993B0402-90EE-4026-929B-97D59670C539}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{74FA38CF-9061-4843-B660-34066DB08651}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{6443ECF1-E0F3-4FF5-A278-072D53617836}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{0CF7EB76-D013-4A67-9E70-39C40F34E8D0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{C43D9CF1-D83A-481E-BA81-C246BA006216}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{FD253542-9DE2-4C54-A058-AF2F7A220F2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{9C2B2186-C84F-4B04-9A03-8671D5CE66C2}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{77B6C35F-F7D6-480F-A1EA-91458D142107}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{9DD59E56-3542-48DB-9B6A-34A1D20920D1}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{558F65A3-09B1-40AA-9B64-5EBFD8AED31B}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe ==================== Wiederherstellungspunkte ========================= ACHTUNG: Systemwiederherstellung ist deaktiviert ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (04/29/2016 06:30:19 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1172 Error: (04/29/2016 06:30:19 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1172 Error: (04/29/2016 06:30:19 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/29/2016 06:21:04 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1685578 Error: (04/29/2016 06:21:04 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1685578 Error: (04/29/2016 06:21:04 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/29/2016 05:53:00 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1094 Error: (04/29/2016 05:53:00 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1094 Error: (04/29/2016 05:53:00 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/29/2016 05:51:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba Name des fehlerhaften Moduls: ESENT.dll, Version: 10.0.10586.212, Zeitstempel: 0x56fa1686 Ausnahmecode: 0xc0000602 Fehleroffset: 0x000000000022885f ID des fehlerhaften Prozesses: 0xa0c Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0 Pfad der fehlerhaften Anwendung: svchost.exe1 Pfad des fehlerhaften Moduls: svchost.exe2 Berichtskennung: svchost.exe3 Vollständiger Name des fehlerhaften Pakets: svchost.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5 Systemfehler: ============= Error: (05/01/2016 10:28:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenzugriff_1fa41b" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/01/2016 10:28:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenspeicher _1fa41b" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/01/2016 10:28:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Kontaktdaten_1fa41b" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/01/2016 10:28:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Synchronisierungshost_1fa41b" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/01/2016 10:28:18 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (04/29/2016 06:30:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenzugriff_95079" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (04/29/2016 06:30:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenspeicher _95079" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (04/29/2016 06:30:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Kontaktdaten_95079" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (04/29/2016 06:30:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Synchronisierungshost_95079" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (04/29/2016 06:30:11 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar CodeIntegrity: =================================== Date: 2016-05-01 22:14:24.357 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-01 22:14:24.330 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-01 22:14:03.996 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-01 22:14:03.984 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-01 22:14:03.959 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-01 22:14:03.948 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-01 22:14:02.133 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-01 22:14:02.121 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-01 22:14:02.094 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-05-01 22:14:02.082 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz Prozentuale Nutzung des RAM: 21% Installierter physikalischer RAM: 8084.27 MB Verfügbarer physikalischer RAM: 6375.25 MB Summe virtueller Speicher: 9364.27 MB Verfügbarer virtueller Speicher: 7713.47 MB ==================== Laufwerke ================================ Drive c: (Windows8_OS) (Fixed) (Total:889.49 GB) (Free:770.51 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.68 GB) NTFS Drive f: () (Removable) (Total:3.74 GB) (Free:3.42 GB) FAT32 ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 96AEBC74) Partition: GPT. ======================================================== Disk: 1 (Size: 3.8 GB) (Disk ID: EC10B82D) Partition 1: (Not Active) - (Size=3.8 GB) - (Type=0B) ==================== Ende von Addition.txt ============================ |
01.05.2016, 21:56 | #14 |
| PC gehackt und Screenshots via Facebook verschickt Die FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-04-2016 durchgeführt von Uni (Administrator) auf LENOVO-PC (01-05-2016 22:30:36) Gestartet von C:\Users\Uni\Desktop Geladene Profile: UpdatusUser & Uni (Verfügbare Profile: UpdatusUser & Uni & Administrator) Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Edge) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe (LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe (Guillemot Corporation ®) C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Realtek semiconductor) C:\Windows\RTFTrack.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe (Lenovo) C:\Program Files\lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (DJHERCULESMIX®) C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (DJHERCULESMIX®) C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\HDJSeriesCPL.exe (DJHERCULESMIX®) C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\cpl2\HDJSeries2CPL.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.) HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5060864 2015-06-16] (Realtek semiconductor) HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [402344 2015-12-19] () HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe" HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe" HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-04] (Conexant Systems, Inc.) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] () HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo) HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-09-18] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-09-18] (Lenovo(beijing) Limited) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.) HKLM\...\Run: [Hercules DJ Series TrayAgent] => C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe [1817248 2015-06-17] (DJHERCULESMIX®) HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-3051385857-1379960724-2999109445-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation) HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation) HKU\S-1-5-18\...\Run: [ZoneAlarm Windows 10 Upgrader] => "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.) ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.) ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.) ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.) ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.) ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.) ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) CHR HKU\S-1-5-21-3051385857-1379960724-2999109445-1001\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1 Tcpip\..\Interfaces\{1b699058-3915-4380-a5bc-f14d4d7fb6f8}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{55033769-0caa-4633-90fa-9ee58816cc7f}: [DhcpNameServer] 192.168.2.1 192.168.2.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com HKU\S-1-5-21-3051385857-1379960724-2999109445-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-01] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-01] (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\Uni\AppData\Roaming\Mozilla\Firefox\Profiles\louw1oEV.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-14] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-14] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-01] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-01] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.) FF Extension: Avira Browser Safety - C:\Users\Uni\AppData\Roaming\Mozilla\Firefox\Profiles\louw1oEV.default\Extensions\abs@avira.com [2016-04-14] FF Extension: Ghostery - C:\Users\Uni\AppData\Roaming\Mozilla\Firefox\Profiles\louw1oEV.default\Extensions\firefox@ghostery.com.xpi [2016-03-30] FF Extension: Adblock Plus - C:\Users\Uni\AppData\Roaming\Mozilla\Firefox\Profiles\louw1oEV.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-27] Chrome: ======= CHR HomePage: Default -> hxxps://startpage.com/ CHR StartupUrls: Default -> "hxxp://www.google.de/" CHR Profile: C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-07] CHR Extension: (Google Docs) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07] CHR Extension: (Google Drive) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Agar.io Mods) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmofencpfjfladdmoiflekmblmhflbkp [2015-06-24] CHR Extension: (Google-Suche) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Google Tabellen) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-07] CHR Extension: (Avira Browserschutz) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-04-12] CHR Extension: (Google Docs Offline) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (AdBlock) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-18] CHR Extension: (Java for Web Pages) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpomcmpdonjdffeabllcklpbnfdknnko [2015-02-28] CHR Extension: (Ghostery) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-02-20] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03] CHR Extension: (Google Mail) - C:\Users\Uni\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.) R2 HerculesDJControlMP3; C:\Program Files\DJHERCULESMIX\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [91136 2015-04-17] (Guillemot Corporation ®) [Datei ist nicht signiert] S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company) S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo) R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.) R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-18] (Lenovo(beijing) Limited) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek ) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [593624 2015-03-11] (Realtek Semiconductor Corporation) R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3068160 2015-06-16] (Realtek Semiconductor Corp.) R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [3445248 2015-10-30] (Realtek Semiconductor Corporation ) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-01 22:30 - 2016-05-01 22:31 - 00019820 _____ C:\Users\Uni\Desktop\FRST.txt 2016-05-01 21:06 - 2016-05-01 21:08 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-05-01 21:06 - 2016-05-01 21:06 - 00001186 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-05-01 21:06 - 2016-05-01 21:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-05-01 21:06 - 2016-05-01 21:06 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-05-01 21:06 - 2016-05-01 21:06 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-05-01 21:06 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-05-01 21:06 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-05-01 21:06 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-04-29 18:29 - 2016-04-29 18:29 - 00000000 ____D C:\Users\Uni\Desktop\Neu 2016-04-29 18:23 - 2016-04-29 18:24 - 00000000 ____D C:\Users\Uni\Desktop\Alt 2016-04-29 13:37 - 2016-04-29 13:43 - 00275710 _____ C:\TDSSKiller.3.1.0.9_29.04.2016_13.37.33_log.txt 2016-04-29 13:36 - 2016-04-29 13:36 - 00000560 _____ C:\TDSSKiller.3.1.0.9_29.04.2016_13.36.16_log.txt 2016-04-29 13:34 - 2016-04-29 13:08 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Uni\Desktop\tdsskiller.exe 2016-04-29 13:27 - 2016-05-01 22:30 - 00000000 ____D C:\FRST 2016-04-29 13:26 - 2016-04-29 13:06 - 02376704 _____ (Farbar) C:\Users\Uni\Desktop\FRST64.exe 2016-04-28 20:47 - 2016-05-01 22:29 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-04-28 20:45 - 2016-04-28 20:45 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla 2016-04-28 20:45 - 2016-04-28 20:45 - 00000000 ____D C:\Users\Administrator\AppData\Local\Mozilla 2016-04-28 17:15 - 2016-04-28 17:15 - 00000000 ____D C:\Program Files\Common Files\AV 2016-04-28 16:54 - 2016-04-28 16:54 - 00000000 ____D C:\ProgramData\CheckPoint 2016-04-28 16:51 - 2016-04-28 16:54 - 03412200 _____ (Check Point Software Technologies Ltd.) C:\Users\Administrator\Downloads\zaSetupWeb_141_048_000.exe 2016-04-28 16:29 - 2016-04-28 16:35 - 222776824 _____ (COMODO) C:\Users\Administrator\Downloads\cfw5005_installer_6106_53.exe 2016-04-28 16:15 - 2016-04-28 16:15 - 00000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics 2016-04-28 16:13 - 2016-04-28 16:13 - 00002429 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-04-28 16:13 - 2016-04-28 16:13 - 00000000 ___RD C:\Users\Administrator\OneDrive 2016-04-28 16:13 - 2016-04-28 16:13 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation 2016-04-28 16:13 - 2016-04-28 16:13 - 00000000 ____D C:\Users\Administrator\AppData\Local\ActiveSync 2016-04-28 16:11 - 2016-04-28 16:11 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Hightail for Lenovo 2016-04-28 16:11 - 2016-04-28 16:11 - 00000000 ____D C:\Users\Administrator\AppData\Local\Publishers 2016-04-28 16:10 - 2016-04-28 16:36 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages 2016-04-28 16:10 - 2016-04-28 16:10 - 00000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles 2016-04-28 16:10 - 2016-04-28 16:10 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe 2016-04-28 16:09 - 2016-04-28 19:14 - 00000000 ____D C:\Users\Administrator\AppData\Local\Google 2016-04-28 16:09 - 2016-04-28 16:13 - 00000000 ____D C:\Users\Administrator 2016-04-28 16:09 - 2016-04-28 16:09 - 00000020 ___SH C:\Users\Administrator\ntuser.ini 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Vorlagen 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Startmenü 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten 2016-04-28 16:09 - 2016-04-28 16:09 - 00000000 ____D C:\Users\Administrator\AppData\Local\TileDataLayer 2016-04-28 16:09 - 2016-04-11 15:57 - 00000000 ____D C:\Users\Administrator\Documents\Visual Studio 2010 2016-04-28 16:09 - 2014-09-18 00:34 - 00000187 _____ C:\Users\Administrator\Desktop\Google Play Music.url 2016-04-28 16:09 - 2014-09-18 00:32 - 00000126 _____ C:\Users\Administrator\Desktop\Adobe Photo Offer.url 2016-04-28 16:09 - 2014-03-26 12:21 - 00000190 _____ C:\Users\Administrator\Desktop\FREE CALLS with Voxox.url 2016-04-28 15:56 - 2016-04-28 15:56 - 03394856 _____ (Check Point Software Technologies Ltd.) C:\Users\Uni\Desktop\zasetupweb_132_015_000.exe 2016-04-28 15:27 - 2016-04-28 15:33 - 222776824 _____ (COMODO) C:\Users\Uni\Desktop\cfw_installer_6106_53.exe 2016-04-28 12:57 - 2016-05-01 22:27 - 00000000 ____D C:\AdwCleaner 2016-04-28 12:56 - 2016-04-28 12:57 - 03581504 _____ C:\Users\Uni\Desktop\AdwCleaner.exe 2016-04-28 12:21 - 2016-04-28 12:21 - 00001242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk 2016-04-28 12:21 - 2016-04-28 12:21 - 00001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk 2016-04-28 12:21 - 2016-04-28 12:21 - 00001219 _____ C:\Users\Public\Desktop\Security Task Manager.lnk 2016-04-28 12:21 - 2016-04-28 12:21 - 00000000 ____D C:\Program Files (x86)\Security Task Manager 2016-04-27 18:57 - 2016-04-28 14:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-04-25 00:02 - 2016-04-25 00:02 - 00000979 _____ C:\Users\Public\Desktop\DS3 Tool.lnk 2016-04-25 00:02 - 2016-04-25 00:02 - 00000000 ____D C:\Users\Uni\Desktop\MotioninJoy_071001_signed 2016-04-24 23:59 - 2016-04-25 00:01 - 04117346 _____ C:\Users\Uni\Desktop\MotioninJoy_071001_signed.zip 2016-04-24 18:34 - 2016-04-24 18:39 - 00000000 ____D C:\Users\Uni\Desktop\LRG CD 2016-04-24 14:51 - 2016-04-24 14:51 - 00000000 ____D C:\Users\Uni\Desktop\LRG-Playlist 2016-04-14 00:08 - 2016-03-29 12:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-04-14 00:08 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2016-04-14 00:08 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2016-04-14 00:08 - 2016-03-29 09:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-04-14 00:08 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2016-04-14 00:08 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2016-04-14 00:08 - 2016-03-29 08:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-04-14 00:08 - 2016-03-29 08:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-04-14 00:08 - 2016-03-29 08:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-04-14 00:08 - 2016-03-29 08:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-04-14 00:08 - 2016-03-29 08:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-04-14 00:08 - 2016-03-29 08:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-04-14 00:08 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-04-14 00:08 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-04-14 00:08 - 2016-03-29 07:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-04-14 00:08 - 2016-03-29 07:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-04-14 00:08 - 2016-03-29 07:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-04-14 00:08 - 2016-03-29 07:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-04-14 00:08 - 2016-03-29 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-04-14 00:08 - 2016-03-29 07:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-04-14 00:08 - 2016-03-29 07:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-04-14 00:07 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2016-04-14 00:07 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll 2016-04-14 00:07 - 2016-04-02 06:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll 2016-04-14 00:07 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2016-04-14 00:07 - 2016-04-02 05:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll 2016-04-14 00:07 - 2016-04-02 05:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll 2016-04-14 00:07 - 2016-04-02 05:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll 2016-04-14 00:07 - 2016-04-02 05:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll 2016-04-14 00:07 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll 2016-04-14 00:07 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll 2016-04-14 00:07 - 2016-04-02 05:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2016-04-14 00:07 - 2016-04-02 05:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-04-14 00:07 - 2016-04-02 05:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2016-04-14 00:07 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-04-14 00:07 - 2016-04-02 05:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2016-04-14 00:07 - 2016-04-02 05:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2016-04-14 00:07 - 2016-04-02 05:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-04-14 00:07 - 2016-04-02 05:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-04-14 00:07 - 2016-04-02 05:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2016-04-14 00:07 - 2016-04-02 05:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll 2016-04-14 00:07 - 2016-04-02 05:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-04-14 00:07 - 2016-04-02 05:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2016-04-14 00:07 - 2016-04-02 05:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-04-14 00:07 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2016-04-14 00:07 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-04-14 00:07 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-04-14 00:07 - 2016-03-29 12:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-14 00:07 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-04-14 00:07 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-04-14 00:07 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2016-04-14 00:07 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll 2016-04-14 00:07 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2016-04-14 00:07 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2016-04-14 00:07 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2016-04-14 00:07 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll 2016-04-14 00:07 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2016-04-14 00:07 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2016-04-14 00:07 - 2016-03-29 11:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-04-14 00:07 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2016-04-14 00:07 - 2016-03-29 11:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2016-04-14 00:07 - 2016-03-29 11:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys 2016-04-14 00:07 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll 2016-04-14 00:07 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll 2016-04-14 00:07 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2016-04-14 00:07 - 2016-03-29 11:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2016-04-14 00:07 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2016-04-14 00:07 - 2016-03-29 11:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-04-14 00:07 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe 2016-04-14 00:07 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll 2016-04-14 00:07 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll 2016-04-14 00:07 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-04-14 00:07 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe 2016-04-14 00:07 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll 2016-04-14 00:07 - 2016-03-29 10:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-04-14 00:07 - 2016-03-29 10:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-04-14 00:07 - 2016-03-29 10:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2016-04-14 00:07 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll 2016-04-14 00:07 - 2016-03-29 10:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-04-14 00:07 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2016-04-14 00:07 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2016-04-14 00:07 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll 2016-04-14 00:07 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll 2016-04-14 00:07 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-04-14 00:07 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll 2016-04-14 00:07 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2016-04-14 00:07 - 2016-03-29 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll 2016-04-14 00:07 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll 2016-04-14 00:07 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll 2016-04-14 00:07 - 2016-03-29 10:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2016-04-14 00:07 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll 2016-04-14 00:07 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll 2016-04-14 00:07 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-04-14 00:07 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe 2016-04-14 00:07 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll 2016-04-14 00:07 - 2016-03-29 10:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll 2016-04-14 00:07 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe 2016-04-14 00:07 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll 2016-04-14 00:07 - 2016-03-29 09:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll 2016-04-14 00:07 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll 2016-04-14 00:07 - 2016-03-29 09:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-04-14 00:07 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys 2016-04-14 00:07 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll 2016-04-14 00:07 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-04-14 00:07 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll 2016-04-14 00:07 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe 2016-04-14 00:07 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2016-04-14 00:07 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll 2016-04-14 00:07 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll 2016-04-14 00:07 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2016-04-14 00:07 - 2016-03-29 09:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll 2016-04-14 00:07 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll 2016-04-14 00:07 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll 2016-04-14 00:07 - 2016-03-29 09:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2016-04-14 00:07 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll 2016-04-14 00:07 - 2016-03-29 09:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-04-14 00:07 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll 2016-04-14 00:07 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll 2016-04-14 00:07 - 2016-03-29 09:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2016-04-14 00:07 - 2016-03-29 09:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2016-04-14 00:07 - 2016-03-29 09:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-04-14 00:07 - 2016-03-29 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-04-14 00:07 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2016-04-14 00:07 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2016-04-14 00:07 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll 2016-04-14 00:07 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll 2016-04-14 00:07 - 2016-03-29 09:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2016-04-14 00:07 - 2016-03-29 09:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-04-14 00:07 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys 2016-04-14 00:07 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2016-04-14 00:07 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll 2016-04-14 00:07 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2016-04-14 00:07 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-04-14 00:07 - 2016-03-29 09:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2016-04-14 00:07 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2016-04-14 00:07 - 2016-03-29 09:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll 2016-04-14 00:07 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2016-04-14 00:07 - 2016-03-29 09:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2016-04-14 00:07 - 2016-03-29 09:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll 2016-04-14 00:07 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll 2016-04-14 00:07 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-04-14 00:07 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll 2016-04-14 00:07 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll 2016-04-14 00:07 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll 2016-04-14 00:07 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2016-04-14 00:07 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll 2016-04-14 00:07 - 2016-03-29 09:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2016-04-14 00:07 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2016-04-14 00:07 - 2016-03-29 09:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2016-04-14 00:07 - 2016-03-29 09:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-04-14 00:07 - 2016-03-29 09:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2016-04-14 00:07 - 2016-03-29 09:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2016-04-14 00:07 - 2016-03-29 09:14 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2016-04-14 00:07 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2016-04-14 00:07 - 2016-03-29 09:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-04-14 00:07 - 2016-03-29 09:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2016-04-14 00:07 - 2016-03-29 09:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll 2016-04-14 00:07 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll 2016-04-14 00:07 - 2016-03-29 09:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll 2016-04-14 00:07 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll 2016-04-14 00:07 - 2016-03-29 09:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-04-14 00:07 - 2016-03-29 09:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2016-04-14 00:07 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2016-04-14 00:07 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll 2016-04-14 00:07 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2016-04-14 00:07 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2016-04-14 00:07 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2016-04-14 00:07 - 2016-03-29 09:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2016-04-14 00:07 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2016-04-14 00:07 - 2016-03-29 09:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2016-04-14 00:07 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe 2016-04-14 00:07 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2016-04-14 00:07 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll 2016-04-14 00:07 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys 2016-04-14 00:07 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2016-04-14 00:07 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll 2016-04-14 00:07 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-04-14 00:07 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2016-04-14 00:07 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll 2016-04-14 00:07 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2016-04-14 00:07 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe 2016-04-14 00:07 - 2016-03-29 08:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2016-04-14 00:07 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-04-14 00:07 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll 2016-04-14 00:07 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll 2016-04-14 00:07 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll 2016-04-14 00:07 - 2016-03-29 08:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2016-04-14 00:07 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll 2016-04-14 00:07 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll 2016-04-14 00:07 - 2016-03-29 08:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2016-04-14 00:07 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-04-14 00:07 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll 2016-04-14 00:07 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll 2016-04-14 00:07 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2016-04-14 00:07 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll 2016-04-14 00:07 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2016-04-14 00:07 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll 2016-04-14 00:07 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2016-04-14 00:07 - 2016-03-29 08:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-04-14 00:07 - 2016-03-29 08:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2016-04-14 00:07 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll 2016-04-14 00:07 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2016-04-14 00:07 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2016-04-14 00:07 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-04-14 00:07 - 2016-03-29 08:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2016-04-14 00:07 - 2016-03-29 08:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll 2016-04-14 00:07 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll 2016-04-14 00:07 - 2016-03-29 08:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2016-04-14 00:07 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2016-04-14 00:07 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2016-04-14 00:07 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2016-04-14 00:07 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2016-04-14 00:07 - 2016-03-29 08:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2016-04-14 00:07 - 2016-03-29 08:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2016-04-14 00:07 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll 2016-04-14 00:07 - 2016-03-29 08:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-04-14 00:07 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2016-04-14 00:07 - 2016-03-29 08:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2016-04-14 00:07 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2016-04-14 00:07 - 2016-03-29 08:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll 2016-04-14 00:07 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll 2016-04-14 00:07 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-04-14 00:07 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll 2016-04-14 00:07 - 2016-03-29 08:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-04-14 00:07 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-04-14 00:07 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-04-14 00:07 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll 2016-04-14 00:07 - 2016-03-29 08:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2016-04-14 00:07 - 2016-03-29 08:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-04-14 00:07 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2016-04-14 00:07 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll 2016-04-14 00:07 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2016-04-14 00:07 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2016-04-14 00:07 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2016-04-14 00:07 - 2016-03-29 08:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-04-14 00:07 - 2016-03-29 08:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-04-14 00:07 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll 2016-04-14 00:07 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2016-04-14 00:07 - 2016-03-29 08:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2016-04-14 00:07 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2016-04-14 00:07 - 2016-03-29 08:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-04-14 00:07 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2016-04-14 00:07 - 2016-03-29 08:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-04-14 00:07 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-04-14 00:07 - 2016-03-29 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-04-14 00:07 - 2016-03-29 07:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-04-14 00:07 - 2016-03-29 07:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-04-14 00:07 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2016-04-14 00:07 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll 2016-04-14 00:07 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-04-14 00:07 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2016-04-14 00:07 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-04-14 00:07 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2016-04-14 00:07 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll 2016-04-14 00:07 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll 2016-04-14 00:07 - 2016-03-29 07:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-04-14 00:07 - 2016-03-29 07:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-04-14 00:07 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2016-04-14 00:07 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll 2016-04-14 00:07 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2016-04-14 00:07 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll 2016-04-14 00:07 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2016-04-14 00:07 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll 2016-04-14 00:06 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys 2016-04-14 00:06 - 2016-03-29 10:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-04-14 00:06 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll 2016-04-14 00:06 - 2016-03-29 10:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2016-04-14 00:06 - 2016-03-29 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-04-14 00:06 - 2016-03-29 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2016-04-14 00:06 - 2016-03-29 09:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-04-14 00:06 - 2016-03-29 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-04-14 00:06 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll 2016-04-14 00:06 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-04-14 00:06 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll 2016-04-14 00:06 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2016-04-14 00:06 - 2016-03-29 09:14 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS 2016-04-14 00:06 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-04-14 00:06 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll 2016-04-14 00:06 - 2016-03-29 09:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-04-14 00:06 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-04-14 00:06 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll 2016-04-14 00:06 - 2016-03-29 09:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll 2016-04-14 00:06 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2016-04-14 00:06 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2016-04-14 00:06 - 2016-03-29 08:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll 2016-04-14 00:06 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll 2016-04-14 00:06 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2016-04-12 16:57 - 2016-04-12 17:19 - 00000000 ____D C:\Users\Uni\Desktop\HandyMusik 2016-04-11 15:57 - 2016-04-11 15:57 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2010 2016-04-11 15:57 - 2016-04-11 15:57 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2010 2016-04-11 15:56 - 2016-04-11 15:56 - 00000000 ____D C:\ProgramData\VS 2016-04-11 14:13 - 2016-04-11 14:13 - 00000000 ____D C:\Users\Uni\AppData\Local\MicrosoftEdge 2016-04-11 13:57 - 2016-04-11 13:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2016-04-11 13:34 - 2016-04-25 02:33 - 00002441 _____ C:\Users\Uni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-04-11 13:33 - 2016-04-11 13:33 - 00000000 ____D C:\Users\Uni\AppData\Local\NetworkTiles 2016-04-11 13:32 - 2016-04-11 13:32 - 00000000 ____D C:\Users\Uni\AppData\Local\ActiveSync 2016-04-11 13:31 - 2016-05-01 22:29 - 00000000 __SHD C:\Users\Uni\IntelGraphicsProfiles 2016-04-11 13:31 - 2016-04-11 13:31 - 00000000 ____D C:\Users\Uni\AppData\Local\TileDataLayer 2016-04-11 13:31 - 2016-04-11 13:31 - 00000000 ____D C:\Users\Uni\AppData\Local\Publishers 2016-04-11 13:31 - 2016-04-11 13:31 - 00000000 ____D C:\Users\Uni\AppData\Local\Comms 2016-04-11 13:30 - 2016-04-11 13:30 - 00000020 ___SH C:\Users\Uni\ntuser.ini 2016-04-11 13:02 - 2016-04-11 12:49 - 00000000 ___DC C:\WINDOWS\Panther 2016-04-11 12:59 - 2016-04-11 12:59 - 00000000 ____D C:\Windows.old 2016-04-11 12:57 - 2016-04-11 12:57 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2016-04-11 12:57 - 2016-04-11 12:57 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2016-04-11 12:57 - 2016-04-11 12:57 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2016-04-11 12:57 - 2016-04-11 12:57 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2016-04-11 12:57 - 2016-04-11 12:57 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys 2016-04-11 12:57 - 2016-04-11 12:57 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2016-04-11 12:57 - 2016-04-11 12:57 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll 2016-04-11 12:57 - 2016-04-11 12:57 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll 2016-04-11 12:43 - 2016-04-11 12:43 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Vorlagen 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Startmenü 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 ____D C:\Program Files\Reference Assemblies 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 ____D C:\Program Files\MSBuild 2016-04-11 12:41 - 2016-04-11 12:41 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2016-04-11 12:41 - 2016-04-11 12:13 - 00000000 ____D C:\Program Files (x86)\MSBuild 2016-04-11 12:40 - 2015-10-23 18:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2016-04-11 12:40 - 2015-10-23 18:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2016-04-11 12:40 - 2015-10-23 18:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2016-04-11 12:40 - 2015-10-23 18:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2016-04-11 12:40 - 2015-10-23 18:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2016-04-11 12:40 - 2015-10-23 18:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2016-04-11 12:39 - 2016-04-11 12:39 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2016-04-11 12:39 - 2016-04-11 12:39 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2016-04-11 12:38 - 2016-04-11 12:38 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat 2016-04-11 12:31 - 2016-04-29 13:25 - 01802588 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-04-11 12:28 - 2016-04-11 12:28 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini 2016-04-11 12:21 - 2016-04-11 12:21 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-04-11 12:12 - 2016-04-11 12:21 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2016-04-11 12:11 - 2016-04-29 17:51 - 00000000 ____D C:\Users\Uni 2016-04-11 12:11 - 2016-04-29 12:52 - 00000000 ____D C:\Users\UpdatusUser 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Vorlagen 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Startmenü 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Netzwerkumgebung 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Lokale Einstellungen 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Eigene Dateien 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Druckumgebung 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Videos 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Musik 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Documents\Eigene Bilder 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Verlauf 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\UpdatusUser\Anwendungsdaten 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\Vorlagen 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\Startmenü 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\Netzwerkumgebung 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\Lokale Einstellungen 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\Eigene Dateien 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\Druckumgebung 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\Documents\Eigene Videos 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\Documents\Eigene Musik 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\Documents\Eigene Bilder 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\AppData\Local\Verlauf 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\AppData\Local\Anwendungsdaten 2016-04-11 12:11 - 2016-04-11 12:11 - 00000000 _SHDL C:\Users\Uni\Anwendungsdaten 2016-04-11 12:08 - 2016-04-11 12:14 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-04-11 12:08 - 2016-04-11 12:14 - 00000000 ____D C:\ProgramData\NVIDIA 2016-04-11 12:08 - 2016-04-11 12:13 - 00000000 ____D C:\ProgramData\Conexant 2016-04-11 12:08 - 2016-04-11 12:13 - 00000000 ____D C:\Program Files\CONEXANT 2016-04-11 12:08 - 2016-04-11 12:08 - 00000000 ____H C:\ProgramData\DP45977C.lfl 2016-04-11 12:08 - 2016-04-11 12:08 - 00000000 ____D C:\WINDOWS\SysWOW64\sda 2016-04-11 12:08 - 2016-04-11 12:08 - 00000000 ____D C:\Program Files\Elantech 2016-04-11 12:08 - 2015-07-23 03:10 - 06873928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2016-04-11 12:08 - 2015-07-23 03:10 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2016-04-11 12:08 - 2015-07-23 03:10 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2016-04-11 12:08 - 2015-07-23 03:10 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2016-04-11 12:08 - 2015-07-23 03:10 - 00937800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2016-04-11 12:08 - 2015-07-23 03:10 - 00579912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll 2016-04-11 12:08 - 2015-07-23 03:10 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2016-04-11 12:08 - 2015-07-23 03:10 - 00074896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2016-04-11 12:08 - 2015-07-23 03:10 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2016-04-11 12:08 - 2015-07-22 06:29 - 05121613 _____ C:\WINDOWS\system32\nvcoproc.bin 2016-04-11 12:07 - 2016-04-11 12:13 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-04-11 12:07 - 2016-04-11 12:07 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2016-04-11 12:07 - 2016-04-11 12:07 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2016-04-11 12:07 - 2015-12-19 02:08 - 00103944 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2016-04-11 12:07 - 2015-12-19 02:08 - 00099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2016-04-11 12:06 - 2016-04-11 12:13 - 00000000 ____D C:\Program Files\Intel 2016-04-11 11:23 - 2016-04-11 12:39 - 00013338 _____ C:\WINDOWS\diagwrn.xml 2016-04-11 11:23 - 2016-04-11 12:39 - 00013338 _____ C:\WINDOWS\diagerr.xml 2016-04-01 17:42 - 2016-04-01 17:42 - 00734784 _____ (Oracle Corporation) C:\Users\Uni\Downloads\jxpiinstall(4).exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-01 22:29 - 2015-02-07 22:59 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-05-01 22:28 - 2016-02-13 19:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-05-01 22:28 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-05-01 22:14 - 2015-02-07 22:59 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04319189e9b.job 2016-04-29 18:29 - 2013-08-22 15:36 - 00000000 ____D C:\Users\Default.migrated 2016-04-29 17:52 - 2015-02-07 22:51 - 00000000 ____D C:\Program Files (x86)\Avira 2016-04-29 17:49 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-04-29 17:48 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF 2016-04-29 17:32 - 2015-02-07 22:51 - 00000000 ____D C:\ProgramData\Avira 2016-04-29 17:32 - 2014-09-17 23:56 - 00000000 ____D C:\ProgramData\Package Cache 2016-04-29 17:29 - 2015-02-07 23:01 - 00000000 ____D C:\Users\Uni\AppData\Roaming\Avira 2016-04-29 13:25 - 2016-02-13 18:59 - 00777804 _____ C:\WINDOWS\system32\perfh007.dat 2016-04-29 13:25 - 2016-02-13 18:59 - 00156080 _____ C:\WINDOWS\system32\perfc007.dat 2016-04-28 16:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-04-28 16:10 - 2016-02-13 19:30 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-04-28 14:52 - 2015-03-10 01:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-04-28 12:31 - 2015-02-07 22:47 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CA4DEE2A-E881-46E0-B4B0-079D45A23913} 2016-04-27 23:21 - 2015-02-08 22:27 - 00000000 ____D C:\Users\Uni\AppData\Local\Spotify 2016-04-27 23:18 - 2015-02-08 22:21 - 00000000 ____D C:\Users\Uni\AppData\Roaming\Spotify 2016-04-27 01:08 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-04-25 02:33 - 2015-02-07 20:41 - 00000000 __RDO C:\Users\Uni\OneDrive 2016-04-25 01:48 - 2015-02-07 23:53 - 00000000 ____D C:\Program Files (x86)\Steam 2016-04-25 00:02 - 2015-11-30 01:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy 2016-04-25 00:02 - 2015-11-30 01:54 - 00000000 ____D C:\Program Files\MotioninJoy 2016-04-22 01:20 - 2015-02-17 18:24 - 00000000 ____D C:\Users\Uni\AppData\Roaming\vlc 2016-04-21 01:27 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache 2016-04-18 13:33 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-04-18 13:25 - 2016-02-13 10:21 - 00245472 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-04-18 03:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-04-18 03:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-04-18 03:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2016-04-18 03:53 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-04-14 12:44 - 2015-02-09 23:56 - 00000000 ____D C:\Users\Uni\AppData\Local\Adobe 2016-04-14 00:17 - 2015-02-09 02:08 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-04-14 00:11 - 2015-02-09 02:08 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-04-13 14:41 - 2015-02-07 20:39 - 00000000 ____D C:\Users\Uni\AppData\Local\Packages 2016-04-12 13:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\appcompat 2016-04-11 22:04 - 2015-02-07 23:00 - 00002275 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-04-11 22:04 - 2015-02-07 23:00 - 00002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-04-11 16:07 - 2015-04-20 12:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express 2016-04-11 15:59 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-04-11 13:31 - 2014-09-17 23:44 - 00000000 ___HD C:\Intel 2016-04-11 13:02 - 2015-10-30 09:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2016-04-11 12:58 - 2016-02-13 19:12 - 00000000 ____D C:\Program Files\Windows Journal 2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media 2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices 2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform 2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices 2016-04-11 12:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2016-04-11 12:58 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2016-04-11 12:58 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism 2016-04-11 12:54 - 2016-02-13 19:03 - 00000000 ____D C:\WINDOWS\OCR 2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm 2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN 2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr 2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\system32\winrm 2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\system32\WCN 2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\system32\slmgr 2016-04-11 12:50 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\F12 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\dsc 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\MiracastView 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\migwiz 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2016-04-11 12:50 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2016-04-11 12:50 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\servicing 2016-04-11 12:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2016-04-11 12:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\MUI 2016-04-11 12:41 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows NT 2016-04-11 12:41 - 2015-10-30 09:17 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll 2016-04-11 12:41 - 2015-10-30 09:17 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll 2016-04-11 12:41 - 2015-10-30 09:17 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll 2016-04-11 12:41 - 2015-10-30 09:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe 2016-04-11 12:40 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2016-04-11 12:40 - 2015-10-30 09:17 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe 2016-04-11 12:40 - 2015-10-30 09:17 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe 2016-04-11 12:40 - 2015-10-30 09:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll 2016-04-11 12:40 - 2015-10-30 09:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll 2016-04-11 12:39 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Registration 2016-04-11 12:37 - 2015-03-08 15:05 - 00002764 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2016-04-11 12:37 - 2015-02-07 22:59 - 00003506 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d04319189e9b 2016-04-11 12:37 - 2015-02-07 22:59 - 00003498 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-04-11 12:37 - 2015-02-07 22:59 - 00003278 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-04-11 12:37 - 2015-02-07 20:44 - 00002812 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3051385857-1379960724-2999109445-1002 2016-04-11 12:37 - 2014-09-18 00:41 - 00002060 _____ C:\WINDOWS\System32\Tasks\PDVDServ Task 2016-04-11 12:37 - 2014-09-17 23:12 - 00002320 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3051385857-1379960724-2999109445-500 2016-04-11 12:32 - 2015-10-30 09:24 - 00000000 __RHD C:\Users\Public\Libraries 2016-04-11 12:31 - 2014-09-17 23:53 - 01799166 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2016-04-11 12:21 - 2016-03-12 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixMeister 2016-04-11 12:21 - 2015-09-25 16:48 - 00000000 ____D C:\WINDOWS\de 2016-04-11 12:21 - 2015-09-15 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-04-11 12:21 - 2015-09-04 22:09 - 00000000 ____D C:\Users\Uni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ 2016-04-11 12:21 - 2015-09-04 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DJUCED 18 2016-04-11 12:21 - 2015-08-05 12:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2016-04-11 12:21 - 2015-06-19 16:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2016-04-11 12:21 - 2015-04-23 15:49 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1 2016-04-11 12:21 - 2015-04-16 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dymola 2013 2016-04-11 12:21 - 2015-03-24 16:23 - 00000000 ____D C:\Users\Uni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center 2016-04-11 12:21 - 2015-03-24 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2016-04-11 12:21 - 2015-03-24 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-04-11 12:21 - 2015-02-28 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-04-11 12:21 - 2015-02-25 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher 2016-04-11 12:21 - 2015-02-17 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2016-04-11 12:21 - 2015-02-08 00:14 - 00000000 ____D C:\Program Files\Classic Shell 2016-04-11 12:21 - 2015-02-07 23:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2016-04-11 12:21 - 2014-09-18 00:39 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10 2016-04-11 12:21 - 2014-09-18 00:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo 2016-04-11 12:21 - 2014-09-18 00:34 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaStory 2016-04-11 12:21 - 2014-09-18 00:02 - 00000000 ____D C:\Program Files\Dolby Digital Plus 2016-04-11 12:21 - 2014-09-17 23:53 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2016-04-11 12:21 - 2014-09-17 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE 2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB 2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV 2016-04-11 12:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT 2016-04-11 12:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared 2016-04-11 12:16 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared 2016-04-11 12:15 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod 2016-04-11 12:15 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\et-EE 2016-04-11 12:15 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\en-GB 2016-04-11 12:14 - 2016-01-16 22:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2016-04-11 12:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-04-11 12:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\InputMethod 2016-04-11 12:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\MediaViewer 2016-04-11 12:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\ADFS 2016-04-11 12:13 - 2015-09-04 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DJUCED 2016-04-11 12:13 - 2015-09-04 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hercules 2016-04-11 12:13 - 2015-06-14 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games 2016-04-11 12:13 - 2014-09-18 00:35 - 00000000 ____D C:\ProgramData\Lenovo 2016-04-11 12:13 - 2014-09-18 00:35 - 00000000 ____D C:\Program Files\lenovo 2016-04-11 12:13 - 2014-09-18 00:35 - 00000000 ____D C:\Program Files (x86)\Lenovo 2016-04-11 12:13 - 2014-09-18 00:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hightail 2016-04-11 12:13 - 2014-09-17 23:52 - 00000000 ____D C:\Program Files (x86)\Realtek 2016-04-11 12:10 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-04-11 12:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Help 2016-04-11 11:30 - 2014-09-18 00:41 - 00012800 _____ C:\WINDOWS\system32\VfService.trf 2016-04-11 11:23 - 2016-02-13 20:35 - 00000000 ___HD C:\$WINDOWS.~BT 2016-04-09 13:13 - 2015-02-08 00:16 - 00000000 ____D C:\Users\Uni\AppData\Roaming\ClassicShell 2016-04-08 19:47 - 2015-05-04 01:12 - 00000000 ____D C:\Users\Uni\AppData\Local\ElevatedDiagnostics 2016-04-07 16:15 - 2015-02-10 17:32 - 02406400 ___SH C:\Users\Uni\Desktop\Thumbs.db 2016-04-06 20:32 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-04-06 20:32 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-04-01 19:02 - 2015-02-08 00:52 - 00000000 ____D C:\Users\Uni\AppData\Roaming\Skype 2016-04-01 17:45 - 2015-02-28 20:00 - 00000000 ____D C:\ProgramData\Oracle 2016-04-01 17:44 - 2015-12-23 01:40 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-04-01 17:44 - 2015-11-02 01:22 - 00000000 ____D C:\Users\Uni\.oracle_jre_usage 2016-04-01 17:44 - 2015-02-28 20:01 - 00000000 ____D C:\Program Files (x86)\Java ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-02-07 20:39 - 2016-04-11 11:23 - 0884004 _____ () C:\Users\Uni\AppData\Local\BTServer.log 2015-02-10 02:35 - 2015-06-24 23:24 - 0007601 _____ () C:\Users\Uni\AppData\Local\Resmon.ResmonCfg 2015-06-02 13:25 - 2015-06-02 13:25 - 0000000 _____ () C:\Users\Uni\AppData\Local\{497248A6-D5F2-4EBD-9352-1C7DA4C66689} 2015-12-27 02:56 - 2015-12-27 02:56 - 0000085 ___SH () C:\ProgramData\.zreglib 2015-02-09 23:34 - 2015-02-09 23:34 - 0000057 _____ () C:\ProgramData\Ament.ini 2016-04-11 12:08 - 2016-04-11 12:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== C:\Users\Administrator\AppData\Local\Temp\avgnt.exe C:\Users\Uni\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-04-25 18:43 ==================== Ende von FRST.txt ============================ Liebe Grüße, CaptainM |
03.05.2016, 12:03 | #15 |
/// Malwareteam | PC gehackt und Screenshots via Facebook verschickt Bitte wiederhole den Scan mit Malwarebytes mit aktuellen Signaturen - aktiviere dazu die Internetverbindung von deinem Rechner.
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
Themen zu PC gehackt und Screenshots via Facebook verschickt |
avira, besten, bild, browser, chat, computer, facebook gehackt überwachung, forum, fremden, gehackt, hallo zusammen, hardwarefehler, langsam, laptop, live, löschen, maus, nicht löschen, scan, screenshot, trojaner, verlauf, verschickt, wlan, youtube, zugriff |