![]() |
Plagegeister aller Art und deren Bekämpfung: AVG user InterfaceWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
![]() |
![]() | #1 |
![]() ![]() | ![]() AVG user Interface Hallo zusammen Nach einigen Jahren wieder mal ein Hilferuf von mir. Sollte mir Jemand von euch helfen könne werde ich noch im Detail beschreiben. Derweil mal kurz: Neuer PC seit 18 Tagen "LENOVO YOGA 900 und Windows 10" . Bis vor etwa 8 Tagen ging es ganz gut (wenn man von der dauerden Suche in den neuen Programmen absieht) Ich arbeite mit Dockinstation und zweitem Bildschirm. Im Moment jedoch habe ich alles abgehängt und hab nur Internet, Drucker, Maus, direkt am PC. dann hatte ich immer wieder Probleme mit dem zweiten Bildschirm. Gestern konnte ich einzelne wenige Programme zwar öffnen jedoch nicht bedienen. Seit gestern hatte ich auch Probleme mit dem Drucker. Ich dachte es hängt mit der Dockinstation zusammen also gestern diese weggenommen. Heute kann ich auf den Drucker überhaupt nicht mehr zugreifen. Obwol er bereit meldet. Auch einzelne Programme starten zwar auf sind jedoch nicht mehr zu bedienen. (z.B. Photoshop Elements 14) Was ich nach langem Suchen und fummeln gesehen habe ist, dass im Task Manager "AVG user Interface" hängt und das bringe ich auf keine Weise raus. Ich denke da ist ein Toyaner am Werk oder es ist das AVG Ich hoffe auf Jemand von euch Gruss werama Geändert von werama (25.06.2016 um 22:29 Uhr) |
![]() | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() AVG user Interface moin
__________________![]() AVG ist eh der letzte Kack. Zusammen mit Avast, Avira und anderen Konsorten, die die normalen Anwender allesamt verarschen. Bitte AVG deinstallieren. Das Teil können wir einfach nicht mehr guten Gewissens empfehlen. => http://www.trojaner-board.de/171261-...zer-daten.html und Antivirensoftware: Schutz für Ihre Dateien, aber auf Kosten Ihrer Privatsphäre? | Emsisoft Blog Auch andere Freewareanbieter wie Avira, Avast oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc; so was ist bei Sicherheitssoftware einfach inakzeptabel. Gib Bescheid wenn AVG weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________ |
![]() | #3 |
![]() ![]() | ![]() AVG user Interface Hallo
__________________Danke für die schnelle Antwort.kann ich wieder ansprechen AVG ist deinstalliert: AVG user interface ist aus dem TaskManager raus. Drucker kann ich wieder ansprechen. Im Photoshop Elements 14 kann ich wieder arbeiten. Wie weiter ? Gruss Ulf |
![]() | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() AVG user Interface Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: ![]() (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
![]() Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #5 |
![]() ![]() | ![]() AVG user Interface Hallo Das geht schon gut los. Eventuell Stelle ich mich auch nur zu Doof an. Die Downloadvorbereitung läuft. Danach sehe ich keine Möglichkeit um weiterzukommen. Auch auf dem ganzen C: keine FRST64.exe oder FRST.exe zu finden. Ist es das Windows 10 ? In der Beschreibung von FRST64 steht verwendbar bis Windows 8 OK das war mein Problem Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-06-2016 02 Ran by ulfw (administrator) on LAPDESKTOP (27-06-2016 09:20:16) Running from C:\TrojanerBoard Loaded Profiles: ulfw (Available Profiles: ulfw) Platform: Windows 10 Home (X64) Language: Englisch (Vereinigte Staaten) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe (Lenovo) C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe () C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe (Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe () C:\Windows\SysWOW64\spdsvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe () C:\Program Files\update\UpdateAgent.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe () C:\ProgramData\Lenovo\PLHotkeyService\PLHotkeyService.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Google Inc.) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler64.exe (Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe (Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe () C:\Program Files\Lenovo\LenovoUtility\utility.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe (Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe (Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe (Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe () C:\Program Files\WindowsApps\Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe\PeopleApp.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.21441.0_x64__8wekyb3d8bbwe\Video.UI.exe () C:\Program Files\WindowsApps\Microsoft.Getstarted_3.10.0.0_x64__8wekyb3d8bbwe\WhatsNew.Store.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2015-11-01] () HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-24] (Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16412912 2016-06-01] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1416440 2016-06-01] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1416440 2016-06-01] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1416440 2016-06-01] (Realtek Semiconductor) HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [628736 2015-06-16] () HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-07-29] (Adobe Systems Incorporated) HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\EpmNews.exe [2090176 2016-04-26] (CHENGDU YIWO Tech Development Co., Ltd) HKLM-x32\...\Run: [EaseUS Cleanup] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\CleanUpUI.exe [1227456 2016-04-26] (CHENGDU Yiwo Tech Development Co., Ltd.) HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated) HKU\S-1-5-21-4256507873-131550310-878068454-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [583680 2015-07-10] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] Tcpip\..\Interfaces\{3ba909af-3c62-4429-94b3-18fd1bdda109}: [DhcpNameServer] Tcpip\..\Interfaces\{68aa8129-2e02-4ac7-9f17-2ca6b94762fd}: [DhcpNameServer] Tcpip\..\Interfaces\{c76f7e95-d6e4-4b7f-bf18-a9c1bc35784e}: [DhcpNameServer] Tcpip\..\Interfaces\{fb80cd58-df40-44b1-9b37-247645e8ce84}: [DhcpNameServer] Internet Explorer: ================== HKU\S-1-5-21-4256507873-131550310-878068454-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE HKU\S-1-5-21-4256507873-131550310-878068454-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE HKU\S-1-5-21-4256507873-131550310-878068454-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com HKU\S-1-5-21-4256507873-131550310-878068454-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://mystart.lenovo.com SearchScopes: HKU\S-1-5-21-4256507873-131550310-878068454-1001 -> DefaultScope {D5F1BE35-A861-465C-ACBD-70DA19F6DED7} URL = SearchScopes: HKU\S-1-5-21-4256507873-131550310-878068454-1001 -> {D5F1BE35-A861-465C-ACBD-70DA19F6DED7} URL = FireFox: ======== FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll [2016-06-01] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll [2016-06-01] (Google Inc.) Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Profile: C:\Users\ulfw\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\ulfw\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-01] CHR Extension: (Google Docs) - C:\Users\ulfw\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-01] CHR Extension: (Google Drive) - C:\Users\ulfw\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-01] CHR Extension: (YouTube) - C:\Users\ulfw\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-02] CHR Extension: (Google Tabellen) - C:\Users\ulfw\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-01] CHR Extension: (Google Docs Offline) - C:\Users\ulfw\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-01] CHR Extension: (AdBlock) - C:\Users\ulfw\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-06-02] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ulfw\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-01] CHR Extension: (Google Mail) - C:\Users\ulfw\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-01] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeActiveFileMonitor14.0; C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe [226016 2015-12-07] (Adobe Systems Incorporated) R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (Lenovo) S3 cplspcon; C:\Windows\system32\IntelCpHDCPSvc.exe [618920 2016-06-01] (Intel Corporation) R2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [176640 2015-09-15] () [File not signed] R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [11127016 2016-02-12] (DisplayLink Corp.) R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1385640 2015-07-23] (Intel Corporation) R2 FastbootService; C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe [288768 2015-11-01] (Lenovo) [File not signed] R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (Lenovo) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-24] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [372128 2016-06-01] (Intel Corporation) R2 ImControllerService; c:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [56144 2016-05-26] (Lenovo Group Limited) R2 LenovoPortalService; C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe [24312 2015-11-01] () S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] () R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software) S4 O2FLASH; C:\Windows\System32\drivers\o2flash.exe [82096 2015-05-21] (BayHubTech/O2Micro International) S4 O2FLASH; C:\Windows\SysWOW64\drivers\o2flash.exe [82096 2015-05-21] (BayHubTech/O2Micro International) R2 Samsung Printer Dianostics Service; C:\Windows\SysWOW64\\spdsvc.exe [491328 2015-11-05] () S3 ShareItSvc; C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe [33224 2016-04-15] (SHAREit Technologies Co.Ltd) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [263792 2016-06-01] (Synaptics Incorporated) R2 UpdateAgentService; C:\Program Files\update\UpdateAgent.exe [226216 2015-11-01] () R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [38328 2015-08-21] (Lenovo) R2 YogaPLService; C:\ProgramData\Lenovo\PLHotkeyService\PLHotkeyService.exe [29112 2015-06-27] () R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AX88772; C:\Windows\System32\drivers\ax88772.sys [111616 2015-07-10] (ASIX Electronics Corp.) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-06-18] (Samsung Electronics Co., Ltd.) S3 DisplayLinkUsbIo_x64; C:\Windows\system32\DRIVERS\DisplayLinkUsbIo_x64_7.9.1488.0.sys [67344 2016-06-06] () S3 dlcdcncm; C:\Windows\System32\drivers\dlcdcncm62_x64.sys [91920 2016-02-12] (DisplayLink Corp.) S3 dlusbaudio; C:\Windows\system32\DRIVERS\dlusbaudio_x64.sys [229648 2016-02-12] (DisplayLink Corp.) R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [43512 2015-07-23] (Intel Corporation) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18016 2016-01-20] () S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2016-01-20] () R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [251384 2015-07-23] (Intel Corporation) S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2016-01-20] () S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2016-01-20] () R0 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [67608 2015-11-01] (Windows (R) Win 7 DDK provider) [File not signed] R0 FBFsmon; C:\Windows\System32\DRIVERS\FBFsmon.sys [39448 2015-11-01] (Windows (R) Win 7 DDK provider) [File not signed] R2 FBNetFilter; C:\Windows\system32\Drivers\FBNetFlt.sys [32792 2015-11-01] (Windows (R) Win 7 DDK provider) [File not signed] R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [84264 2015-06-16] (Intel Corporation) R3 iaLPSS2_I2C; C:\Windows\System32\drivers\iaLPSS2_I2C.sys [185128 2015-06-16] (Intel Corporation) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [250096 2015-07-02] (Intel Corporation) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608 2015-07-08] (Intel Corporation) S3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3354384 2015-07-10] (Intel Corporation) R3 Netwtw02; C:\Windows\System32\drivers\Netwtw02.sys [7052032 2016-06-01] (Intel Corporation) R3 O2FJ2RDR; C:\Windows\System32\drivers\O2FJ2x64.sys [201240 2015-05-21] (BayHubTech/O2Micro ) R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation) R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [3049176 2015-05-29] (Realtek Semiconductor Corp.) R3 rtux64w10; C:\Windows\System32\drivers\rtux64w10.sys [159744 2015-07-10] (Realtek ) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-06-21] (Samsung Electronics Co., Ltd.) R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [74352 2016-06-01] (Synaptics Incorporated) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-06-27 09:16 - 2016-06-27 09:20 - 00000000 ____D C:\FRST 2016-06-27 09:14 - 2016-06-27 09:14 - 02389504 _____ (Farbar) C:\Users\ulfw\Downloads\FRST64.exe 2016-06-27 08:29 - 2016-06-27 08:29 - 00016148 _____ C:\Windows\system32\LAPDESKTOP_ulfw_HistoryPrediction.bin 2016-06-26 16:58 - 2016-06-27 09:20 - 00000000 ____D C:\TrojanerBoard 2016-06-25 21:26 - 2016-06-25 21:26 - 00001891 _____ C:\Users\ulfw\Desktop\Samsung CLP-320 Series - Verknüpfung.lnk 2016-06-25 20:05 - 2016-06-25 20:05 - 00000751 _____ C:\ProgramData\StreamingMediaTechnologyLog.txt 2016-06-25 20:05 - 2016-06-25 20:05 - 00000000 ____D C:\Users\ulfw\Documents\Adobe 2016-06-23 19:56 - 2015-11-12 13:12 - 00037201 ____N C:\Windows\SysWOW64\spddata.xml 2016-06-23 19:56 - 2015-11-05 21:02 - 00491328 ____N C:\Windows\SysWOW64\spdsvc.exe 2016-06-23 19:56 - 2014-08-18 16:10 - 00094208 ____N C:\Windows\SysWOW64\ssdevm.dll 2016-06-23 19:56 - 2014-08-18 16:08 - 00087552 ____N C:\Windows\system32\ssdevm64.dll 2016-06-23 19:55 - 2016-06-23 19:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LenovoSHAREit 2016-06-23 19:51 - 2016-06-23 19:51 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers 2016-06-23 19:50 - 2016-06-23 19:51 - 00000000 ____D C:\Program Files (x86)\Samsung 2016-06-23 19:50 - 2011-06-21 09:42 - 00034304 _____ () C:\Windows\system32\sst3cl6.dll 2016-06-23 19:50 - 2010-03-04 09:22 - 01884837 ____N C:\Windows\sst3cLTR.prn 2016-06-23 19:50 - 2010-03-04 09:21 - 01884837 ____N C:\Windows\sst3cA4.prn 2016-06-23 19:50 - 2009-09-11 09:48 - 00000357 _____ C:\Windows\system32\sst3cl6.smt 2016-06-23 19:50 - 2009-09-11 09:47 - 00151552 _____ (SS) C:\Windows\system32\sst3cci.exe 2016-06-23 19:50 - 2009-09-11 09:47 - 00089600 _____ (SS) C:\Windows\system32\sst3cci.dll 2016-06-23 19:31 - 2014-08-18 14:59 - 00011576 ____N (Samsung Electronics) C:\Windows\system32\Drivers\SSPORT.SYS 2016-06-23 17:50 - 2016-06-23 17:50 - 00000000 ____D C:\Windows\LastGood 2016-06-23 17:23 - 2016-06-23 17:23 - 00000000 ____D C:\Windows\LastGood.Tmp 2016-06-21 09:34 - 2016-06-21 09:34 - 00221824 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys 2016-06-20 19:19 - 2016-06-20 19:19 - 00000000 ___RD C:\Users\ulfw\Documents\Scanned Documents 2016-06-20 19:19 - 2016-06-20 19:19 - 00000000 ____D C:\Users\ulfw\Documents\Fax 2016-06-20 09:38 - 2016-06-23 19:58 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Samsung 2016-06-19 17:41 - 2016-06-19 17:41 - 00000000 ____D C:\Users\ulfw\Documents\Unbenannte Site 2 2016-06-19 17:15 - 2016-06-19 17:15 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software 2016-06-19 17:15 - 2016-06-19 17:15 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software 2016-06-19 17:11 - 2016-06-19 17:11 - 00000756 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\gunnarsupporttool.lnk 2016-06-19 17:08 - 2016-06-19 17:08 - 00001579 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver.lnk 2016-06-19 14:43 - 2016-06-19 14:43 - 00001635 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk 2016-06-19 14:43 - 2016-06-19 14:43 - 00001459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk 2016-06-19 14:42 - 2016-06-19 14:42 - 00001358 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk 2016-06-19 14:42 - 2016-06-19 14:42 - 00001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk 2016-06-19 14:41 - 2016-06-19 14:45 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-06-19 14:41 - 2016-06-19 14:41 - 00001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk 2016-06-19 14:41 - 2016-06-19 14:41 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2016-06-19 14:41 - 2016-06-19 14:41 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2016-06-19 11:34 - 2016-06-19 11:34 - 00135997 _____ C:\Users\ulfw\Documents\Text-231.pdf 2016-06-19 11:25 - 2016-06-26 08:02 - 00001634 _____ C:\Users\ulfw\Desktop\Euro-Franken.lnk 2016-06-19 11:21 - 2016-06-19 11:21 - 00004273 _____ C:\Users\ulfw\Desktop\Brief-Brief.lnk 2016-06-19 10:39 - 2016-06-19 10:52 - 00001604 _____ C:\Users\ulfw\Desktop\Nikon7100.doc - Notitzen.lnk 2016-06-19 10:39 - 2014-12-26 10:34 - 26271857 _____ C:\Users\ulfw\Desktop\D7100_EU(De)02.pdf 2016-06-19 10:39 - 2013-02-10 16:28 - 03772586 _____ C:\Users\ulfw\Desktop\NafGear-Handbuch.pdf 2016-06-19 10:39 - 2013-02-08 17:25 - 00001579 _____ C:\Users\ulfw\Desktop\Beteiligte im Museum.lnk 2016-06-19 10:39 - 2011-12-26 17:34 - 00412172 _____ C:\Users\ulfw\Desktop\audacity-Handbuch.pdf 2016-06-19 10:39 - 2011-12-26 17:16 - 01543863 _____ C:\Users\ulfw\Desktop\Movie Maker-Hanb 2016-06-19 10:39 - 2010-11-16 16:02 - 00000193 _____ C:\Users\ulfw\Desktop\SwissDomain.ch.url 2016-06-19 10:39 - 2010-11-16 09:39 - 00000226 _____ C:\Users\ulfw\Desktop\IPS-Homepage.url 2016-06-19 09:42 - 2016-06-23 19:58 - 00000000 ____D C:\ProgramData\Samsung 2016-06-19 09:42 - 2016-06-19 09:42 - 00234360 _____ C:\Windows\system32\SBuySupplies.exe 2016-06-19 09:42 - 2016-06-19 09:42 - 00166776 _____ C:\Windows\system32\us008ci.exe 2016-06-19 09:42 - 2016-06-19 09:42 - 00098328 _____ (SS) C:\Windows\system32\us008ci.dll 2016-06-19 09:42 - 2016-06-19 09:42 - 00031256 _____ () C:\Windows\system32\us008lm.dll 2016-06-19 09:32 - 2016-06-19 09:32 - 00685080 _____ (Logitech Inc.) C:\Windows\system32\LVUI64.dll 2016-06-19 09:32 - 2016-06-19 09:32 - 00582680 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LV561V64.sys 2016-06-19 09:32 - 2016-06-19 09:32 - 00490008 _____ (Logitech Inc.) C:\Windows\SysWOW64\LVUI2.dll 2016-06-19 09:32 - 2016-06-19 09:32 - 00486936 _____ (Logitech Inc.) C:\Windows\system32\LVUIRC64.dll 2016-06-19 09:32 - 2016-06-19 09:32 - 00475672 _____ (Logitech Inc.) C:\Windows\system32\lvcod64.dll 2016-06-19 09:32 - 2016-06-19 09:32 - 00465432 _____ (Logitech Inc.) C:\Windows\SysWOW64\LVUI2RC.dll 2016-06-19 09:32 - 2016-06-19 09:32 - 00416280 _____ (Logitech Inc.) C:\Windows\SysWOW64\lvcodec2.dll 2016-06-19 09:32 - 2016-06-19 09:32 - 00257560 _____ (Logitech Inc.) C:\Windows\system32\lvco1150.dll 2016-06-19 09:32 - 2016-06-19 09:32 - 00059500 _____ C:\Windows\system32\lvcoin64.ini 2016-06-19 09:32 - 2016-06-19 09:32 - 00050072 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LVUSBS64.sys 2016-06-19 09:32 - 2016-06-19 09:32 - 00021138 _____ C:\Windows\system32\Repository.reg 2016-06-19 09:32 - 2016-06-19 09:32 - 00000000 ____D C:\Program Files\Common Files\logishrd 2016-06-18 20:09 - 2016-06-18 20:09 - 00016148 _____ C:\Windows\system32\DESKTOP-3REOR0Q_ulfw_HistoryPrediction.bin 2016-06-18 19:13 - 2016-06-18 19:13 - 00003662 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-uweissen@bluewin.ch 2016-06-18 19:13 - 2016-06-18 19:13 - 00001127 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kamera - Verknüpfung.lnk 2016-06-18 19:13 - 2016-06-18 19:13 - 00000000 ____D C:\Users\ulfw\AppData\LocalLow\Adobe 2016-06-18 18:56 - 2016-06-19 14:49 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2016-06-18 18:56 - 2016-06-18 18:56 - 00001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 14.lnk 2016-06-18 18:54 - 2016-06-19 10:27 - 00000000 ____D C:\Program Files\Common Files\Adobe 2016-06-18 18:54 - 2016-06-19 10:26 - 00000000 ____D C:\Program Files\Adobe 2016-06-18 18:54 - 2013-09-03 12:01 - 00056336 ____N (Corel Corporation) C:\Windows\system32\Drivers\PxHlpa64.sys 2016-06-18 18:54 - 2012-04-24 12:01 - 00011376 ____N (Corel Corporation) C:\Windows\system32\Drivers\cdralw2k.sys 2016-06-18 18:54 - 2012-04-24 12:01 - 00010864 ____N (Corel Corporation) C:\Windows\system32\Drivers\cdr4_xp.sys 2016-06-18 18:50 - 2016-06-18 18:50 - 00000000 ____D C:\Users\ulfw\ReadMe 2016-06-18 18:48 - 2016-06-18 18:50 - 00000000 ____D C:\Users\ulfw\PSE 14 2016-06-18 16:12 - 2016-06-19 14:43 - 00000000 ____D C:\ProgramData\Adobe 2016-06-18 16:11 - 2016-06-27 08:51 - 00000000 ____D C:\Users\ulfw\AppData\Local\Adobe 2016-06-18 14:27 - 2016-06-18 14:27 - 00000000 ____D C:\Users\ulfw\AppData\Local\ElevatedDiagnostics 2016-06-18 12:53 - 2016-06-18 12:53 - 00129152 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys 2016-06-18 12:52 - 2016-05-28 07:02 - 06488312 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll 2016-06-18 12:52 - 2016-05-28 07:02 - 04532304 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2016-06-18 12:52 - 2016-05-28 07:02 - 01314496 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2016-06-18 12:52 - 2016-05-28 07:02 - 00601344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2016-06-18 12:52 - 2016-05-28 07:02 - 00432360 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2016-06-18 12:52 - 2016-05-28 07:02 - 00421536 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll 2016-06-18 12:52 - 2016-05-28 07:02 - 00158048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2016-06-18 12:52 - 2016-05-28 07:02 - 00113144 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll 2016-06-18 12:52 - 2016-05-28 07:00 - 02543784 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2016-06-18 12:52 - 2016-05-28 07:00 - 01591304 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-06-18 12:52 - 2016-05-28 07:00 - 00327520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys 2016-06-18 12:52 - 2016-05-28 07:00 - 00203496 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll 2016-06-18 12:52 - 2016-05-28 06:59 - 00363872 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2016-06-18 12:52 - 2016-05-28 06:59 - 00131208 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll 2016-06-18 12:52 - 2016-05-28 06:54 - 00658784 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll 2016-06-18 12:52 - 2016-05-28 06:53 - 03625416 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-06-18 12:52 - 2016-05-28 06:53 - 00026464 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe 2016-06-18 12:52 - 2016-05-28 06:52 - 22326760 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-06-18 12:52 - 2016-05-28 06:47 - 00613120 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe 2016-06-18 12:52 - 2016-05-28 06:47 - 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2016-06-18 12:52 - 2016-05-28 06:39 - 04047288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2016-06-18 12:52 - 2016-05-28 06:39 - 01365584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2016-06-18 12:52 - 2016-05-28 06:39 - 00952968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2016-06-18 12:52 - 2016-05-28 06:39 - 00365128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2016-06-18 12:52 - 2016-05-28 06:38 - 05118024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll 2016-06-18 12:52 - 2016-05-28 06:38 - 00372368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll 2016-06-18 12:52 - 2016-05-28 06:38 - 00306528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2016-06-18 12:52 - 2016-05-28 06:38 - 00097096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll 2016-06-18 12:52 - 2016-05-28 06:35 - 02188472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2016-06-18 12:52 - 2016-05-28 06:35 - 00183904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll 2016-06-18 12:52 - 2016-05-28 06:35 - 00112632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll 2016-06-18 12:52 - 2016-05-28 06:28 - 00467296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll 2016-06-18 12:52 - 2016-05-28 06:27 - 20861984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2016-06-18 12:52 - 2016-05-28 06:27 - 02880560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-06-18 12:52 - 2016-05-28 06:21 - 00545400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe 2016-06-18 12:52 - 2016-05-28 06:21 - 00316256 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2016-06-18 12:52 - 2016-05-28 06:11 - 00395264 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll 2016-06-18 12:52 - 2016-05-28 06:10 - 00694784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2016-06-18 12:52 - 2016-05-28 06:10 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll 2016-06-18 12:52 - 2016-05-28 06:09 - 00914944 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll 2016-06-18 12:52 - 2016-05-28 06:08 - 21860352 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll 2016-06-18 12:52 - 2016-05-28 06:07 - 24597504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-06-18 12:52 - 2016-05-28 06:00 - 01336832 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll 2016-06-18 12:52 - 2016-05-28 05:58 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2016-06-18 12:52 - 2016-05-28 05:58 - 00672256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2016-06-18 12:52 - 2016-05-28 05:58 - 00410624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2016-06-18 12:52 - 2016-05-28 05:58 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll 2016-06-18 12:52 - 2016-05-28 05:57 - 06788096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll 2016-06-18 12:52 - 2016-05-28 05:57 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll 2016-06-18 12:52 - 2016-05-28 05:56 - 12511232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-06-18 12:52 - 2016-05-28 05:54 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll 2016-06-18 12:52 - 2016-05-28 05:54 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL 2016-06-18 12:52 - 2016-05-28 05:54 - 00282112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll 2016-06-18 12:52 - 2016-05-28 05:53 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll 2016-06-18 12:52 - 2016-05-28 05:53 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll 2016-06-18 12:52 - 2016-05-28 05:52 - 02663424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll 2016-06-18 12:52 - 2016-05-28 05:51 - 02848256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-06-18 12:52 - 2016-05-28 05:51 - 02119680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-06-18 12:52 - 2016-05-28 05:51 - 01603584 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-06-18 12:52 - 2016-05-28 05:50 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-06-18 12:52 - 2016-05-28 05:50 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll 2016-06-18 12:52 - 2016-05-28 05:50 - 00574464 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-06-18 12:52 - 2016-05-28 05:49 - 19330560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-06-18 12:52 - 2016-05-28 05:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2016-06-18 12:52 - 2016-05-28 05:45 - 07523840 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll 2016-06-18 12:52 - 2016-05-28 05:45 - 03584000 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys 2016-06-18 12:52 - 2016-05-28 05:44 - 04793344 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-06-18 12:52 - 2016-05-28 05:44 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys 2016-06-18 12:52 - 2016-05-28 05:44 - 00737792 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll 2016-06-18 12:52 - 2016-05-28 05:44 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2016-06-18 12:52 - 2016-05-28 05:43 - 00240128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2016-06-18 12:52 - 2016-05-28 05:41 - 05160960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll 2016-06-18 12:52 - 2016-05-28 05:41 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys 2016-06-18 12:52 - 2016-05-28 05:40 - 18797568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll 2016-06-18 12:52 - 2016-05-28 05:40 - 00672768 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll 2016-06-18 12:52 - 2016-05-28 05:39 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll 2016-06-18 12:52 - 2016-05-28 05:39 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll 2016-06-18 12:52 - 2016-05-28 05:38 - 01821696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll 2016-06-18 12:52 - 2016-05-28 05:38 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll 2016-06-18 12:52 - 2016-05-28 05:38 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll 2016-06-18 12:52 - 2016-05-28 05:37 - 02315776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-06-18 12:52 - 2016-05-28 05:36 - 01383424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-06-18 12:52 - 2016-05-28 05:35 - 02042368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-06-18 12:52 - 2016-05-28 05:35 - 00679936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-06-18 12:52 - 2016-05-28 05:35 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll 2016-06-18 12:52 - 2016-05-28 05:35 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-06-18 12:52 - 2016-05-28 05:35 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll 2016-06-18 12:52 - 2016-05-28 05:32 - 03580928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-06-18 12:52 - 2016-05-28 05:31 - 11268096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-06-18 12:52 - 2016-05-28 05:30 - 05454848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll 2016-06-18 12:52 - 2016-05-28 05:29 - 00502272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll 2016-06-18 12:52 - 2016-05-28 05:29 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2016-06-18 12:52 - 2016-05-28 05:25 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll 2016-06-15 21:59 - 2016-06-15 21:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2016-06-09 21:33 - 2016-06-09 21:41 - 00000000 ____D C:\Users\ulfw\AppData\Local\Thunderbird 2016-06-09 21:33 - 2016-06-09 21:33 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Thunderbird 2016-06-09 21:33 - 2016-06-09 21:33 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Mozilla 2016-06-09 21:32 - 2016-06-09 21:32 - 00001285 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2016-06-09 21:32 - 2016-06-09 21:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2016-06-09 21:32 - 2016-06-09 21:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-06-09 17:47 - 2016-06-09 17:47 - 00000751 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Netz-Freiga.lnk 2016-06-09 17:24 - 2016-06-09 17:24 - 00000000 ____H C:\Users\ulfw\Documents\Default.rdp 2016-06-09 11:51 - 2016-06-09 11:51 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\TeamViewer 2016-06-09 11:50 - 2016-06-09 11:51 - 02734008 _____ (TeamViewer GmbH) C:\Users\ulfw\Desktop\gunnarsupporttool.exe 2016-06-07 14:43 - 2016-06-07 14:48 - 00000118 _____ C:\Users\ulfw\Documents\W-10.txt 2016-06-07 11:57 - 2016-06-07 11:57 - 00000000 ____D C:\Web 2016-06-07 11:18 - 2016-06-07 11:18 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf 2016-06-07 11:17 - 2016-06-07 11:17 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Lenovo 2016-06-07 11:17 - 2016-06-07 11:17 - 00000000 ____D C:\Users\ulfw\.QtWebEngineProcess 2016-06-07 11:17 - 2016-06-07 11:17 - 00000000 ____D C:\Users\ulfw\.LSC 2016-06-06 16:38 - 2016-06-06 16:38 - 00000000 ____D C:\Download 2016-06-06 16:01 - 2016-06-06 16:01 - 00001205 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tresore.lnk 2016-06-06 15:58 - 2016-06-06 15:58 - 00001411 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Schlösser.lnk 2016-06-06 15:50 - 2016-02-12 17:20 - 00459536 _____ (DisplayLink Corp.) C:\Windows\system32\Drivers\dlkmd.sys 2016-06-06 15:50 - 2016-02-12 17:20 - 00026896 _____ (DisplayLink Corp.) C:\Windows\system32\Drivers\dlkmdldr.sys 2016-06-06 15:49 - 2016-06-06 15:49 - 00000000 ____D C:\Program Files\DisplayLink Core Software 2016-06-06 15:47 - 2016-06-06 15:47 - 01447960 _____ (DisplayLink Corp.) C:\Windows\system32\DisplayLinkUsbCo64_7.9.1488.0.dll 2016-06-06 15:47 - 2016-06-06 15:47 - 00067344 _____ () C:\Windows\system32\Drivers\DisplayLinkUsbIo_x64_7.9.1488.0.sys 2016-06-05 19:27 - 2016-06-09 08:43 - 00001160 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videos-fertig.lnk 2016-06-05 12:05 - 2016-06-26 08:02 - 00001230 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TresoreAnder.lnk 2016-06-05 12:05 - 2016-06-05 12:05 - 00001207 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Archiv.lnk 2016-06-05 11:36 - 2016-06-05 11:36 - 00001177 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Schlos-Bilder.lnk 2016-06-05 11:29 - 2016-06-05 11:29 - 00001187 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tresor-Bilder.lnk 2016-06-05 08:59 - 2016-06-05 08:59 - 00000028 _____ C:\Windows\OutLog.txt 2016-06-04 20:18 - 2016-06-05 09:33 - 00000000 ____D C:\Users\ulfw\Tracing 2016-06-04 20:17 - 2016-06-04 20:17 - 00002361 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk 2016-06-04 20:15 - 2016-06-04 20:15 - 00000000 ____D C:\Windows\de 2016-06-04 20:14 - 2016-06-09 10:03 - 00000000 ____D C:\Users\ulfw\AppData\Local\Windows Live 2016-06-04 20:14 - 2016-06-04 20:17 - 00000000 ____D C:\Program Files (x86)\Windows Live 2016-06-04 20:14 - 2016-06-04 20:14 - 00001454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk 2016-06-04 20:14 - 2016-06-04 20:14 - 00001385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk 2016-06-04 20:14 - 2016-06-04 20:14 - 00001365 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk 2016-06-04 20:14 - 2016-06-04 20:14 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live 2016-06-04 20:14 - 2016-06-04 20:14 - 00000000 ____D C:\Windows\PCHEALTH 2016-06-04 20:14 - 2016-06-04 20:14 - 00000000 ____D C:\Program Files\Windows Live 2016-06-04 20:14 - 2016-06-04 20:14 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2016-06-04 20:14 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll 2016-06-04 20:14 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2016-06-04 20:14 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2016-06-04 20:14 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll 2016-06-04 20:14 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2016-06-04 20:14 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll 2016-06-04 20:14 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2016-06-04 20:14 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2016-06-04 20:14 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll 2016-06-04 20:14 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll 2016-06-04 20:14 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll 2016-06-04 20:14 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll 2016-06-04 16:00 - 2016-06-04 16:00 - 00001344 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Explorer.lnk 2016-06-04 14:42 - 2016-06-26 20:20 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Nitro PDF 2016-06-04 14:28 - 2016-06-04 14:28 - 00000000 ___HD C:\Lenovo 2016-06-04 11:41 - 2016-06-04 11:43 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Audacity 2016-06-04 11:41 - 2016-06-04 11:41 - 00001095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk 2016-06-04 11:41 - 2016-06-04 11:41 - 00000000 ____D C:\Users\ulfw\AppData\Local\Audacity 2016-06-04 11:41 - 2016-06-04 11:41 - 00000000 ____D C:\Program Files (x86)\Audacity 2016-06-03 20:27 - 2016-06-03 20:27 - 00002240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk 2016-06-03 20:27 - 2016-06-03 20:27 - 00000000 ____D C:\Users\ulfw\AppData\LocalLow\Google 2016-06-03 20:22 - 2016-06-19 10:43 - 00002515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Reader 3.lnk 2016-06-03 20:22 - 2016-06-03 20:22 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Nitro 2016-06-03 20:22 - 2016-06-03 20:22 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\FileOpen 2016-06-03 20:22 - 2016-06-03 20:22 - 00000000 ____D C:\ProgramData\Nitro 2016-06-03 20:22 - 2016-06-03 20:22 - 00000000 ____D C:\ProgramData\FileOpen 2016-06-03 20:22 - 2016-06-03 20:22 - 00000000 ____D C:\Program Files\Common Files\Nitro 2016-06-03 20:22 - 2016-06-03 20:22 - 00000000 ____D C:\Program Files (x86)\Nitro 2016-06-03 20:22 - 2013-07-26 06:57 - 00029712 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalmon2.dll 2016-06-03 20:22 - 2013-07-26 06:57 - 00017936 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalui2.dll 2016-06-03 20:21 - 2016-06-03 20:21 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Downloaded Installations 2016-06-03 20:06 - 2016-06-03 20:06 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2 2016-06-03 20:06 - 2016-06-03 20:06 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\OpenOffice 2016-06-03 20:06 - 2016-06-03 20:06 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4 2016-06-03 18:37 - 2016-06-05 09:04 - 00001989 ____H C:\Windows\EPMBatch.ept 2016-06-03 18:26 - 2016-06-03 18:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 11.0 2016-06-03 18:26 - 2016-04-26 01:29 - 03563712 _____ C:\Windows\system32\BootMan.exe 2016-06-03 18:26 - 2016-04-26 01:29 - 02662592 _____ C:\Windows\SysWOW64\BootMan.exe 2016-06-03 18:26 - 2016-01-20 12:07 - 00101984 _____ C:\Windows\system32\setupempdrvx64.exe 2016-06-03 18:26 - 2016-01-20 12:07 - 00088160 _____ C:\Windows\SysWOW64\setupempdrv03.exe 2016-06-03 18:26 - 2016-01-20 12:07 - 00018016 _____ C:\Windows\system32\epmntdrv.sys 2016-06-03 18:26 - 2016-01-20 12:07 - 00014944 _____ C:\Windows\SysWOW64\epmntdrv.sys 2016-06-03 18:26 - 2016-01-20 12:07 - 00010848 _____ C:\Windows\system32\EuGdiDrv.sys 2016-06-03 18:26 - 2016-01-20 12:07 - 00010208 _____ C:\Windows\SysWOW64\EuGdiDrv.sys 2016-06-03 18:26 - 2014-11-18 14:46 - 00021088 _____ C:\Windows\SysWOW64\EuEpmGdi.dll 2016-06-03 18:26 - 2014-11-18 14:46 - 00017504 _____ C:\Windows\system32\EuEpmGdi.dll 2016-06-03 17:28 - 2016-06-03 17:28 - 00000000 ____D C:\ProgramData\Nikon 2016-06-03 16:43 - 2016-06-03 16:43 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Nikon 2016-06-03 15:06 - 2016-06-06 16:25 - 00000000 ____D C:\Program Files\Nikon 2016-06-03 15:06 - 2016-06-03 16:43 - 00000000 ____D C:\Users\ulfw\AppData\Local\Nikon 2016-06-03 15:06 - 2016-06-03 15:07 - 00000000 ____D C:\Users\ulfw\AppData\Local\Downloaded Installations 2016-06-03 15:06 - 2016-06-03 15:07 - 00000000 ____D C:\ProgramData\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583 2016-06-03 15:06 - 2016-06-03 15:07 - 00000000 ____D C:\Program Files (x86)\Nikon 2016-06-03 15:06 - 2016-06-03 15:06 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ATL71.DLL 2016-06-03 15:06 - 2016-06-03 15:06 - 00000268 ___RH C:\Users\ulfw\AppData\Roaming\Standard 2016-06-03 15:06 - 2016-06-03 15:06 - 00000268 ___RH C:\Users\ulfw\AppData\Roaming\Speech Enhancer 2016-06-03 15:06 - 2016-06-03 15:06 - 00000268 ___RH C:\ProgramData\StatusSheet 2016-06-03 15:06 - 2016-06-03 15:06 - 00000268 ___RH C:\ProgramData\StartupItems 2016-06-03 15:06 - 2016-06-03 15:06 - 00000020 ____H C:\ProgramData\PKP_DLev.DAT 2016-06-03 15:06 - 2016-06-03 15:06 - 00000020 ____H C:\ProgramData\PKP_DLet.DAT 2016-06-03 15:06 - 2016-06-03 15:06 - 00000000 ____D C:\ProgramData\Vocal Transformer 2016-06-03 15:06 - 2016-06-03 15:06 - 00000000 ____D C:\ProgramData\Ultima_T15 2016-06-03 15:06 - 2016-06-03 15:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewNX-i 2016-06-03 15:06 - 2016-06-03 15:06 - 00000000 ____D C:\ProgramData\grep 2016-06-03 15:06 - 2016-06-03 15:06 - 00000000 ____D C:\ProgramData\EnterNHelp 2016-06-03 15:06 - 2016-06-03 15:06 - 00000000 ____D C:\Program Files\Common Files\Nikon 2016-06-03 15:05 - 2016-06-03 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link to Nikon 2016-06-02 21:44 - 2016-06-02 21:44 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\epm 2016-06-02 20:58 - 2015-12-10 06:10 - 00192552 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\EuFdDisk.sys 2016-06-02 20:58 - 2015-12-10 06:10 - 00060968 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\eubakup.sys 2016-06-02 20:58 - 2015-12-10 06:10 - 00048168 _____ C:\Windows\system32\Drivers\EUBKMON.sys 2016-06-02 20:58 - 2015-12-10 06:10 - 00018472 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\system32\Drivers\eudskacs.sys 2016-06-02 20:55 - 2016-06-03 18:27 - 00000000 ____D C:\Program Files (x86)\EaseUS 2016-06-02 19:30 - 2016-06-26 09:09 - 00000000 ___HD C:\$AVG 2016-06-02 19:30 - 2016-06-02 19:30 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\TuneUp Software 2016-06-02 19:30 - 2016-06-02 19:30 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\AVG 2016-06-02 19:28 - 2016-06-26 09:10 - 00000000 ____D C:\ProgramData\MFAData 2016-06-02 19:28 - 2016-06-02 19:28 - 00000000 ____D C:\Users\ulfw\AppData\Local\MFAData 2016-06-02 19:27 - 2016-06-26 09:12 - 00000000 ____D C:\Program Files (x86)\AVG 2016-06-02 18:50 - 2016-06-26 09:12 - 00000000 ____D C:\Users\ulfw\AppData\Local\AvgSetupLog 2016-06-02 18:50 - 2016-06-26 09:12 - 00000000 ____D C:\ProgramData\Avg 2016-06-02 18:50 - 2016-06-26 09:10 - 00000000 ____D C:\Users\ulfw\AppData\Local\Avg 2016-06-02 17:56 - 2016-06-06 13:39 - 00000000 ___RD C:\UlfAntik 2016-06-02 16:39 - 2016-06-02 16:39 - 00000000 ____D C:\Windows\system32\SleepStudy 2016-06-02 16:22 - 2016-06-25 21:57 - 00000000 ____D C:\ProgramData\Skype 2016-06-02 16:22 - 2016-06-25 21:40 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Skype 2016-06-02 16:12 - 2016-06-02 16:12 - 00000000 ____D C:\Users\ulfw\Downloads\SHAREit 2016-06-02 16:12 - 2016-06-02 16:12 - 00000000 ____D C:\Users\ulfw\AppData\Local\SHAREit 2016-06-02 16:04 - 2016-06-15 22:40 - 00484008 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-06-02 15:58 - 2016-06-18 12:55 - 00000000 ____D C:\Windows\system32\MRT 2016-06-02 15:58 - 2016-06-18 12:53 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-06-02 15:58 - 2016-04-09 12:12 - 08021856 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-06-02 15:58 - 2016-04-09 12:06 - 01981280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2016-06-02 15:58 - 2016-04-09 12:04 - 02430304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2016-06-02 15:58 - 2016-04-09 11:50 - 01515936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2016-06-02 15:58 - 2016-04-09 11:04 - 01780352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2016-06-02 15:58 - 2016-04-09 10:09 - 00650240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-06-02 15:58 - 2016-04-09 09:55 - 00373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-06-02 15:58 - 2016-04-09 09:22 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys 2016-06-02 15:58 - 2016-04-09 08:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-06-02 15:58 - 2016-03-16 06:45 - 00140536 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe 2016-06-02 15:58 - 2016-03-16 06:37 - 01010016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2016-06-02 15:58 - 2016-03-16 05:47 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll 2016-06-02 15:58 - 2016-03-16 05:45 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthLEEnum.sys 2016-06-02 15:58 - 2016-03-16 05:42 - 01290240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll 2016-06-02 15:58 - 2016-03-16 05:38 - 01423872 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll 2016-06-02 15:58 - 2016-03-16 05:37 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll 2016-06-02 15:58 - 2016-03-16 05:36 - 01205248 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll 2016-06-02 15:58 - 2016-03-16 05:36 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\CallHistoryClient.dll 2016-06-02 15:58 - 2016-03-16 05:36 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\UserDataPlatformHelperUtil.dll 2016-06-02 15:58 - 2016-03-16 05:36 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTypeHelperUtil.dll 2016-06-02 15:58 - 2016-03-16 05:36 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\UserDataLanguageUtil.dll 2016-06-02 15:58 - 2016-03-16 05:27 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll 2016-06-02 15:58 - 2016-03-16 05:13 - 00928256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll 2016-06-02 15:58 - 2016-02-23 16:51 - 00633184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys 2016-06-02 15:58 - 2016-02-23 16:43 - 00127840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2016-06-02 15:58 - 2016-02-23 16:41 - 00299600 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL 2016-06-02 15:58 - 2016-02-23 15:11 - 00249976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMASF.DLL 2016-06-02 15:58 - 2016-02-23 14:20 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys 2016-06-02 15:58 - 2016-01-31 07:25 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2016-06-02 15:58 - 2016-01-31 07:23 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2016-06-02 15:58 - 2016-01-31 07:22 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll 2016-06-02 15:58 - 2016-01-31 07:11 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll 2016-06-02 15:58 - 2016-01-05 03:57 - 00578560 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2016-06-02 15:58 - 2015-11-25 07:40 - 00516448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS 2016-06-02 15:58 - 2015-11-25 06:30 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys 2016-06-02 15:58 - 2015-11-25 06:30 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys 2016-06-02 15:58 - 2015-11-25 06:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll 2016-06-02 15:58 - 2015-11-25 06:07 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll 2016-06-02 15:58 - 2015-11-05 07:15 - 00541024 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll 2016-06-02 15:58 - 2015-11-05 07:14 - 00459104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2016-06-02 15:58 - 2015-11-05 07:13 - 00577888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2016-06-02 15:58 - 2015-11-05 06:56 - 00116064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2016-06-02 15:58 - 2015-09-17 08:50 - 00099664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys 2016-06-02 15:58 - 2015-09-17 08:48 - 00406864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2016-06-02 15:58 - 2015-09-17 07:52 - 06572032 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll 2016-06-02 15:58 - 2015-09-17 07:51 - 01812480 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll 2016-06-02 15:58 - 2015-09-17 07:50 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2016-06-02 15:58 - 2015-09-17 07:44 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll 2016-06-02 15:58 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll 2016-06-02 15:58 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll 2016-06-02 15:57 - 2016-04-09 09:54 - 00768000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2016-06-02 15:57 - 2016-04-09 09:52 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll 2016-06-02 15:57 - 2016-04-09 09:38 - 00464384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll 2016-06-02 15:57 - 2016-04-09 08:42 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2016-06-02 15:57 - 2016-04-09 08:41 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2016-06-02 15:57 - 2016-04-09 08:27 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll 2016-06-02 15:57 - 2016-03-16 06:56 - 03467784 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll 2016-06-02 15:57 - 2016-03-16 06:55 - 01951872 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-06-02 15:57 - 2016-03-16 06:21 - 01531888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-06-02 15:57 - 2016-03-16 05:40 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll 2016-06-02 15:57 - 2016-03-16 05:39 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll 2016-06-02 15:57 - 2016-03-16 05:37 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll 2016-06-02 15:57 - 2016-03-16 05:36 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\ExSMime.dll 2016-06-02 15:57 - 2016-03-16 05:36 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll 2016-06-02 15:57 - 2016-03-16 05:32 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll 2016-06-02 15:57 - 2016-03-16 05:16 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll 2016-06-02 15:57 - 2016-03-16 05:13 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll 2016-06-02 15:57 - 2016-02-23 16:11 - 00781984 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll 2016-06-02 15:57 - 2016-02-23 14:42 - 00658536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll 2016-06-02 15:57 - 2016-02-23 13:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2016-06-02 15:57 - 2016-02-23 13:14 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2016-06-02 15:57 - 2016-02-23 12:55 - 14241792 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2016-06-02 15:57 - 2016-02-23 12:45 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll 2016-06-02 15:57 - 2016-02-23 12:11 - 12589056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2016-06-02 15:57 - 2016-01-31 08:25 - 01248896 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll 2016-06-02 15:57 - 2016-01-31 08:06 - 00809336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll 2016-06-02 15:57 - 2016-01-31 07:29 - 11557888 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2016-06-02 15:57 - 2016-01-31 07:26 - 03793408 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2016-06-02 15:57 - 2016-01-31 07:17 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll 2016-06-02 15:57 - 2016-01-31 07:04 - 00100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll 2016-06-02 15:57 - 2016-01-05 05:07 - 02463704 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll 2016-06-02 15:57 - 2016-01-05 05:07 - 00377592 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL 2016-06-02 15:57 - 2016-01-05 05:06 - 01063504 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll 2016-06-02 15:57 - 2016-01-05 05:06 - 00119800 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL 2016-06-02 15:57 - 2016-01-05 05:04 - 02824248 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2016-06-02 15:57 - 2016-01-05 05:04 - 02641928 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2016-06-02 15:57 - 2016-01-05 05:04 - 00787720 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL 2016-06-02 15:57 - 2016-01-05 05:04 - 00784136 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll 2016-06-02 15:57 - 2016-01-05 05:04 - 00779928 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2016-06-02 15:57 - 2016-01-05 05:04 - 00233992 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll 2016-06-02 15:57 - 2016-01-05 05:04 - 00090912 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll 2016-06-02 15:57 - 2016-01-05 05:04 - 00083704 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll 2016-06-02 15:57 - 2016-01-05 04:50 - 00345080 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL 2016-06-02 15:57 - 2016-01-05 04:50 - 00205072 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL 2016-06-02 15:57 - 2016-01-05 04:30 - 02459096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2016-06-02 15:57 - 2016-01-05 04:30 - 02152744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2016-06-02 15:57 - 2016-01-05 04:30 - 00882208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll 2016-06-02 15:57 - 2016-01-05 04:30 - 00368776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL 2016-06-02 15:57 - 2016-01-05 04:30 - 00100712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL 2016-06-02 15:57 - 2016-01-05 04:29 - 00208688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll 2016-06-02 15:57 - 2016-01-05 04:28 - 02445128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2016-06-02 15:57 - 2016-01-05 04:28 - 00695752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL 2016-06-02 15:57 - 2016-01-05 04:28 - 00645144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll 2016-06-02 15:57 - 2016-01-05 04:28 - 00635312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2016-06-02 15:57 - 2016-01-05 04:28 - 00082096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll 2016-06-02 15:57 - 2016-01-05 04:15 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\usermgrcli.dll 2016-06-02 15:57 - 2016-01-05 04:10 - 00305776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL 2016-06-02 15:57 - 2016-01-05 04:10 - 00188032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL 2016-06-02 15:57 - 2016-01-05 04:02 - 01672192 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2016-06-02 15:57 - 2016-01-05 04:02 - 00678912 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2016-06-02 15:57 - 2016-01-05 04:02 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2016-06-02 15:57 - 2016-01-05 04:01 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax 2016-06-02 15:57 - 2016-01-05 03:57 - 00712704 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll 2016-06-02 15:57 - 2016-01-05 03:32 - 01541632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2016-06-02 15:57 - 2016-01-05 03:32 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2016-06-02 15:57 - 2016-01-05 03:31 - 00563200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2016-06-02 15:57 - 2016-01-05 03:31 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax 2016-06-02 15:57 - 2015-11-25 06:49 - 01569280 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll 2016-06-02 15:57 - 2015-11-25 06:28 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll 2016-06-02 15:57 - 2015-11-25 06:18 - 01233920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll 2016-06-02 15:57 - 2015-11-25 06:10 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll 2016-06-02 15:57 - 2015-11-05 07:11 - 01392480 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll 2016-06-02 15:57 - 2015-11-05 07:06 - 00966416 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll 2016-06-02 15:57 - 2015-11-05 06:30 - 00961376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll 2016-06-02 15:57 - 2015-11-05 06:18 - 03248128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll 2016-06-02 15:57 - 2015-11-05 06:17 - 02418688 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll 2016-06-02 15:57 - 2015-11-05 06:10 - 02987520 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll 2016-06-02 15:57 - 2015-11-05 06:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2016-06-02 15:57 - 2015-11-05 05:42 - 02647040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll 2016-06-02 15:57 - 2015-11-05 05:40 - 01918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll 2016-06-02 15:57 - 2015-11-05 05:35 - 02639872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll 2016-06-02 15:57 - 2015-10-06 05:03 - 16708608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2016-06-02 15:57 - 2015-10-06 04:46 - 13027840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2016-06-02 15:57 - 2015-10-01 05:03 - 00757760 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll 2016-06-02 15:57 - 2015-09-25 05:03 - 00796160 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll 2016-06-02 15:57 - 2015-09-25 04:37 - 00613376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll 2016-06-02 15:57 - 2015-09-17 08:49 - 00894256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2016-06-02 15:57 - 2015-09-17 08:49 - 00553808 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe 2016-06-02 15:57 - 2015-09-17 08:48 - 00476760 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll 2016-06-02 15:57 - 2015-09-17 08:28 - 00441168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe 2016-06-02 15:57 - 2015-09-17 08:28 - 00074880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remoteaudioendpoint.dll 2016-06-02 15:57 - 2015-09-17 08:26 - 00434376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll 2016-06-02 15:57 - 2015-09-17 08:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\CellularAPI.dll 2016-06-02 15:57 - 2015-09-17 08:00 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\KeywordDetectorMsftSidAdapter.dll 2016-06-02 15:57 - 2015-09-17 07:55 - 00671232 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx02000.dll 2016-06-02 15:57 - 2015-09-17 07:55 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\dmcsps.dll 2016-06-02 15:57 - 2015-09-17 07:48 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll 2016-06-02 15:57 - 2015-09-17 07:31 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll 2016-06-02 15:57 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll 2016-06-02 15:57 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll 2016-06-02 15:56 - 2016-04-09 12:53 - 01535032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-06-02 15:56 - 2016-04-09 12:10 - 01824872 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-06-02 15:56 - 2016-04-09 12:10 - 00609976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2016-06-02 15:56 - 2016-04-09 09:06 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-06-02 15:56 - 2016-03-16 06:56 - 01022664 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2016-06-02 15:56 - 2016-03-16 06:56 - 00861512 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2016-06-02 15:56 - 2016-03-16 06:55 - 02495768 _____ C:\Windows\system32\CoreUIComponents.dll 2016-06-02 15:56 - 2016-03-16 06:55 - 01299032 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2016-06-02 15:56 - 2016-03-16 06:55 - 01127024 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2016-06-02 15:56 - 2016-03-16 06:39 - 00983904 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi 2016-06-02 15:56 - 2016-03-16 06:21 - 01767000 _____ C:\Windows\SysWOW64\CoreUIComponents.dll 2016-06-02 15:56 - 2016-03-16 05:49 - 00850432 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2016-06-02 15:56 - 2016-03-16 05:44 - 01016832 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll 2016-06-02 15:56 - 2016-03-16 05:42 - 02180608 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll 2016-06-02 15:56 - 2016-03-16 05:40 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll 2016-06-02 15:56 - 2016-03-16 05:39 - 03363328 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2016-06-02 15:56 - 2016-03-16 05:35 - 01794560 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll 2016-06-02 15:56 - 2016-03-16 05:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\AppxApplicabilityEngine.dll 2016-06-02 15:56 - 2016-03-16 05:34 - 01871872 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2016-06-02 15:56 - 2016-03-16 05:18 - 00104960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthBroker.dll 2016-06-02 15:56 - 2016-03-16 05:17 - 03680256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2016-06-02 15:56 - 2016-03-16 05:17 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll 2016-06-02 15:56 - 2016-03-16 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll 2016-06-02 15:56 - 2016-03-16 05:11 - 01594368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2016-06-02 15:56 - 2016-02-23 16:41 - 01150816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-06-02 15:56 - 2016-02-23 15:25 - 01085632 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-06-02 15:56 - 2016-02-23 13:59 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll 2016-06-02 15:56 - 2016-02-23 13:45 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys 2016-06-02 15:56 - 2016-02-23 13:04 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe 2016-06-02 15:56 - 2016-02-23 13:03 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll 2016-06-02 15:56 - 2016-02-23 12:51 - 00915456 _____ (Microsoft Corporation) C:\Windows\system32\configurationclient.dll 2016-06-02 15:56 - 2016-02-23 12:51 - 00678912 _____ (Microsoft Corporation) C:\Windows\system32\scapi.dll 2016-06-02 15:56 - 2016-02-23 12:46 - 00400384 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll 2016-06-02 15:56 - 2016-02-23 12:45 - 01844736 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe 2016-06-02 15:56 - 2016-02-23 12:17 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll 2016-06-02 15:56 - 2016-02-23 12:03 - 01495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe 2016-06-02 15:56 - 2016-01-31 08:23 - 02601160 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll 2016-06-02 15:56 - 2016-01-31 08:23 - 01420392 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2016-06-02 15:56 - 2016-01-31 08:04 - 01811360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll 2016-06-02 15:56 - 2016-01-31 08:04 - 01180696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2016-06-02 15:56 - 2016-01-31 07:33 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\IoTAssignedAccessLockFramework.dll 2016-06-02 15:56 - 2016-01-31 07:16 - 09889280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2016-06-02 15:56 - 2016-01-05 05:06 - 01991120 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL 2016-06-02 15:56 - 2016-01-05 05:06 - 01270104 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll 2016-06-02 15:56 - 2016-01-05 05:04 - 00862056 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll 2016-06-02 15:56 - 2016-01-05 05:04 - 00751992 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL 2016-06-02 15:56 - 2016-01-05 05:04 - 00667856 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-06-02 15:56 - 2016-01-05 05:04 - 00115704 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL 2016-06-02 15:56 - 2016-01-05 04:50 - 00723648 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-06-02 15:56 - 2016-01-05 04:30 - 02162064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL 2016-06-02 15:56 - 2016-01-05 04:30 - 01106872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll 2016-06-02 15:56 - 2016-01-05 04:28 - 00714808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll 2016-06-02 15:56 - 2016-01-05 04:28 - 00696192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL 2016-06-02 15:56 - 2016-01-05 04:28 - 00497896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2016-06-02 15:56 - 2016-01-05 04:28 - 00107952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL 2016-06-02 15:56 - 2016-01-05 04:28 - 00072808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll 2016-06-02 15:56 - 2016-01-05 04:15 - 00931328 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL 2016-06-02 15:56 - 2016-01-05 04:09 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2016-06-02 15:56 - 2016-01-05 03:51 - 01255936 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL 2016-06-02 15:56 - 2016-01-05 03:51 - 01009664 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL 2016-06-02 15:56 - 2016-01-05 03:51 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL 2016-06-02 15:56 - 2016-01-05 03:51 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL 2016-06-02 15:56 - 2016-01-05 03:51 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL 2016-06-02 15:56 - 2016-01-05 03:42 - 00871936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL 2016-06-02 15:56 - 2016-01-05 03:20 - 00890880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL 2016-06-02 15:56 - 2016-01-05 03:19 - 01070080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL 2016-06-02 15:56 - 2016-01-05 03:19 - 00747008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL 2016-06-02 15:56 - 2016-01-05 03:19 - 00409088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL 2016-06-02 15:56 - 2016-01-05 03:19 - 00404992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL 2016-06-02 15:56 - 2015-11-25 07:27 - 01366680 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2016-06-02 15:56 - 2015-11-25 07:09 - 01310880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2016-06-02 15:56 - 2015-11-25 06:37 - 02350592 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2016-06-02 15:56 - 2015-11-25 06:36 - 01710592 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll 2016-06-02 15:56 - 2015-11-25 06:35 - 00929792 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll 2016-06-02 15:56 - 2015-11-25 06:35 - 00845824 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe 2016-06-02 15:56 - 2015-11-25 06:29 - 01649152 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2016-06-02 15:56 - 2015-11-25 06:29 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\ninput.dll 2016-06-02 15:56 - 2015-11-25 06:23 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-06-02 15:56 - 2015-11-25 06:22 - 01717248 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2016-06-02 15:56 - 2015-11-25 06:22 - 00603648 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll 2016-06-02 15:56 - 2015-11-25 06:17 - 00774656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll 2016-06-02 15:56 - 2015-11-25 06:16 - 01442816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll 2016-06-02 15:56 - 2015-11-25 06:16 - 00786432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe 2016-06-02 15:56 - 2015-11-25 06:13 - 02153984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2016-06-02 15:56 - 2015-11-25 06:10 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2016-06-02 15:56 - 2015-11-25 06:04 - 01467392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2016-06-02 15:56 - 2015-11-05 06:23 - 00762888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll 2016-06-02 15:56 - 2015-11-05 06:12 - 00515072 _____ (Microsoft Corporation) C:\Windows\system32\internetmail.dll 2016-06-02 15:56 - 2015-11-05 05:59 - 02675200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll 2016-06-02 15:56 - 2015-11-05 05:27 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll 2016-06-02 15:56 - 2015-09-25 06:01 - 02573768 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2016-06-02 15:56 - 2015-09-25 05:33 - 01997336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2016-06-02 15:56 - 2015-09-17 08:48 - 02156400 _____ (Microsoft Corporation) C:\Windows\system32\hevcdecoder.dll 2016-06-02 15:56 - 2015-09-17 08:48 - 00505696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys 2016-06-02 15:56 - 2015-09-17 08:48 - 00395088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2016-06-02 15:56 - 2015-09-17 08:37 - 01295712 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll 2016-06-02 15:56 - 2015-09-17 08:26 - 01895568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hevcdecoder.dll 2016-06-02 15:56 - 2015-09-17 08:04 - 07569408 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll 2016-06-02 15:56 - 2015-09-17 08:04 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll 2016-06-02 15:56 - 2015-09-17 07:54 - 03781120 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll 2016-06-02 15:56 - 2015-09-17 07:53 - 07055872 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll 2016-06-02 15:56 - 2015-09-17 07:52 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll 2016-06-02 15:56 - 2015-09-17 07:52 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll 2016-06-02 15:56 - 2015-09-17 07:46 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll 2016-06-02 15:56 - 2015-09-17 07:44 - 01844736 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll 2016-06-02 15:56 - 2015-09-17 07:40 - 06101504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll 2016-06-02 15:56 - 2015-09-17 07:36 - 01171456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcenter.dll 2016-06-02 15:56 - 2015-09-17 07:35 - 05079552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll 2016-06-02 15:56 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.PicturePassword.dll 2016-06-02 15:55 - 2016-04-15 09:21 - 01085776 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2016-06-02 15:55 - 2016-04-15 08:43 - 00916800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2016-06-02 15:55 - 2016-04-15 08:06 - 00602624 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll 2016-06-02 15:55 - 2016-04-15 07:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll 2016-06-02 15:55 - 2016-04-09 12:52 - 00502504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2016-06-02 15:55 - 2016-04-09 12:05 - 01199368 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-06-02 15:55 - 2016-04-09 12:05 - 00331616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys 2016-06-02 15:55 - 2016-03-16 06:54 - 00595016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll 2016-06-02 15:55 - 2016-03-16 06:47 - 00801632 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe 2016-06-02 15:55 - 2016-03-16 06:46 - 00658568 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll 2016-06-02 15:55 - 2016-03-16 06:11 - 00700256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe 2016-06-02 15:55 - 2016-03-16 05:56 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\PhoneCallHistoryApis.dll 2016-06-02 15:55 - 2016-03-16 05:55 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\UserDataAccountApis.dll 2016-06-02 15:55 - 2016-03-16 05:55 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\ExtrasXmlParser.dll 2016-06-02 15:55 - 2016-03-16 05:51 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll 2016-06-02 15:55 - 2016-03-16 05:49 - 01416192 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-06-02 15:55 - 2016-03-16 05:43 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll 2016-06-02 15:55 - 2016-03-16 05:42 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll 2016-06-02 15:55 - 2016-03-16 05:40 - 00931840 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll 2016-06-02 15:55 - 2016-03-16 05:40 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2016-06-02 15:55 - 2016-03-16 05:40 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll 2016-06-02 15:55 - 2016-03-16 05:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll 2016-06-02 15:55 - 2016-03-16 05:37 - 01521664 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll 2016-06-02 15:55 - 2016-03-16 05:37 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll 2016-06-02 15:55 - 2016-03-16 05:37 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll 2016-06-02 15:55 - 2016-03-16 05:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\FontProvider.dll 2016-06-02 15:55 - 2016-03-16 05:36 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll 2016-06-02 15:55 - 2016-03-16 05:36 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\cemapi.dll 2016-06-02 15:55 - 2016-03-16 05:36 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\VCardParser.dll 2016-06-02 15:55 - 2016-03-16 05:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll 2016-06-02 15:55 - 2016-03-16 05:36 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\POSyncServices.dll 2016-06-02 15:55 - 2016-03-16 05:35 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll 2016-06-02 15:55 - 2016-03-16 05:35 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll 2016-06-02 15:55 - 2016-03-16 05:31 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll 2016-06-02 15:55 - 2016-03-16 05:31 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhoneCallHistoryApis.dll 2016-06-02 15:55 - 2016-03-16 05:31 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExtrasXmlParser.dll 2016-06-02 15:55 - 2016-03-16 05:20 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll 2016-06-02 15:55 - 2016-03-16 05:17 - 00842240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll 2016-06-02 15:55 - 2016-03-16 05:17 - 00168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll 2016-06-02 15:55 - 2016-03-16 05:17 - 00133120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll 2016-06-02 15:55 - 2016-03-16 05:14 - 00625152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll 2016-06-02 15:55 - 2016-03-16 05:14 - 00579584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll 2016-06-02 15:55 - 2016-03-16 05:14 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll 2016-06-02 15:55 - 2016-03-16 05:13 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll 2016-06-02 15:55 - 2016-03-16 05:13 - 00201216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cemapi.dll 2016-06-02 15:55 - 2016-03-16 05:13 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VCardParser.dll 2016-06-02 15:55 - 2016-03-16 05:13 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CallHistoryClient.dll 2016-06-02 15:55 - 2016-03-16 05:13 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll 2016-06-02 15:55 - 2016-03-16 05:13 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\POSyncServices.dll 2016-06-02 15:55 - 2016-03-16 05:13 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataPlatformHelperUtil.dll 2016-06-02 15:55 - 2016-03-16 05:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTypeHelperUtil.dll 2016-06-02 15:55 - 2016-03-16 05:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataLanguageUtil.dll 2016-06-02 15:55 - 2016-02-23 16:50 - 00630160 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2016-06-02 15:55 - 2016-02-23 16:41 - 00078040 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll 2016-06-02 15:55 - 2016-02-23 16:40 - 00110584 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll 2016-06-02 15:55 - 2016-02-23 16:38 - 00272752 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll 2016-06-02 15:55 - 2016-02-23 16:36 - 00080128 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll 2016-06-02 15:55 - 2016-02-23 15:30 - 01643872 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2016-06-02 15:55 - 2016-02-23 15:21 - 00529456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2016-06-02 15:55 - 2016-02-23 15:11 - 00073360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srvcli.dll 2016-06-02 15:55 - 2016-02-23 15:11 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wkscli.dll 2016-06-02 15:55 - 2016-02-23 15:09 - 00229352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll 2016-06-02 15:55 - 2016-02-23 15:06 - 00069232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll 2016-06-02 15:55 - 2016-02-23 13:59 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys 2016-06-02 15:55 - 2016-02-23 13:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll 2016-06-02 15:55 - 2016-02-23 13:17 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll 2016-06-02 15:55 - 2016-02-23 13:17 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll 2016-06-02 15:55 - 2016-02-23 12:29 - 00043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll 2016-06-02 15:55 - 2016-01-31 07:34 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\ngckeyenum.dll 2016-06-02 15:55 - 2016-01-31 07:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rasman.dll 2016-06-02 15:55 - 2016-01-31 07:24 - 00784384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2016-06-02 15:55 - 2016-01-31 07:19 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\NetworkDesktopSettings.dll 2016-06-02 15:55 - 2016-01-31 07:19 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IoTAssignedAccessLockFramework.dll 2016-06-02 15:55 - 2016-01-31 07:13 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasman.dll 2016-06-02 15:55 - 2016-01-31 07:11 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2016-06-02 15:55 - 2016-01-05 05:04 - 00772448 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-06-02 15:55 - 2016-01-05 05:04 - 00250520 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL 2016-06-02 15:55 - 2016-01-05 05:04 - 00249464 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL 2016-06-02 15:55 - 2016-01-05 05:04 - 00243248 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2016-06-02 15:55 - 2016-01-05 04:52 - 00441696 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-06-02 15:55 - 2016-01-05 04:50 - 01817064 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll 2016-06-02 15:55 - 2016-01-05 04:50 - 00251544 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL 2016-06-02 15:55 - 2016-01-05 04:30 - 00232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL 2016-06-02 15:55 - 2016-01-05 04:28 - 00277400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL 2016-06-02 15:55 - 2016-01-05 04:10 - 00539136 _____ (Microsoft Corporation) C:\Windows\system32\mfh264enc.dll 2016-06-02 15:55 - 2016-01-05 04:10 - 00278424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL 2016-06-02 15:55 - 2016-01-05 03:38 - 00556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll 2016-06-02 15:55 - 2015-11-25 07:42 - 00168288 _____ (Microsoft Corporation) C:\Windows\system32\NetworkUXBroker.exe 2016-06-02 15:55 - 2015-11-25 06:49 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\WlanMediaManager.dll 2016-06-02 15:55 - 2015-11-25 06:49 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll 2016-06-02 15:55 - 2015-11-25 06:49 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\RasMediaManager.dll 2016-06-02 15:55 - 2015-11-25 06:48 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\EthernetMediaManager.dll 2016-06-02 15:55 - 2015-11-25 06:48 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\DAMediaManager.dll 2016-06-02 15:55 - 2015-11-25 06:31 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\DAMM.dll 2016-06-02 15:55 - 2015-11-25 06:30 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\dot3mm.dll 2016-06-02 15:55 - 2015-11-25 06:26 - 00849408 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll 2016-06-02 15:55 - 2015-11-25 06:11 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ninput.dll 2016-06-02 15:55 - 2015-11-25 06:08 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll 2016-06-02 15:55 - 2015-11-25 06:04 - 00480768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll 2016-06-02 15:55 - 2015-11-25 06:04 - 00474624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2016-06-02 15:55 - 2015-11-25 04:52 - 00775312 _____ C:\Windows\SysWOW64\locale.nls 2016-06-02 15:55 - 2015-11-25 04:52 - 00775312 _____ C:\Windows\system32\locale.nls 2016-06-02 15:55 - 2015-11-05 06:06 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll 2016-06-02 15:55 - 2015-11-05 05:54 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll 2016-06-02 15:55 - 2015-11-05 05:34 - 00311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll 2016-06-02 15:55 - 2015-11-05 05:23 - 00441344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dlnashext.dll 2016-06-02 15:55 - 2015-10-10 09:12 - 00078528 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-06-02 15:55 - 2015-09-25 06:01 - 00498016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2016-06-02 15:55 - 2015-09-25 05:07 - 01276416 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll 2016-06-02 15:55 - 2015-09-25 05:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll 2016-06-02 15:55 - 2015-09-25 04:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2016-06-02 15:55 - 2015-09-25 04:32 - 00466432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll 2016-06-02 15:55 - 2015-09-19 07:14 - 00102304 _____ (Microsoft Corporation) C:\Windows\system32\omadmapi.dll 2016-06-02 15:55 - 2015-09-17 08:50 - 01563392 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll 2016-06-02 15:55 - 2015-09-17 08:50 - 00088384 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll 2016-06-02 15:55 - 2015-09-17 08:49 - 01563472 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll 2016-06-02 15:55 - 2015-09-17 08:49 - 00501008 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2016-06-02 15:55 - 2015-09-17 08:48 - 00809352 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll 2016-06-02 15:55 - 2015-09-17 08:48 - 00555768 _____ (Microsoft Corporation) C:\Windows\system32\directmanipulation.dll 2016-06-02 15:55 - 2015-09-17 08:48 - 00537080 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll 2016-06-02 15:55 - 2015-09-17 08:48 - 00278352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2016-06-02 15:55 - 2015-09-17 08:28 - 01357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll 2016-06-02 15:55 - 2015-09-17 08:28 - 00407608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2016-06-02 15:55 - 2015-09-17 08:27 - 00454512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\directmanipulation.dll 2016-06-02 15:55 - 2015-09-17 08:26 - 00428128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll 2016-06-02 15:55 - 2015-09-17 08:11 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll 2016-06-02 15:55 - 2015-09-17 08:10 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll 2016-06-02 15:55 - 2015-09-17 08:08 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Speech.Pal.dll 2016-06-02 15:55 - 2015-09-17 08:05 - 02226688 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll 2016-06-02 15:55 - 2015-09-17 08:03 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll 2016-06-02 15:55 - 2015-09-17 08:03 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe 2016-06-02 15:55 - 2015-09-17 08:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe 2016-06-02 15:55 - 2015-09-17 08:02 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll 2016-06-02 15:55 - 2015-09-17 08:02 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll 2016-06-02 15:55 - 2015-09-17 07:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll 2016-06-02 15:55 - 2015-09-17 07:57 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll 2016-06-02 15:55 - 2015-09-17 07:57 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll 2016-06-02 15:55 - 2015-09-17 07:57 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll 2016-06-02 15:55 - 2015-09-17 07:56 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll 2016-06-02 15:55 - 2015-09-17 07:56 - 00521728 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll 2016-06-02 15:55 - 2015-09-17 07:55 - 01601536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll 2016-06-02 15:55 - 2015-09-17 07:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll 2016-06-02 15:55 - 2015-09-17 07:55 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\accountaccessor.dll 2016-06-02 15:55 - 2015-09-17 07:55 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\wwancfg.dll 2016-06-02 15:55 - 2015-09-17 07:54 - 00780288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll 2016-06-02 15:55 - 2015-09-17 07:52 - 01181696 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2016-06-02 15:55 - 2015-09-17 07:52 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll 2016-06-02 15:55 - 2015-09-17 07:52 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\MbaeApi.dll 2016-06-02 15:55 - 2015-09-17 07:51 - 01203712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll 2016-06-02 15:55 - 2015-09-17 07:51 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2016-06-02 15:55 - 2015-09-17 07:51 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll 2016-06-02 15:55 - 2015-09-17 07:50 - 00929280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys 2016-06-02 15:55 - 2015-09-17 07:50 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll 2016-06-02 15:55 - 2015-09-17 07:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\buttonconverter.sys 2016-06-02 15:55 - 2015-09-17 07:49 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Speech.Pal.dll 2016-06-02 15:55 - 2015-09-17 07:48 - 02093056 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll 2016-06-02 15:55 - 2015-09-17 07:48 - 00517632 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll 2016-06-02 15:55 - 2015-09-17 07:48 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll 2016-06-02 15:55 - 2015-09-17 07:48 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll 2016-06-02 15:55 - 2015-09-17 07:48 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll 2016-06-02 15:55 - 2015-09-17 07:47 - 00513536 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll 2016-06-02 15:55 - 2015-09-17 07:46 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe 2016-06-02 15:55 - 2015-09-17 07:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\HttpsDataSource.dll 2016-06-02 15:55 - 2015-09-17 07:45 - 01331200 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll 2016-06-02 15:55 - 2015-09-17 07:45 - 00869376 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll 2016-06-02 15:55 - 2015-09-17 07:45 - 00193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll 2016-06-02 15:55 - 2015-09-17 07:43 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\RemoteNaturalLanguage.dll 2016-06-02 15:55 - 2015-09-17 07:43 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll 2016-06-02 15:55 - 2015-09-17 07:41 - 00217088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll 2016-06-02 15:55 - 2015-09-17 07:40 - 01162240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll 2016-06-02 15:55 - 2015-09-17 07:39 - 00587264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll 2016-06-02 15:55 - 2015-09-17 07:38 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll 2016-06-02 15:55 - 2015-09-17 07:37 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MbaeApi.dll 2016-06-02 15:55 - 2015-09-17 07:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll 2016-06-02 15:55 - 2015-09-17 07:34 - 00253440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll 2016-06-02 15:55 - 2015-09-17 07:32 - 00336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll 2016-06-02 15:55 - 2015-09-17 07:32 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll 2016-06-02 15:55 - 2015-09-17 07:29 - 01104384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll 2016-06-02 15:55 - 2015-09-17 07:29 - 00701952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll 2016-06-02 15:55 - 2015-09-17 07:29 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll 2016-06-02 15:55 - 2015-09-17 07:26 - 00899584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RemoteNaturalLanguage.dll 2016-06-02 15:55 - 2015-09-17 07:16 - 00512000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll 2016-06-02 15:55 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll 2016-06-02 15:55 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2016-06-02 15:55 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll 2016-06-02 15:54 - 2016-04-15 08:05 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll 2016-06-02 15:54 - 2016-04-09 12:52 - 00705520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-06-02 15:54 - 2016-03-16 06:41 - 00208736 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll 2016-06-02 15:54 - 2016-03-16 06:08 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe 2016-06-02 15:54 - 2016-03-16 06:06 - 00181088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll 2016-06-02 15:54 - 2016-03-16 05:56 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModelShim.dll 2016-06-02 15:54 - 2016-03-16 05:55 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll 2016-06-02 15:54 - 2016-03-16 05:55 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\fwbase.dll 2016-06-02 15:54 - 2016-03-16 05:47 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll 2016-06-02 15:54 - 2016-03-16 05:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll 2016-06-02 15:54 - 2016-03-16 05:46 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll 2016-06-02 15:54 - 2016-03-16 05:43 - 00573952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Cortana.Desktop.dll 2016-06-02 15:54 - 2016-03-16 05:40 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll 2016-06-02 15:54 - 2016-03-16 05:40 - 00280576 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll 2016-06-02 15:54 - 2016-03-16 05:39 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll 2016-06-02 15:54 - 2016-03-16 05:36 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll 2016-06-02 15:54 - 2016-03-16 05:36 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenanceClient.dll 2016-06-02 15:54 - 2016-03-16 05:35 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll 2016-06-02 15:54 - 2016-03-16 05:28 - 00163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwbase.dll 2016-06-02 15:54 - 2016-03-16 05:24 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll 2016-06-02 15:54 - 2016-03-16 05:24 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll 2016-06-02 15:54 - 2016-03-16 05:24 - 00019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll 2016-06-02 15:54 - 2016-03-16 05:17 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vaultcli.dll 2016-06-02 15:54 - 2016-03-16 05:13 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PimIndexMaintenanceClient.dll 2016-06-02 15:54 - 2016-03-16 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll 2016-06-02 15:54 - 2016-02-23 16:51 - 00146784 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2016-06-02 15:54 - 2016-02-23 16:11 - 00103776 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll 2016-06-02 15:54 - 2016-02-23 15:21 - 00141152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe 2016-06-02 15:54 - 2016-02-23 14:50 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\NetCfgNotifyObjectHost.exe 2016-06-02 15:54 - 2016-02-23 14:42 - 00078176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll 2016-06-02 15:54 - 2016-02-23 14:15 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2016-06-02 15:54 - 2016-02-23 13:57 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll 2016-06-02 15:54 - 2016-02-23 13:37 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetCfgNotifyObjectHost.exe 2016-06-02 15:54 - 2016-01-31 07:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2016-06-02 15:54 - 2016-01-31 07:19 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys 2016-06-02 15:54 - 2016-01-31 07:13 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\ztrace_maps.dll 2016-06-02 15:54 - 2016-01-31 06:58 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ztrace_maps.dll 2016-06-02 15:54 - 2016-01-05 04:28 - 00116728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2016-06-02 15:54 - 2016-01-05 04:15 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll 2016-06-02 15:54 - 2016-01-05 04:09 - 01234944 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2016-06-02 15:54 - 2016-01-05 03:44 - 00159744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll 2016-06-02 15:54 - 2016-01-05 03:44 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usermgrcli.dll 2016-06-02 15:54 - 2015-12-01 08:03 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\gpuenergydrv.sys 2016-06-02 15:54 - 2015-11-25 07:32 - 00113184 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll 2016-06-02 15:54 - 2015-11-25 06:59 - 00092992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll 2016-06-02 15:54 - 2015-11-25 06:36 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys 2016-06-02 15:54 - 2015-11-25 06:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll 2016-06-02 15:54 - 2015-11-25 06:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZST.DLL 2016-06-02 15:54 - 2015-11-25 06:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL 2016-06-02 15:54 - 2015-11-25 06:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL 2016-06-02 15:54 - 2015-11-25 06:04 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll 2016-06-02 15:54 - 2015-11-25 06:04 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZST.DLL 2016-06-02 15:54 - 2015-11-25 06:04 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL 2016-06-02 15:54 - 2015-11-25 06:04 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL 2016-06-02 15:54 - 2015-11-05 06:56 - 00025280 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-06-02 15:54 - 2015-09-25 04:59 - 00590336 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll 2016-06-02 15:54 - 2015-09-17 08:48 - 00584656 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2016-06-02 15:54 - 2015-09-17 08:37 - 01168736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2016-06-02 15:54 - 2015-09-17 08:26 - 00508248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2016-06-02 15:54 - 2015-09-17 08:09 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll 2016-06-02 15:54 - 2015-09-17 08:09 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll 2016-06-02 15:54 - 2015-09-17 08:08 - 00494592 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll 2016-06-02 15:54 - 2015-09-17 08:08 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManagerShellext.exe 2016-06-02 15:54 - 2015-09-17 08:06 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll 2016-06-02 15:54 - 2015-09-17 08:05 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll 2016-06-02 15:54 - 2015-09-17 08:03 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll 2016-06-02 15:54 - 2015-09-17 08:00 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll 2016-06-02 15:54 - 2015-09-17 07:57 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\VEStoreEventHandlers.dll 2016-06-02 15:54 - 2015-09-17 07:56 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\configmanager2.dll 2016-06-02 15:54 - 2015-09-17 07:55 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe 2016-06-02 15:54 - 2015-09-17 07:54 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-06-02 15:54 - 2015-09-17 07:52 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2016-06-02 15:54 - 2015-09-17 07:52 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll 2016-06-02 15:54 - 2015-09-17 07:52 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\SubscriptionMgr.dll 2016-06-02 15:54 - 2015-09-17 07:50 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll 2016-06-02 15:54 - 2015-09-17 07:50 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeWiFi.dll 2016-06-02 15:54 - 2015-09-17 07:50 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeCell.dll 2016-06-02 15:54 - 2015-09-17 07:49 - 00439296 _____ (Microsoft Corporation) C:\Windows\system32\LocationWebproxy.dll 2016-06-02 15:54 - 2015-09-17 07:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\LocationGeofences.dll 2016-06-02 15:54 - 2015-09-17 07:49 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll 2016-06-02 15:54 - 2015-09-17 07:49 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\LocationCrowdsource.dll 2016-06-02 15:54 - 2015-09-17 07:49 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\LocationPeIP.dll 2016-06-02 15:54 - 2015-09-17 07:49 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\LocationWiFiAdapter.dll 2016-06-02 15:54 - 2015-09-17 07:47 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll 2016-06-02 15:54 - 2015-09-17 07:47 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll 2016-06-02 15:54 - 2015-09-17 07:46 - 00928256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll 2016-06-02 15:54 - 2015-09-17 07:46 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll 2016-06-02 15:54 - 2015-09-17 07:46 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll 2016-06-02 15:54 - 2015-09-17 07:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\syncmlhook.dll 2016-06-02 15:54 - 2015-09-17 07:45 - 00832512 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll 2016-06-02 15:54 - 2015-09-17 07:44 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll 2016-06-02 15:54 - 2015-09-17 07:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\syncutil.dll 2016-06-02 15:54 - 2015-09-17 07:43 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll 2016-06-02 15:54 - 2015-09-17 07:39 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2016-06-02 15:54 - 2015-09-17 07:32 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2016-06-02 15:54 - 2015-09-17 07:28 - 00473088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll 2016-06-02 15:27 - 2016-06-27 07:55 - 00004166 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{931BFAFD-4B01-497B-955E-2018BD63BFBA} 2016-06-02 15:15 - 2016-06-09 12:14 - 00001379 _____ C:\Users\Public\Documents\Lenovo.Portal.txt 2016-06-01 20:58 - 2016-06-18 13:07 - 00002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-06-01 20:57 - 2016-06-27 09:07 - 00001150 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-06-01 20:57 - 2016-06-27 07:53 - 00001146 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job Geändert von cosinus (27.06.2016 um 09:25 Uhr) Grund: CODE-Tags |
![]() | #6 |
![]() ![]() | ![]() AVG user InterfaceCode:
ATTFilter C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-06-01 20:57 - 2016-06-27 07:53 - 00001146 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-06-01 20:57 - 2016-06-26 09:01 - 00003662 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-06-01 20:57 - 2016-06-26 09:01 - 00003438 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-06-01 20:57 - 2016-06-03 20:27 - 00000000 ____D C:\Program Files (x86)\Google 2016-06-01 20:57 - 2016-06-03 14:10 - 00000000 ____D C:\Users\ulfw\AppData\Local\Google 2016-06-01 20:54 - 2016-06-09 11:42 - 00000000 ____D C:\Users\ulfw\AppData\Local\Comms 2016-06-01 20:26 - 2016-06-01 20:26 - 00000000 ____D C:\Users\ulfw\AppData\LocalLow\Temp 2016-06-01 20:19 - 2016-06-01 20:19 - 00000000 ___RD C:\Users\ulfw\3D Objects 2016-06-01 19:55 - 2016-06-01 19:55 - 00000000 ____D C:\Users\ulfw\AppData\Local\NetworkTiles 2016-06-01 17:07 - 2016-06-01 20:46 - 00000000 ____D C:\Users\ulfw\AppData\Local\MicrosoftEdge 2016-06-01 17:05 - 2016-06-01 17:05 - 00000000 ____D C:\Users\ulfw\AppData\LocalLow\Lenovo 2016-06-01 16:59 - 2016-06-01 16:59 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\LSC 2016-06-01 16:51 - 2016-06-01 16:51 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Macromedia 2016-06-01 16:51 - 2016-06-01 16:51 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Intel Corporation 2016-06-01 16:50 - 2016-06-01 16:51 - 00002367 _____ C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-06-01 16:50 - 2016-06-01 16:51 - 00000000 ___RD C:\Users\ulfw\OneDrive 2016-06-01 16:49 - 2016-06-01 16:49 - 00000000 ____D C:\Users\ulfw\REACHit 2016-06-01 16:49 - 2016-06-01 16:49 - 00000000 ____D C:\Users\ulfw\AppData\Local\Publishers 2016-06-01 16:49 - 2016-06-01 16:49 - 00000000 ____D C:\Users\ulfw\AppData\Local\CyberLink 2016-06-01 16:48 - 2016-06-27 07:53 - 00000000 ____D C:\Users\ulfw\AppData\Local\Lenovo 2016-06-01 16:48 - 2016-06-27 07:52 - 00000000 __SHD C:\Users\ulfw\IntelGraphicsProfiles 2016-06-01 16:48 - 2016-06-25 22:17 - 00000000 ____D C:\Users\ulfw 2016-06-01 16:48 - 2016-06-25 20:05 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Adobe 2016-06-01 16:48 - 2016-06-04 15:05 - 00000000 ____D C:\Users\ulfw\AppData\Local\Packages 2016-06-01 16:48 - 2016-06-01 16:48 - 00016148 _____ C:\Windows\system32\DESKTOP-3REOR0Q_defaultuser0_HistoryPrediction.bin 2016-06-01 16:48 - 2016-06-01 16:48 - 00000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2016-06-01 16:48 - 2016-06-01 16:48 - 00000020 ___SH C:\Users\ulfw\ntuser.ini 2016-06-01 16:48 - 2016-06-01 16:48 - 00000000 _SHDL C:\Users\ulfw\My Documents 2016-06-01 16:48 - 2016-06-01 16:48 - 00000000 _SHDL C:\Users\ulfw\Documents\My Videos 2016-06-01 16:48 - 2016-06-01 16:48 - 00000000 _SHDL C:\Users\ulfw\Documents\My Pictures 2016-06-01 16:48 - 2016-06-01 16:48 - 00000000 _SHDL C:\Users\ulfw\Documents\My Music 2016-06-01 16:48 - 2016-06-01 16:48 - 00000000 ____D C:\Windows\system32\LSC 2016-06-01 16:48 - 2016-06-01 16:48 - 00000000 ____D C:\Users\ulfw\AppData\Roaming\Intel 2016-06-01 16:48 - 2016-06-01 16:48 - 00000000 ____D C:\Users\ulfw\AppData\Local\VirtualStore 2016-06-01 16:48 - 2016-06-01 16:48 - 00000000 ____D C:\Users\ulfw\AppData\Local\TileDataLayer 2016-06-01 16:47 - 2016-06-01 16:47 - 36637152 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 36637152 _____ (Intel Corporation) C:\Windows\system32\dlumdfb9.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 35700096 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 35700096 _____ (Intel Corporation) C:\Windows\SysWOW64\dlumdfb9.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 31575776 _____ (Intel Corporation) C:\Windows\SysWOW64\igd11dxva32.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 30246816 _____ (Intel Corporation) C:\Windows\system32\igd11dxva64.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 29101576 _____ (Intel Corporation) C:\Windows\system32\common_clang64.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 19861512 _____ (Intel Corporation) C:\Windows\SysWOW64\common_clang32.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 13464072 _____ (Intel Corporation) C:\Windows\system32\ig9icd64.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 13426560 _____ (Intel Corporation) C:\Windows\SysWOW64\igc32.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 11439960 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 11439960 _____ (Intel Corporation) C:\Windows\SysWOW64\dlumdfb11.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 11439960 _____ (Intel Corporation) C:\Windows\SysWOW64\dlumdfb10.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 10221584 _____ (Intel Corporation) C:\Windows\SysWOW64\ig9icd32.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 06560024 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 05797102 _____ C:\Windows\system32\igdclbif.bin 2016-06-01 16:47 - 2016-06-01 16:47 - 05684232 _____ (Intel Corporation) C:\Windows\system32\igdmcl64.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 05262856 _____ (Intel Corporation) C:\Windows\system32\GfxResources.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 05029432 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 04668424 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 04455640 _____ (Intel Corporation) C:\Windows\system32\igd12umd64.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 04302072 _____ (Intel Corporation) C:\Windows\SysWOW64\igd12umd32.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 04113424 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 03969544 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmcl32.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 01898928 _____ (Intel Corporation) C:\Windows\system32\igdmd64.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 01816720 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 01814064 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 01576968 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 01517456 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmd32.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 01167888 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 01026464 _____ C:\Windows\system32\igfxSDK.exe 2016-06-01 16:47 - 2016-06-01 16:47 - 00961960 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe 2016-06-01 16:47 - 2016-06-01 16:47 - 00958376 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe 2016-06-01 16:47 - 2016-06-01 16:47 - 00819449 _____ C:\Windows\system32\DisplayAudiox64.cab 2016-06-01 16:47 - 2016-06-01 16:47 - 00626696 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00618920 _____ (Intel Corporation) C:\Windows\system32\IntelCpHDCPSvc.exe 2016-06-01 16:47 - 2016-06-01 16:47 - 00535968 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiUMS64.exe 2016-06-01 16:47 - 2016-06-01 16:47 - 00466336 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe 2016-06-01 16:47 - 2016-06-01 16:47 - 00438792 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00435096 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00433968 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00415752 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00390152 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00388616 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00381936 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00379800 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00350224 _____ (Intel Corporation) C:\Windows\system32\IntelWiDiMCComp64.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00318472 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00310160 _____ (Intel Corporation) C:\Windows\system32\igd10idpp64.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00300968 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe 2016-06-01 16:47 - 2016-06-01 16:47 - 00295024 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10idpp32.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00273424 _____ C:\Windows\system32\igfxCPL.cpl 2016-06-01 16:47 - 2016-06-01 16:47 - 00266248 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00255496 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00242160 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00236456 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe 2016-06-01 16:47 - 2016-06-01 16:47 - 00231840 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe 2016-06-01 16:47 - 2016-06-01 16:47 - 00231336 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe 2016-06-01 16:47 - 2016-06-01 16:47 - 00225288 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00222736 _____ (Intel Corporation) C:\Windows\system32\igdde64.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00206344 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v4326.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00205360 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00193032 _____ (Intel Corporation) C:\Windows\system32\igdail64.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00181328 _____ (Intel Corporation) C:\Windows\SysWOW64\igdde32.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00174504 _____ (Intel Corporation) C:\Windows\system32\difx64.exe 2016-06-01 16:47 - 2016-06-01 16:47 - 00173584 _____ (Intel Corporation) C:\Windows\SysWOW64\igdail32.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00111624 _____ ( ) C:\Windows\system32\igfxSDKLibv2_0.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00103944 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00103440 _____ C:\Windows\system32\igfxCUIServicePS.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00100872 _____ ( ) C:\Windows\system32\igfxSDKLib.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00099848 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00095240 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00083464 _____ ( ) C:\Windows\system32\igfxDHLib.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00055248 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00052736 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00041296 _____ C:\Windows\system32\iglhxc64_dev.vp 2016-06-01 16:47 - 2016-06-01 16:47 - 00040931 _____ C:\Windows\system32\iglhxo64_dev.vp 2016-06-01 16:47 - 2016-06-01 16:47 - 00040343 _____ C:\Windows\system32\iglhxo64.vp 2016-06-01 16:47 - 2016-06-01 16:47 - 00040316 _____ C:\Windows\system32\iglhxc64.vp 2016-06-01 16:47 - 2016-06-01 16:47 - 00039798 _____ C:\Windows\system32\iglhxg64_dev.vp 2016-06-01 16:47 - 2016-06-01 16:47 - 00039658 _____ C:\Windows\system32\iglhxg64.vp 2016-06-01 16:47 - 2016-06-01 16:47 - 00029192 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00029192 _____ ( ) C:\Windows\system32\igfxDILib.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00027664 _____ ( ) C:\Windows\system32\igfxEMLib.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00027656 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00022536 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00022536 _____ ( ) C:\Windows\system32\igfxLHMLib.dll 2016-06-01 16:47 - 2016-06-01 16:47 - 00004690 _____ C:\Windows\system32\iglhxs64.vp 2016-06-01 16:47 - 2016-06-01 16:47 - 00001125 _____ C:\Windows\system32\iglhxa64.vp 2016-06-01 16:44 - 2016-06-01 16:44 - 72130584 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2016-06-01 16:44 - 2016-06-01 16:44 - 14065952 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 13243904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 13108552 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 10093736 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 07181608 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 07104888 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 06273336 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 05834336 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 05344904 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 03938845 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2016-06-01 16:44 - 2016-06-01 16:44 - 03337424 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 03315800 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 03309264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 03154607 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat 2016-06-01 16:44 - 2016-06-01 16:44 - 03006200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 02989856 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 02856704 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 02719992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2016-06-01 16:44 - 2016-06-01 16:44 - 02632360 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 02562640 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 02467216 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 02218928 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 02119288 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 02058880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 01991784 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 01985576 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 01851128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 01804936 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 01624744 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 01613720 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 01530864 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 01456472 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 01416832 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 01403096 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 01372520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 01354808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 01231248 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 01194856 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 01183352 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 01140408 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 01015608 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 01012560 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00982248 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00979104 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00961680 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00940640 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00940320 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00905040 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00891160 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00889888 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00764344 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00759208 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00742536 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00723232 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00713912 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00693032 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00692520 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00659872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00632344 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00610128 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00588632 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00583168 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL 2016-06-01 16:44 - 2016-06-01 16:44 - 00545816 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00527824 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00517456 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00513712 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00479984 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00461272 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00460440 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00458016 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00453848 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00440728 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00399456 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00393480 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00374096 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00366216 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00355496 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00352896 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00352896 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00352424 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00342280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00339136 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00333288 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00333288 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00322032 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00283928 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00267200 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00264968 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00264896 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00263936 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00242768 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00235032 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00232704 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00225504 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00220136 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00205640 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00182888 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00176480 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00168936 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00161960 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00144184 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00131024 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00128504 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00127296 _____ C:\Windows\system32\AcpiServiceVnA64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00120712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00114008 _____ C:\Windows\system32\audioLibVc.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00100544 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00097968 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00097912 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00094168 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00093144 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00085088 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2016-06-01 16:44 - 2016-06-01 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby 2016-06-01 16:44 - 2016-06-01 16:44 - 00000000 ____D C:\ProgramData\Dolby 2016-06-01 16:44 - 2016-06-01 16:44 - 00000000 ____D C:\Program Files\Dolby 2016-06-01 16:40 - 2016-06-01 16:40 - 02365304 _____ (Microsoft Corporation) C:\Windows\system32\WudfUpdate_01011.dll 2016-06-01 16:40 - 2016-06-01 16:40 - 00786032 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll 2016-06-01 16:40 - 2016-06-01 16:40 - 00437360 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll 2016-06-01 16:40 - 2016-06-01 16:40 - 00291952 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo34-5.dll 2016-06-01 16:40 - 2016-06-01 16:40 - 00286312 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll 2016-06-01 16:40 - 2016-06-01 16:40 - 00074352 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynRMIHID_Aux.sys 2016-06-01 16:38 - 2016-06-27 07:52 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-06-01 16:37 - 2015-12-01 09:01 - 02115936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-06-26 20:13 - 2015-11-01 07:33 - 00812538 _____ C:\Windows\system32\perfh00C.dat 2016-06-26 20:13 - 2015-11-01 07:33 - 00154740 _____ C:\Windows\system32\perfc00C.dat 2016-06-26 20:13 - 2015-11-01 07:31 - 00772656 _____ C:\Windows\system32\perfh007.dat 2016-06-26 20:13 - 2015-11-01 07:31 - 00154794 _____ C:\Windows\system32\perfc007.dat 2016-06-26 20:13 - 2015-07-16 17:54 - 02759286 _____ C:\Windows\system32\PerfStringBackup.INI 2016-06-26 20:13 - 2015-07-10 13:02 - 00000000 ____D C:\Windows\INF 2016-06-26 17:58 - 2015-07-10 14:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-06-26 17:57 - 2015-07-10 11:05 - 04980736 ___SH C:\Windows\system32\config\BBI 2016-06-26 11:06 - 2015-07-10 13:04 - 00000000 ___HD C:\Program Files\WindowsApps 2016-06-26 11:06 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\AppReadiness 2016-06-26 09:09 - 2015-07-10 13:04 - 00000000 ___HD C:\Windows\ELAMBKUP 2016-06-25 13:50 - 2015-07-10 11:05 - 00032768 ___SH C:\Windows\system32\config\ELAM 2016-06-23 19:55 - 2015-11-01 06:46 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo 2016-06-23 15:23 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\NDF 2016-06-21 09:38 - 2015-07-16 18:33 - 00000000 ____D C:\Windows\Panther 2016-06-21 09:36 - 2016-04-27 09:46 - 00000000 ___HD C:\$WINDOWS.~BT 2016-06-20 19:19 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\FxsTmp 2016-06-20 15:06 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\rescache 2016-06-20 09:10 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\LiveKernelReports 2016-06-18 18:55 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-06-18 15:51 - 2015-07-16 17:49 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-06-18 15:51 - 2015-07-10 14:20 - 00224368 _____ C:\Windows\system32\FNTCACHE.DAT 2016-06-18 15:50 - 2015-07-10 13:04 - 00000000 ___SD C:\Windows\system32\DiagSvcs 2016-06-18 12:56 - 2015-07-10 12:55 - 00000000 ____D C:\Windows\CbsTemp 2016-06-14 19:32 - 2015-07-10 13:06 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-06-14 19:32 - 2015-07-10 13:06 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-06-07 11:18 - 2015-11-01 06:53 - 00000000 ____D C:\ProgramData\Lenovo 2016-06-06 16:41 - 2015-11-01 06:46 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo 2016-06-06 16:40 - 2015-11-01 06:48 - 00000000 ____D C:\Windows\Downloaded Installations 2016-06-05 09:25 - 2015-11-01 06:48 - 00000000 ____D C:\Windows\System32\Tasks\CyberLink 2016-06-05 09:25 - 2015-11-01 06:48 - 00000000 ____D C:\ProgramData\CyberLink 2016-06-05 09:25 - 2015-11-01 06:47 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-06-05 09:25 - 2015-11-01 06:47 - 00000000 ____D C:\ProgramData\Temp 2016-06-05 09:25 - 2015-11-01 06:47 - 00000000 ____D C:\ProgramData\SUPPORTDIR 2016-06-05 09:25 - 2015-11-01 06:46 - 00000000 ____D C:\Program Files (x86)\Lenovo 2016-06-04 17:46 - 2015-11-01 07:31 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer 2016-06-04 17:46 - 2015-07-10 15:16 - 00000000 ____D C:\Program Files\Windows Journal 2016-06-04 17:46 - 2015-07-10 15:13 - 00000000 ____D C:\Windows\SysWOW64\winrm 2016-06-04 17:46 - 2015-07-10 15:13 - 00000000 ____D C:\Windows\SysWOW64\WCN 2016-06-04 17:46 - 2015-07-10 15:13 - 00000000 ____D C:\Windows\SysWOW64\slmgr 2016-06-04 17:46 - 2015-07-10 15:13 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts 2016-06-04 17:46 - 2015-07-10 15:13 - 00000000 ____D C:\Windows\system32\winrm 2016-06-04 17:46 - 2015-07-10 15:13 - 00000000 ____D C:\Windows\system32\WCN 2016-06-04 17:46 - 2015-07-10 15:13 - 00000000 ____D C:\Windows\system32\slmgr 2016-06-04 17:46 - 2015-07-10 15:13 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts 2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ___SD C:\Windows\SysWOW64\F12 2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ___SD C:\Windows\SysWOW64\DiagSvcs 2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ___SD C:\Windows\system32\F12 2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ___SD C:\Windows\system32\dsc 2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ___RD C:\Windows\MiracastView 2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ___RD C:\Windows\ImmersiveControlPanel 2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ___RD C:\Windows\DevicesFlow 2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\SysWOW64\oobe 2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\SysWOW64\MUI 2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\SysWOW64\Com 2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\SystemResetPlatform 2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\oobe 2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\MUI 2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\migwiz 2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\Com 2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\PolicyDefinitions 2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\IME 2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\Help 2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Defender 2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\System 2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2016-06-04 17:46 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2016-06-04 17:46 - 2015-07-10 11:05 - 00000000 ____D C:\Windows\SysWOW64\Dism 2016-06-04 17:46 - 2015-07-10 11:05 - 00000000 ____D C:\Windows\system32\Sysprep 2016-06-04 17:46 - 2015-07-10 11:05 - 00000000 ____D C:\Windows\system32\Dism 2016-06-04 17:46 - 2015-07-10 11:05 - 00000000 ____D C:\Windows\servicing 2016-06-02 21:47 - 2015-07-10 13:04 - 00000000 ___RD C:\Windows\PurchaseDialog 2016-06-02 21:47 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\WinBioPlugIns 2016-06-02 21:47 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\appraiser 2016-06-02 21:47 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\Provisioning 2016-06-02 21:47 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\L2Schemas 2016-06-02 21:47 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Portable Devices 2016-06-02 21:47 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Multimedia Platform 2016-06-02 21:47 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices 2016-06-02 21:47 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2016-06-02 15:35 - 2015-07-10 13:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-06-02 15:32 - 2015-11-01 06:51 - 00000000 ____D C:\ProgramData\McAfee 2016-06-01 21:07 - 2015-07-10 15:14 - 00000000 ____D C:\Windows\OCR 2016-06-01 16:47 - 2015-11-01 07:34 - 00103944 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL 2016-06-01 16:47 - 2015-11-01 07:34 - 00099848 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL 2016-06-01 16:47 - 2015-08-24 11:57 - 15453440 _____ (Intel Corporation) C:\Windows\system32\igc64.dll 2016-06-01 16:47 - 2015-08-24 11:57 - 13926848 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll 2016-06-01 16:47 - 2015-08-24 11:57 - 13926848 _____ (Intel Corporation) C:\Windows\system32\dlumdfb11.dll 2016-06-01 16:47 - 2015-08-24 11:57 - 13926848 _____ (Intel Corporation) C:\Windows\system32\dlumdfb10.dll 2016-06-01 16:47 - 2015-08-24 11:57 - 07823776 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys 2016-06-01 16:47 - 2015-08-24 11:57 - 02052104 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll 2016-06-01 16:47 - 2015-08-24 11:57 - 00749576 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll 2016-06-01 16:47 - 2015-08-24 11:57 - 00402344 _____ C:\Windows\system32\igfxTray.exe 2016-06-01 16:47 - 2015-08-24 11:57 - 00383496 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll 2016-06-01 16:47 - 2015-08-24 11:57 - 00372128 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe 2016-06-01 16:47 - 2015-08-24 11:57 - 00351656 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe 2016-06-01 16:47 - 2015-08-24 11:57 - 00268704 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe 2016-06-01 16:44 - 2015-11-01 07:37 - 04614896 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2016-06-01 16:44 - 2015-11-01 07:37 - 00032392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2016-06-01 16:44 - 2015-11-01 07:37 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2016-06-01 16:44 - 2015-11-01 07:37 - 00000000 ____D C:\Windows\system32\DAX2 2016-06-01 16:40 - 2015-08-10 01:16 - 07052032 _____ (Intel Corporation) C:\Windows\system32\Drivers\Netwtw02.sys 2016-06-01 16:40 - 2015-08-04 08:50 - 01813392 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll 2016-06-01 16:40 - 2015-08-04 08:50 - 00648304 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys 2016-06-01 16:40 - 2015-08-04 08:50 - 00074352 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynRMIHID.sys ==================== Files in the root of some directories ======= 2016-06-02 15:15 - 2016-06-02 15:15 - 0000000 _____ () C:\Users\ulfw\AppData\Roaming\fastboot.log 2016-06-03 15:06 - 2016-06-03 15:06 - 0000268 ___RH () C:\Users\ulfw\AppData\Roaming\Speech Enhancer 2016-06-03 15:06 - 2016-06-03 15:06 - 0000268 ___RH () C:\Users\ulfw\AppData\Roaming\Standard 2015-11-01 07:37 - 2015-11-01 07:37 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-11-01 07:37 - 2015-11-01 07:37 - 0000102 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc 2016-06-03 15:06 - 2016-06-03 15:06 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT 2016-06-03 15:06 - 2016-06-03 15:06 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT 2016-06-03 15:06 - 2016-06-03 15:06 - 0000268 ___RH () C:\ProgramData\StartupItems 2016-06-03 15:06 - 2016-06-03 15:06 - 0000268 ___RH () C:\ProgramData\StatusSheet 2016-06-25 20:05 - 2016-06-25 20:05 - 0000751 _____ () C:\ProgramData\StreamingMediaTechnologyLog.txt Some files in TEMP: ==================== C:\Users\ulfw\AppData\Local\Temp\avguirn_08130543378.exe C:\Users\ulfw\AppData\Local\Temp\LSCSetup64.exe C:\Users\ulfw\AppData\Local\Temp\nitro_reader3_64.exe C:\Users\ulfw\AppData\Local\Temp\qc_a402013b_7656_4f6f_b57f_5a8ef69f5fc4_32.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-06-20 14:48 ==================== End of FRST.txt ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-06-2016 02 Ran by ulfw (2016-06-27 09:20:50) Running from C:\TrojanerBoard Windows 10 Home (X64) (2016-06-01 14:38:11) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4256507873-131550310-878068454-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-4256507873-131550310-878068454-503 - Limited - Disabled) Guest (S-1-5-21-4256507873-131550310-878068454-501 - Limited - Enabled) ulfw (S-1-5-21-4256507873-131550310-878068454-1001 - Administrator - Enabled) => C:\Users\ulfw ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: - Adobe Systems Inc.) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.) Adobe Dreamweaver CS5.5 (HKLM-x32\...\{0215A652-E081-4B09-9333-DC85AAB67FFA}) (Version: 11.5 - Adobe Systems Incorporated) Adobe Photoshop Elements 14 (HKLM-x32\...\{49F8D229-3E0E-4F43-8429-EB8F2583DB19}) (Version: 14.1 - Adobe Systems Incorporated) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.) Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team) Components (x32 Version: - Lenovo) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DisplayLink Core Software (HKLM\...\{5346695A-EC06-45D4-8ACE-4E889A6D5289}) (Version: 7.9.1488.0 - DisplayLink Corp.) Dolby Audio X2 Windows API SDK (HKLM\...\{6A478BF2-F67F-4ABC-A7F1-B6B5BA862371}) (Version: - Dolby Laboratories, Inc.) Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: - Dolby Laboratories, Inc.) EaseUS Partition Master 11.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS) Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: - Google) Google Update Helper (x32 Version: - Google Inc.) Hidden Intel(R) Chipset Device Software (x32 Version: - Intel(R) Corporation) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10602.174 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{1544031f-5449-4415-b577-993c2a533a1b}) (Version: 18.12.2 - Intel Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Lenovo Accelerator Application (HKLM-x32\...\{10672FE6-3D50-4F79-B0C7-A5573A5D415D}) (Version: - Lenovo) Lenovo BatteryGauge (HKLM\...\{B8D3ED8D-A295-44C2-8AE1-56823D44AD1F}) (Version: - Lenovo) Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.) Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: - Lenovo) Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: - Lenovo, Inc.) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: - CyberLink Corp.) Lenovo OneKey Recovery (Version: - CyberLink Corp.) Hidden Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: - Lenovo) Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: - Lenovo) Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: - Lenovo) LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: - Lenovo) LenovoUtility (x32 Version: - Lenovo) Hidden Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.1.1 - Mozilla) Mozilla Thunderbird 45.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.1.1 (x86 de)) (Version: 45.1.1 - Mozilla) Nitro Reader 3 (HKLM\...\{4756C731-B54E-451A-9AF1-86E8AB1BEBBB}) (Version: - Nitro) O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{A6668863-B0A3-4812-AAF2-E47749ECFE0E}) (Version: - O2Micro International LTD.) O2Micro Flash Memory Card Windows Driver (Version: - O2Micro International LTD.) Hidden OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation) REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: - Lenovo) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.) Samsung Drucker-Diagnose (HKLM-x32\...\Samsung Printer Diagnostics) (Version: - Samsung Electronics Co., Ltd.) SHAREit (HKLM-x32\...\SHAREit_is1) (Version: - Lenovo) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: - Synaptics Incorporated) User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: - Lenovo) User Manuals (x32 Version: - Lenovo) Hidden ViewNX-i (HKLM\...\{C67A5551-26C1-4C7B-A9DF-AD148549D482}) (Version: 1.2.1 - Nikon Corporation) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: - AVG Technologies CZ, s.r.o.) Wartung Samsung CLP-320 Series (HKLM-x32\...\Samsung CLP-320 Series) (Version: - Samsung Electronics Co., Ltd.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-4256507873-131550310-878068454-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\ulfw\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {05D30E02-FDBD-4291-8385-AA5FB650A559} - System32\Tasks\Lenovo\BatteryGauge => C:\Program Files\lenovo\BatteryGauge\BatteryGaugeIcon.exe [2015-07-11] (Lenovo) Task: {06FCBD67-E280-4030-92DB-536CF472D14A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-01] (Google Inc.) Task: {1648F6DA-3CD5-4C12-AA69-EA5574833D27} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo) Task: {5A5624C2-943F-4659-9A4B-32C5B24134CC} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo) Task: {5E5516A8-8AAB-4CDC-8D95-FF4C4DF9121C} - System32\Tasks\Lenovo\QuickOptimizer => C:\Program Files\lenovo\QuickOptimizer\QuickOptimizerIcon.exe [2015-07-11] (Lenovo) Task: {6377755C-BB0B-4341-ABC8-8AB4CB29EADB} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo) Task: {7E324D52-1AE5-41A9-82F6-3AEE7C0BC338} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {8E4C56C1-12B8-480E-9825-0952B5E4062F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-uweissen@bluewin.ch => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-07-29] (Adobe Systems Incorporated) Task: {A1076A1D-90BE-4B35-89B1-0C52A9A057A1} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => control iMControllerService 128 Task: {C85329DE-73A3-4ECD-B10E-FE238FB443AA} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2016-06-01] (Lenovo) Task: {C8C4CBE0-5972-4F96-808A-7AB44DAFA6E1} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo) Task: {D823706C-E893-4E53-A98E-7C573FDAA2B5} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo) Task: {E6F2146A-64A5-467C-AA00-B1D17C08269E} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] () Task: {EDF32366-676F-48EC-963B-03DB6FDA586B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-01] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-11-01 07:40 - 2015-11-01 07:40 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll 2016-06-23 19:50 - 2011-06-21 09:42 - 00034304 _____ () C:\Windows\System32\sst3cl6.dll 2016-06-19 09:42 - 2016-06-19 09:42 - 00031256 _____ () C:\Windows\System32\us008lm.dll 2015-11-01 07:40 - 2015-11-01 07:40 - 00404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll 2015-09-15 01:58 - 2015-09-15 01:58 - 00176640 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe 2015-11-01 07:47 - 2015-11-01 07:47 - 00024312 _____ () C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe 2016-06-23 19:56 - 2015-11-05 21:02 - 00491328 ____N () C:\Windows\SysWOW64\spdsvc.exe 2015-11-01 07:47 - 2015-11-01 07:47 - 00226216 _____ () C:\Program Files\update\UpdateAgent.exe 2015-07-10 13:00 - 2015-07-10 13:00 - 00009216 _____ () C:\Windows\System32\WppRecorderUM.dll 2015-11-01 06:47 - 2015-08-19 05:00 - 00058296 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll 2015-11-01 06:55 - 2015-06-27 11:34 - 00029112 _____ () C:\ProgramData\Lenovo\PLHotkeyService\PLHotkeyService.exe 2016-06-02 15:56 - 2016-03-16 06:55 - 02495768 _____ () C:\Windows\system32\CoreUIComponents.dll 2016-06-02 15:56 - 2016-03-16 06:55 - 02495768 _____ () C:\Windows\System32\CoreUIComponents.dll 2016-06-01 16:51 - 2016-06-01 16:51 - 00959168 _____ () C:\Users\ulfw\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2016-06-02 15:56 - 2015-09-17 07:43 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll 2016-06-02 15:57 - 2015-11-25 06:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-06-02 15:57 - 2015-11-25 06:17 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll 2016-06-02 15:56 - 2015-11-25 06:18 - 00928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll 2015-08-24 11:57 - 2016-06-01 16:47 - 00402344 _____ () C:\Windows\system32\igfxTray.exe 2016-06-02 15:55 - 2015-09-17 07:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-06-02 15:57 - 2015-11-25 06:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-06-02 15:57 - 2015-11-25 06:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-06-02 15:57 - 2015-09-17 07:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-11-01 06:47 - 2015-11-01 06:47 - 00791848 _____ () C:\Program Files\Lenovo\LenovoUtility\utility.exe 2015-11-01 06:47 - 2015-11-01 06:47 - 00097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll 2015-06-16 03:53 - 2015-06-16 03:53 - 00628736 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe 2015-11-01 06:47 - 2015-08-21 08:43 - 00043960 _____ () C:\ProgramData\LenovoTransition\Server\x64\EnableAutoRotation.dll 2016-02-12 17:20 - 2016-02-12 17:20 - 01652456 _____ () C:\Program Files\DisplayLink Core Software\AddOnApi64.dll 2016-06-01 20:26 - 2016-06-01 20:27 - 00011776 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe\PeopleApp.exe 2016-06-01 20:26 - 2016-06-01 20:27 - 09355776 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe\PeopleApp.dll 2016-06-01 20:26 - 2016-06-01 20:27 - 00123904 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe\PeopleUtilRT.Windows.dll 2016-06-01 20:26 - 2016-06-01 20:27 - 03691520 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe\PeopleShared.dll 2016-06-01 20:26 - 2016-06-01 20:27 - 01506304 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe\People.BackgroundTasks.dll 2016-06-01 20:25 - 2016-06-01 20:25 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2016-06-01 20:27 - 2016-06-01 20:27 - 00334848 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe\PersonPicture.UAP.dll 2016-06-01 20:28 - 2016-06-01 20:29 - 10256384 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll 2016-06-26 11:06 - 2016-06-26 11:06 - 00013824 _____ () C:\Program Files\WindowsApps\Microsoft.Getstarted_3.10.0.0_x64__8wekyb3d8bbwe\WhatsNew.Store.exe 2016-06-26 11:06 - 2016-06-26 11:06 - 06377984 _____ () C:\Program Files\WindowsApps\Microsoft.Getstarted_3.10.0.0_x64__8wekyb3d8bbwe\WhatsNew.Store.dll 2015-11-01 06:50 - 2015-02-13 01:02 - 00224696 _____ () C:\Program Files (x86)\Lenovo\CCSDK\SDKClient.dll 2016-06-18 12:39 - 2016-06-02 02:48 - 00161736 _____ () C:\ProgramData\Lenovo\iMController\Plugins\LenovoAudioPlugin\x86\QualityStatsRevInterop.dll 2016-06-23 15:21 - 2016-06-23 15:21 - 00101888 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Management\169ee9932d1ee21f598f3e8febe8b121\Windows.Management.ni.dll 2016-06-23 15:22 - 2016-06-23 15:22 - 02791424 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\41c4967b91ed1a3b0f7984880dd8ca7b\Windows.ApplicationModel.ni.dll 2016-06-23 15:22 - 2016-06-23 15:22 - 00798720 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Storage\5734a2294b9dfb600863f61886671e9d\Windows.Storage.ni.dll 2016-06-23 15:21 - 2016-06-23 15:21 - 00335360 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\0dc521709008442b2c9474c5efc6ecab\Windows.Foundation.ni.dll 2016-06-24 15:21 - 2016-06-24 15:21 - 02852864 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Devices\b31a342f22515ee926d67bcc8d757409\Windows.Devices.ni.dll 2016-06-24 15:21 - 2016-06-24 15:21 - 02486784 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Media\272a430ca319ba3abb9e80c8aa8e56c6\Windows.Media.ni.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-4256507873-131550310-878068454-1001\...\samsungsetup.com -> hxxp://www.samsungsetup.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-07-10 13:04 - 2015-07-10 13:02 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4256507873-131550310-878068454-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ulfw\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_MICPKEY" HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_DOLBYDRAGON" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "EaseUS Cleanup" HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray" HKU\S-1-5-21-4256507873-131550310-878068454-1001\...\StartupApproved\Run: => "OneDrive" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{F7CB761F-B9E4-4DD1-A144-5C444E586068}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{CD569EF6-BB56-4B4C-9855-8C4B55E47C91}] => (Allow) C:\Program Files (x86)\Lenovo\LenovoPortal\Lenovo.Portal.exe FirewallRules: [{0A4DCD54-905B-45BB-A338-C6781EA0E3D3}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{79B77B30-6B22-4D32-BB37-59A70B474660}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{A075D203-1493-49A0-A32D-33AE7B47E8FA}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{60BC23CB-BAE5-4A98-8185-D34A240FA7CD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{018189E5-3DFD-4AED-8FE5-7BB0B8449BE0}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{7E73DF7D-BCA5-4996-B8DF-7D75F1B86623}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{846BA4AC-B6A4-497C-A5C9-3A6527E1703B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{BEF7B5F0-2ABF-478F-BAB6-79F9D59AB926}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{8FE5E688-C32D-402F-B6A9-D3FA606E3AEF}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe FirewallRules: [{F3871C34-F2CD-494F-A027-407D416EECDA}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe FirewallRules: [{1366F145-5C9C-4796-9EA6-D119C6C99795}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe FirewallRules: [{52C2137D-ECA4-4E6E-BD80-57A213A5FFC9}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe FirewallRules: [{DDE37BB5-5FAF-4BCC-9016-257675C71BE2}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{3B4B6C78-71FA-4BEA-9750-3A20019C8306}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe FirewallRules: [{D5FFCC7B-6EED-4EAB-B4B0-9F88EB47DB45}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{0C8115D6-DE01-41EE-8106-450713B39B22}] => (Allow) LPort=2869 FirewallRules: [{284F92AD-76E8-4CD5-A254-713BA690D0C4}] => (Allow) LPort=1900 FirewallRules: [{CF188264-B2EB-42B1-921E-C55AD11F9C38}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{A6AB89B1-DD7D-4B15-AEB2-886117E3B605}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{D55DFAA6-C041-45C4-9FCB-64C7F2BC3782}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{D45CA73D-272C-4B35-83EC-496204423CD6}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe ==================== Restore Points ========================= 18-06-2016 12:53:17 Windows Update 18-06-2016 12:53:38 Windows Update 25-06-2016 16:28:20 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/27/2016 07:52:22 AM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR DPTF Build Version: 8.1.10602.174 DPTF Build Date: Jul 23 2015 11:24:10 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (06/26/2016 10:18:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPDESKTOP) Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/26/2016 10:07:15 PM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR DPTF Build Version: 8.1.10602.174 DPTF Build Date: Jul 23 2015 11:24:10 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (06/26/2016 08:22:32 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm NITROP~2.EXE, Version kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1668 Startzeit: 01d1cfd78094371d Beendigungszeit: 33 Anwendungspfad: C:\PROGRA~2\Nitro\READER~1\NITROP~2.EXE Berichts-ID: ef36eeb8-3bca-11e6-9c09-a434d9298c05 Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Error: (06/26/2016 08:01:37 PM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR DPTF Build Version: 8.1.10602.174 DPTF Build Date: Jul 23 2015 11:24:10 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (06/26/2016 05:57:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPDESKTOP) Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/26/2016 05:53:29 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm soffice.bin, Version 4.0.9782.500 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 288 Startzeit: 01d1cfbf19ebf51d Beendigungszeit: 19 Anwendungspfad: C:\Program Files (x86)\OpenOffice 4\program\soffice.bin Berichts-ID: 1e490bb9-3bb6-11e6-9c08-a434d9298c05 Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Error: (06/26/2016 05:21:26 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm soffice.bin, Version 4.0.9782.500 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1fc0 Startzeit: 01d1cfbe19c1884a Beendigungszeit: 8 Anwendungspfad: C:\Program Files (x86)\OpenOffice 4\program\soffice.bin Berichts-ID: 9213dcf6-3bb1-11e6-9c08-a434d9298c05 Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Error: (06/26/2016 05:19:13 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm soffice.bin, Version 4.0.9782.500 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 19d4 Startzeit: 01d1cfbdf2640afd Beendigungszeit: 24 Anwendungspfad: C:\Program Files (x86)\OpenOffice 4\program\soffice.bin Berichts-ID: 4a823786-3bb1-11e6-9c08-a434d9298c05 Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Error: (06/26/2016 05:11:16 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm soffice.bin, Version 4.0.9782.500 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: b94 Startzeit: 01d1cfbcc0d5cd64 Beendigungszeit: 11 Anwendungspfad: C:\Program Files (x86)\OpenOffice 4\program\soffice.bin Berichts-ID: 39032614-3bb0-11e6-9c08-a434d9298c05 Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: System errors: ============= Error: (06/27/2016 08:58:49 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Samsung Printer Dianostics Service erreicht. Error: (06/27/2016 08:40:52 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Samsung Printer Dianostics Service erreicht. Error: (06/27/2016 07:53:50 AM) (Source: Service Control Manager) (EventID: 7046) (User: ) Description: Vom folgenden Dienst wurde wiederholt nicht auf Dienststeuerungsanforderungen reagiert: Print Spooler Erkundigen Sie sich beim Diensthersteller oder beim Systemadministrator danach, ob der Dienst deaktiviert werden sollte, bis das Problem gefunden wurde. Der Computer muss unter Umständen im abgesicherten Modus gestartet werden, um den Dienst deaktivieren zu können. Error: (06/27/2016 07:53:20 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Spooler erreicht. Error: (06/27/2016 07:52:50 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Spooler erreicht. Error: (06/26/2016 10:19:11 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Spooler erreicht. Error: (06/26/2016 10:18:51 PM) (Source: DCOM) (EventID: 10010) (User: LAPDESKTOP) Description: {D63B10C5-BB46-4990-A94F-E40B9D520160} Error: (06/26/2016 10:18:41 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Spooler erreicht. Error: (06/26/2016 10:18:21 PM) (Source: DCOM) (EventID: 10010) (User: LAPDESKTOP) Description: {D63B10C5-BB46-4990-A94F-E40B9D520160} Error: (06/26/2016 10:18:21 PM) (Source: DCOM) (EventID: 10010) (User: LAPDESKTOP) Description: {D63B10C5-BB46-4990-A94F-E40B9D520160} ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz Percentage of memory in use: 41% Total physical RAM: 8097.91 MB Available physical RAM: 4759.56 MB Total Virtual: 9377.91 MB Available Virtual: 5809.38 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:119.12 GB) (Free:51.35 GB) NTFS ==>[system with boot components (obtained from drive)] Drive d: () (Removable) (Total:15.69 GB) (Free:1.59 GB) FAT32 Drive e: (Volume) (Fixed) (Total:98.24 GB) (Free:55.17 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: 2BC178FB) Partition: GPT. ======================================================== Disk: 1 (Size: 15.7 GB) (Disk ID: DEBD2285) Partition 1: (Not Active) - (Size=15.7 GB) - (Type=0C) ==================== End of Addition.txt ============================ |
![]() | #7 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() AVG user Interface Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte ![]()
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers ![]() Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #8 |
![]() ![]() | ![]() AVG user InterfaceCode:
ATTFilter Malwarebytes Anti-Rootkit BETA www.malwarebytes.org Database version: main: v2016.06.27.02 rootkit: v2016.05.27.01 Windows 10 x64 NTFS Internet Explorer 11.0.10240.16942 ulfw :: LAPDESKTOP [administrator] 27.06.2016 12:55:29 mbar-log-2016-06-27 (12-55-29).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 295768 Time elapsed: 8 minute(s), 2 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) |
![]() | #9 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() AVG user Interface Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte ![]()
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #10 |
![]() ![]() | ![]() AVG user InterfaceCode:
ATTFilter # AdwCleaner v5.200 - Logfile created 27/06/2016 at 14:45:23 # Updated 14/06/2016 by ToolsLib # Database : 2016-06-26.1 [Server] # Operating system : Windows 10 Home (X64) # Username : ulfw - LAPDESKTOP # Running from : C:\Users\ulfw\Downloads\AdwCleaner_5.200.exe # Option : Scan # Support : https://toolslib.net/forum ***** [ Services ] ***** ***** [ Folders ] ***** ***** [ Files ] ***** ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled tasks ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\OCS Key Found : HKU\S-1-5-21-4256507873-131550310-878068454-1001\Software\OCS Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxp://mystart.lenovo.com Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] - hxxp://mystart.lenovo.com Data Found : HKU\S-1-5-21-4256507873-131550310-878068454-1001\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxp://mystart.lenovo.com Data Found : HKU\S-1-5-21-4256507873-131550310-878068454-1001\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] - hxxp://mystart.lenovo.com ***** [ Web browsers ] ***** ************************* C:\AdwCleaner\AdwCleaner[S1].txt - [1284 bytes] - [27/06/2016 14:45:23] ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1357 bytes] ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.6 (04.25.2016) Operating System: Windows 10 Home x64 Ran by ulfw (Administrator) on 27.06.2016 at 15:00:52.87 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 1 Successfully deleted: C:\Windows\prefetch\PERFORMANCEOPTIMIZER.EXE-D034DBC3.pf (File) Registry: 1 Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D5F1BE35-A861-465C-ACBD-70DA19F6DED7} (Registry Key) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 27.06.2016 at 15:01:53.33 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
![]() | #11 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() AVG user Interface Anleitung bitte richtig lesen. Du hast nur nen Suchlauf mit dem adwCleaner gemacht.
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #12 |
![]() ![]() | ![]() AVG user Interface Sorry cosinus ![]() Code:
ATTFilter # AdwCleaner v5.200 - Logfile created 27/06/2016 at 17:37:24 # Updated 14/06/2016 by ToolsLib # Database : 2016-06-26.1 [Server] # Operating system : Windows 10 Home (X64) # Username : ulfw - LAPDESKTOP # Running from : C:\Users\ulfw\Downloads\AdwCleaner_5.200.exe # Option : Clean # Support : https://toolslib.net/forum ***** [ Services ] ***** ***** [ Folders ] ***** ***** [ Files ] ***** ***** [ DLLs ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled tasks ] ***** ***** [ Registry ] ***** [-] Key Deleted : HKCU\Software\OCS [-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] [-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] [-] Data Restored : HKU\S-1-5-21-4256507873-131550310-878068454-1001\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] [-] Data Restored : HKU\S-1-5-21-4256507873-131550310-878068454-1001\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] ***** [ Web browsers ] ***** ************************* :: "Tracing" keys deleted :: Proxy settings cleared :: Winsock settings cleared :: TCP/IP settings cleared :: Firewall settings cleared :: IPSec settings cleared :: IE policies deleted :: Chrome policies deleted :: Chrome preferences reset : C:\Users\ulfw\AppData\Local\Google\Chrome\User Data\Default :: Hosts file cleared ************************* C:\AdwCleaner\AdwCleaner[C1].txt - [1498 bytes] - [27/06/2016 17:37:24] C:\AdwCleaner\AdwCleaner[S1].txt - [1436 bytes] - [27/06/2016 14:45:23] C:\AdwCleaner\AdwCleaner[S2].txt - [1509 bytes] - [27/06/2016 17:36:42] ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1717 bytes] ########## Wars das jetzt ? Kommt noch eine Empfehlung zum Virenschutz ? Ich werde gerne einen Obulus in eure Kasse legen. Gruss werama |
![]() | #13 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() AVG user Interface Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #14 |
![]() ![]() | ![]() AVG user InterfaceCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-06-2016 02 Ran by ulfw (2016-06-28 13:53:41) Running from C:\TrojanerBoard Windows 10 Home Version 1511 (X64) (2016-06-27 17:29:03) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4256507873-131550310-878068454-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-4256507873-131550310-878068454-503 - Limited - Disabled) Guest (S-1-5-21-4256507873-131550310-878068454-501 - Limited - Disabled) ulfw (S-1-5-21-4256507873-131550310-878068454-1001 - Administrator - Enabled) => C:\Users\ulfw ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: - Adobe Systems Inc.) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.) Adobe Dreamweaver CS5.5 (HKLM-x32\...\{0215A652-E081-4B09-9333-DC85AAB67FFA}) (Version: 11.5 - Adobe Systems Incorporated) Adobe Photoshop Elements 14 (HKLM-x32\...\{49F8D229-3E0E-4F43-8429-EB8F2583DB19}) (Version: 14.1 - Adobe Systems Incorporated) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.) Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team) Components (x32 Version: - Lenovo) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DisplayLink Core Software (HKLM\...\{5346695A-EC06-45D4-8ACE-4E889A6D5289}) (Version: 7.9.1488.0 - DisplayLink Corp.) Dolby Audio X2 Windows API SDK (HKLM\...\{6A478BF2-F67F-4ABC-A7F1-B6B5BA862371}) (Version: - Dolby Laboratories, Inc.) Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: - Dolby Laboratories, Inc.) EaseUS Partition Master 11.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS) Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: - Google) Google Update Helper (x32 Version: - Google Inc.) Hidden Intel(R) Chipset Device Software (x32 Version: - Intel(R) Corporation) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10602.174 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{1544031f-5449-4415-b577-993c2a533a1b}) (Version: 18.12.2 - Intel Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Lenovo Accelerator Application (HKLM-x32\...\{10672FE6-3D50-4F79-B0C7-A5573A5D415D}) (Version: - Lenovo) Lenovo BatteryGauge (HKLM\...\{B8D3ED8D-A295-44C2-8AE1-56823D44AD1F}) (Version: - Lenovo) Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.) Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: - Lenovo) Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: - Lenovo, Inc.) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: - CyberLink Corp.) Lenovo OneKey Recovery (Version: - CyberLink Corp.) Hidden Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: - Lenovo) Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: - Lenovo) Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: - Lenovo) LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: - Lenovo) LenovoUtility (x32 Version: - Lenovo) Hidden Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.1.1 - Mozilla) Mozilla Thunderbird 45.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.1.1 (x86 de)) (Version: 45.1.1 - Mozilla) Nitro Reader 3 (HKLM\...\{4756C731-B54E-451A-9AF1-86E8AB1BEBBB}) (Version: - Nitro) O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{A6668863-B0A3-4812-AAF2-E47749ECFE0E}) (Version: - O2Micro International LTD.) O2Micro Flash Memory Card Windows Driver (Version: - O2Micro International LTD.) Hidden OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation) REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: - Lenovo) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.) Samsung Drucker-Diagnose (HKLM-x32\...\Samsung Printer Diagnostics) (Version: - Samsung Electronics Co., Ltd.) SHAREit (HKLM-x32\...\SHAREit_is1) (Version: - Lenovo) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: - Synaptics Incorporated) User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: - Lenovo) User Manuals (x32 Version: - Lenovo) Hidden ViewNX-i (HKLM\...\{C67A5551-26C1-4C7B-A9DF-AD148549D482}) (Version: 1.2.1 - Nikon Corporation) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: - AVG Technologies CZ, s.r.o.) Wartung Samsung CLP-320 Series (HKLM-x32\...\Samsung CLP-320 Series) (Version: - Samsung Electronics Co., Ltd.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-4256507873-131550310-878068454-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\ulfw\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {05D30E02-FDBD-4291-8385-AA5FB650A559} - System32\Tasks\Lenovo\BatteryGauge => C:\Program Files\lenovo\BatteryGauge\BatteryGaugeIcon.exe [2015-07-11] (Lenovo) Task: {06FCBD67-E280-4030-92DB-536CF472D14A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-01] (Google Inc.) Task: {1648F6DA-3CD5-4C12-AA69-EA5574833D27} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo) Task: {5A5624C2-943F-4659-9A4B-32C5B24134CC} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo) Task: {5E5516A8-8AAB-4CDC-8D95-FF4C4DF9121C} - System32\Tasks\Lenovo\QuickOptimizer => C:\Program Files\lenovo\QuickOptimizer\QuickOptimizerIcon.exe [2015-07-11] (Lenovo) Task: {6377755C-BB0B-4341-ABC8-8AB4CB29EADB} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo) Task: {7E324D52-1AE5-41A9-82F6-3AEE7C0BC338} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {8E4C56C1-12B8-480E-9825-0952B5E4062F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-uweissen@bluewin.ch => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-07-29] (Adobe Systems Incorporated) Task: {A1076A1D-90BE-4B35-89B1-0C52A9A057A1} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => control iMControllerService 128 Task: {C85329DE-73A3-4ECD-B10E-FE238FB443AA} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2016-06-01] (Lenovo) Task: {C8C4CBE0-5972-4F96-808A-7AB44DAFA6E1} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo) Task: {D823706C-E893-4E53-A98E-7C573FDAA2B5} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo) Task: {E6F2146A-64A5-467C-AA00-B1D17C08269E} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] () Task: {EDF32366-676F-48EC-963B-03DB6FDA586B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-01] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-06-23 19:50 - 2011-06-21 09:42 - 00034304 _____ () C:\WINDOWS\System32\sst3cl6.dll 2016-06-23 19:50 - 2011-06-21 04:23 - 00826880 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\sst3cdu.dll 2015-09-15 01:58 - 2015-09-15 01:58 - 00176640 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe 2015-11-01 07:47 - 2015-11-01 07:47 - 00024312 _____ () C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe 2016-06-23 19:56 - 2015-11-05 21:02 - 00491328 _____ () C:\WINDOWS\SysWOW64\spdsvc.exe 2015-11-01 07:47 - 2015-11-01 07:47 - 00226216 _____ () C:\Program Files\update\UpdateAgent.exe 2015-11-01 06:47 - 2015-08-19 05:00 - 00058296 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll 2015-11-01 06:55 - 2015-06-27 11:34 - 00029112 _____ () C:\ProgramData\Lenovo\PLHotkeyService\PLHotkeyService.exe 2016-06-28 05:18 - 2016-06-28 05:18 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-06-28 05:18 - 2016-06-28 05:18 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-06-27 20:04 - 2016-06-27 20:04 - 00959168 _____ () C:\Users\ulfw\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll 2016-02-12 17:20 - 2016-02-12 17:20 - 01652456 _____ () C:\Program Files\DisplayLink Core Software\AddOnApi64.dll 2016-06-28 05:18 - 2016-06-28 05:18 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-06-27 20:42 - 2016-06-27 20:42 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-06-01 16:47 - 2016-06-01 16:47 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe 2016-04-27 08:10 - 2016-04-27 08:10 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-06-28 05:18 - 2016-06-28 05:18 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-06-28 05:18 - 2016-06-28 05:18 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-06-28 05:18 - 2016-06-28 05:18 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-06-28 05:18 - 2016-06-28 05:18 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-11-01 06:47 - 2015-11-01 06:47 - 00791848 _____ () C:\Program Files\Lenovo\LenovoUtility\utility.exe 2015-11-01 06:47 - 2015-11-01 06:47 - 00097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll 2015-06-16 03:53 - 2015-06-16 03:53 - 00628736 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe 2015-11-01 06:47 - 2015-08-21 08:43 - 00043960 _____ () C:\ProgramData\LenovoTransition\Server\x64\EnableAutoRotation.dll 2016-06-18 13:07 - 2016-06-15 10:26 - 02334360 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll 2016-06-18 13:07 - 2016-06-15 10:26 - 00105112 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll 2016-06-18 13:07 - 2016-06-15 10:26 - 31519384 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll 2016-06-27 20:42 - 2016-06-27 20:42 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-06-27 20:42 - 2016-06-27 20:42 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2015-11-01 06:50 - 2015-02-13 01:02 - 00224696 _____ () C:\Program Files (x86)\Lenovo\CCSDK\SDKClient.dll 2016-06-18 12:39 - 2016-06-02 02:48 - 00161736 _____ () C:\ProgramData\Lenovo\iMController\Plugins\LenovoAudioPlugin\x86\QualityStatsRevInterop.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-4256507873-131550310-878068454-1001\...\samsungsetup.com -> hxxp://www.samsungsetup.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-07-10 13:04 - 2016-06-27 17:37 - 00000832 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4256507873-131550310-878068454-1001\Control Panel\Desktop\\Wallpaper -> E:\Eigene Dokumente\Eigene Bilder\Oberoesterreich\Eggelsberg-37.JPG DNS Servers: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_MICPKEY" HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_DOLBYDRAGON" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "EaseUS Cleanup" HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray" HKU\S-1-5-21-4256507873-131550310-878068454-1001\...\StartupApproved\Run: => "OneDrive" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/28/2016 01:45:55 PM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR DPTF Build Version: 8.1.10602.174 DPTF Build Date: Jul 23 2015 11:24:10 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (06/28/2016 12:51:05 PM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR DPTF Build Version: 8.1.10602.174 DPTF Build Date: Jul 23 2015 11:24:10 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (06/28/2016 08:18:08 AM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR DPTF Build Version: 8.1.10602.174 DPTF Build Date: Jul 23 2015 11:24:10 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (06/28/2016 07:27:19 AM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR DPTF Build Version: 8.1.10602.174 DPTF Build Date: Jul 23 2015 11:24:10 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (06/27/2016 09:48:01 PM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR DPTF Build Version: 8.1.10602.174 DPTF Build Date: Jul 23 2015 11:24:10 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (06/27/2016 08:43:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPDESKTOP) Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/27/2016 08:38:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPDESKTOP) Description: Bei der Aktivierung der App „Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App“ ist folgender Fehler aufgetreten: -2147024770. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/27/2016 08:19:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPDESKTOP) Description: Bei der Aktivierung der App „Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App“ ist folgender Fehler aufgetreten: -2147024770. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/27/2016 08:01:59 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: igfxHK.exe, Version:, Zeitstempel: 0x564a0be3 Name des fehlerhaften Moduls: igfxHK.exe, Version:, Zeitstempel: 0x564a0be3 Ausnahmecode: 0xc0000409 Fehleroffset: 0x0000000000015953 ID des fehlerhaften Prozesses: 0x181c Startzeit der fehlerhaften Anwendung: 0xigfxHK.exe0 Pfad der fehlerhaften Anwendung: igfxHK.exe1 Pfad des fehlerhaften Moduls: igfxHK.exe2 Berichtskennung: igfxHK.exe3 Vollständiger Name des fehlerhaften Pakets: igfxHK.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: igfxHK.exe5 Error: (06/27/2016 08:01:43 PM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR DPTF Build Version: 8.1.10602.174 DPTF Build Date: Jul 23 2015 11:24:10 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] System errors: ============= Error: (06/28/2016 12:51:06 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: ) Description: Für den Miniport "Targus Giga Ethernet, {3BA909AF-3C62-4429-94B3-18FD1BDDA109}" ist das Ereignis "73" aufgetreten. Error: (06/28/2016 09:51:01 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (06/28/2016 08:28:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "User Data Access_11347ba" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service. Error: (06/28/2016 08:28:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "User Data Storage_11347ba" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service. Error: (06/28/2016 08:28:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Contact Data_11347ba" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service. Error: (06/28/2016 08:28:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Sync Host_11347ba" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service. Error: (06/28/2016 08:28:30 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (06/28/2016 08:18:03 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (06/28/2016 07:27:21 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: ) Description: Für den Miniport "Targus Giga Ethernet, {3BA909AF-3C62-4429-94B3-18FD1BDDA109}" ist das Ereignis "73" aufgetreten. Error: (06/27/2016 10:10:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "User Data Access_5d402b" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service. CodeIntegrity: =================================== Date: 2016-06-28 08:19:14.772 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-27 22:04:07.630 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-27 19:27:12.657 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-27 19:26:36.802 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-27 19:21:45.747 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz Percentage of memory in use: 39% Total physical RAM: 8097.91 MB Available physical RAM: 4886.97 MB Total Virtual: 10017.91 MB Available Virtual: 6863.85 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:119.12 GB) (Free:49.83 GB) NTFS ==>[system with boot components (obtained from drive)] Drive e: (Volume) (Fixed) (Total:98.24 GB) (Free:54.76 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: 2BC178FB) Partition: GPT. ==================== End of Addition.txt ============================ Wartest du noch auf ein anderes File ? Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2016 Ran by ulfw (2016-06-29 13:50:07) Running from C:\Users\ulfw\Downloads Windows 10 Home Version 1511 (X64) (2016-06-27 17:29:03) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4256507873-131550310-878068454-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-4256507873-131550310-878068454-503 - Limited - Disabled) Guest (S-1-5-21-4256507873-131550310-878068454-501 - Limited - Disabled) ulfw (S-1-5-21-4256507873-131550310-878068454-1001 - Administrator - Enabled) => C:\Users\ulfw ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: - Adobe Systems Inc.) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.) Adobe Dreamweaver CS5.5 (HKLM-x32\...\{0215A652-E081-4B09-9333-DC85AAB67FFA}) (Version: 11.5 - Adobe Systems Incorporated) Adobe Photoshop Elements 14 (HKLM-x32\...\{49F8D229-3E0E-4F43-8429-EB8F2583DB19}) (Version: 14.1 - Adobe Systems Incorporated) Adobe Premiere Elements 14 (HKLM-x32\...\{18EF738B-56F0-4370-8FEA-93FC9EC51DFA}) (Version: 14.0 - Adobe Systems Incorporated) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.) Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team) Components (x32 Version: - Lenovo) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DisplayLink Core Software (HKLM\...\{5346695A-EC06-45D4-8ACE-4E889A6D5289}) (Version: 7.9.1488.0 - DisplayLink Corp.) Dolby Audio X2 Windows API SDK (HKLM\...\{6A478BF2-F67F-4ABC-A7F1-B6B5BA862371}) (Version: - Dolby Laboratories, Inc.) Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: - Dolby Laboratories, Inc.) EaseUS Partition Master 11.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS) Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: - Google) Google Update Helper (x32 Version: - Google Inc.) Hidden Intel(R) Chipset Device Software (x32 Version: - Intel(R) Corporation) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10602.174 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{1544031f-5449-4415-b577-993c2a533a1b}) (Version: 18.12.2 - Intel Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Lenovo Accelerator Application (HKLM-x32\...\{10672FE6-3D50-4F79-B0C7-A5573A5D415D}) (Version: - Lenovo) Lenovo BatteryGauge (HKLM\...\{B8D3ED8D-A295-44C2-8AE1-56823D44AD1F}) (Version: - Lenovo) Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.) Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: - Lenovo) Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: - Lenovo, Inc.) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: - CyberLink Corp.) Lenovo OneKey Recovery (Version: - CyberLink Corp.) Hidden Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: - Lenovo) Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: - Lenovo) Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: - Lenovo) LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: - Lenovo) LenovoUtility (x32 Version: - Lenovo) Hidden Metric Collection SDK (x32 Version: 1.1.0012.00 - Lenovo Group Limited) Hidden Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.1.1 - Mozilla) Mozilla Thunderbird 45.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.1.1 (x86 de)) (Version: 45.1.1 - Mozilla) Nitro Reader 3 (HKLM\...\{4756C731-B54E-451A-9AF1-86E8AB1BEBBB}) (Version: - Nitro) O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{A6668863-B0A3-4812-AAF2-E47749ECFE0E}) (Version: - O2Micro International LTD.) O2Micro Flash Memory Card Windows Driver (Version: - O2Micro International LTD.) Hidden OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation) REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: - Lenovo) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek Semiconductor Corp.) Samsung Drucker-Diagnose (HKLM-x32\...\Samsung Printer Diagnostics) (Version: - Samsung Electronics Co., Ltd.) SHAREit (HKLM-x32\...\SHAREit_is1) (Version: - Lenovo) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: - Synaptics Incorporated) User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: - Lenovo) User Manuals (x32 Version: - Lenovo) Hidden ViewNX-i (HKLM\...\{C67A5551-26C1-4C7B-A9DF-AD148549D482}) (Version: 1.2.1 - Nikon Corporation) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: - AVG Technologies CZ, s.r.o.) Wartung Samsung CLP-320 Series (HKLM-x32\...\Samsung CLP-320 Series) (Version: - Samsung Electronics Co., Ltd.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-4256507873-131550310-878068454-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\ulfw\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {05D30E02-FDBD-4291-8385-AA5FB650A559} - System32\Tasks\Lenovo\BatteryGauge => C:\Program Files\lenovo\BatteryGauge\BatteryGaugeIcon.exe [2015-07-11] (Lenovo) Task: {06FCBD67-E280-4030-92DB-536CF472D14A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-01] (Google Inc.) Task: {1648F6DA-3CD5-4C12-AA69-EA5574833D27} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo) Task: {5A5624C2-943F-4659-9A4B-32C5B24134CC} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo) Task: {5E5516A8-8AAB-4CDC-8D95-FF4C4DF9121C} - System32\Tasks\Lenovo\QuickOptimizer => C:\Program Files\lenovo\QuickOptimizer\QuickOptimizerIcon.exe [2015-07-11] (Lenovo) Task: {6377755C-BB0B-4341-ABC8-8AB4CB29EADB} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo) Task: {7E324D52-1AE5-41A9-82F6-3AEE7C0BC338} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask => add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {8E4C56C1-12B8-480E-9825-0952B5E4062F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-uweissen@bluewin.ch => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-07-29] (Adobe Systems Incorporated) Task: {A1076A1D-90BE-4B35-89B1-0C52A9A057A1} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => control iMControllerService 128 Task: {C85329DE-73A3-4ECD-B10E-FE238FB443AA} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2016-06-01] (Lenovo) Task: {C8C4CBE0-5972-4F96-808A-7AB44DAFA6E1} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo) Task: {D823706C-E893-4E53-A98E-7C573FDAA2B5} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe [2016-05-18] (Lenovo) Task: {E6F2146A-64A5-467C-AA00-B1D17C08269E} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] () Task: {EDF32366-676F-48EC-963B-03DB6FDA586B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-01] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-06-23 19:50 - 2011-06-21 09:42 - 00034304 _____ () C:\WINDOWS\System32\sst3cl6.dll 2016-06-19 09:42 - 2016-06-19 09:42 - 00031256 _____ () C:\WINDOWS\System32\us008lm.dll 2015-09-15 01:58 - 2015-09-15 01:58 - 00176640 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe 2015-11-01 07:47 - 2015-11-01 07:47 - 00024312 _____ () C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe 2016-06-23 19:56 - 2015-11-05 21:02 - 00491328 _____ () C:\WINDOWS\SysWOW64\spdsvc.exe 2015-11-01 07:47 - 2015-11-01 07:47 - 00226216 _____ () C:\Program Files\update\UpdateAgent.exe 2015-11-01 06:47 - 2015-08-19 05:00 - 00058296 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll 2015-11-01 06:55 - 2015-06-27 11:34 - 00029112 _____ () C:\ProgramData\Lenovo\PLHotkeyService\PLHotkeyService.exe 2016-06-28 05:18 - 2016-06-28 05:18 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-02-12 17:20 - 2016-02-12 17:20 - 01652456 _____ () C:\Program Files\DisplayLink Core Software\AddOnApi64.dll 2016-06-28 05:18 - 2016-06-28 05:18 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-06-27 20:04 - 2016-06-27 20:04 - 00959168 _____ () C:\Users\ulfw\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll 2016-06-28 05:18 - 2016-06-28 05:18 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-06-27 20:42 - 2016-06-27 20:42 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-06-01 16:47 - 2016-06-01 16:47 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe 2016-04-27 08:10 - 2016-04-27 08:10 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-06-28 05:18 - 2016-06-28 05:18 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-06-28 05:18 - 2016-06-28 05:18 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-06-28 05:18 - 2016-06-28 05:18 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-06-28 05:18 - 2016-06-28 05:18 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-11-01 06:47 - 2015-11-01 06:47 - 00791848 _____ () C:\Program Files\Lenovo\LenovoUtility\utility.exe 2015-11-01 06:47 - 2015-11-01 06:47 - 00097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll 2015-06-16 03:53 - 2015-06-16 03:53 - 00628736 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe 2016-06-27 20:38 - 2016-06-27 20:38 - 00017920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2016-06-27 20:38 - 2016-06-27 20:38 - 13105152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2016-06-27 20:38 - 2016-06-27 20:38 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll 2016-06-01 20:26 - 2016-06-01 20:28 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2016-06-01 20:28 - 2016-06-01 20:29 - 10256384 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll 2015-11-01 06:47 - 2015-08-21 08:43 - 00043960 _____ () C:\ProgramData\LenovoTransition\Server\x64\EnableAutoRotation.dll 2016-06-27 20:42 - 2016-06-27 20:42 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-06-27 20:42 - 2016-06-27 20:42 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2015-11-01 06:50 - 2015-02-13 01:02 - 00224696 _____ () C:\Program Files (x86)\Lenovo\CCSDK\SDKClient.dll 2016-06-18 12:39 - 2016-06-02 02:48 - 00161736 _____ () C:\ProgramData\Lenovo\iMController\Plugins\LenovoAudioPlugin\x86\QualityStatsRevInterop.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-4256507873-131550310-878068454-1001\...\samsungsetup.com -> hxxp://www.samsungsetup.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-07-10 13:04 - 2016-06-27 17:37 - 00000832 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4256507873-131550310-878068454-1001\Control Panel\Desktop\\Wallpaper -> E:\Eigene Dokumente\Eigene Bilder\Oberoesterreich\Eggelsberg-37.JPG DNS Servers: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_MICPKEY" HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_DOLBYDRAGON" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "EaseUS Cleanup" HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray" HKU\S-1-5-21-4256507873-131550310-878068454-1001\...\StartupApproved\Run: => "OneDrive" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/29/2016 01:32:55 PM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR DPTF Build Version: 8.1.10602.174 DPTF Build Date: Jul 23 2015 11:24:10 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (06/29/2016 11:19:00 AM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR DPTF Build Version: 8.1.10602.174 DPTF Build Date: Jul 23 2015 11:24:10 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (06/29/2016 07:15:32 AM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR DPTF Build Version: 8.1.10602.174 DPTF Build Date: Jul 23 2015 11:24:10 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (06/28/2016 10:51:43 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Plug-ins\Common\TSStrider,type="win32",version=""1". Die abhängige Assemblierung "Plug-ins\Common\TSStrider,type="win32",version=""" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (06/28/2016 10:49:45 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "Plug-ins\Common\TSStrider,type="win32",version=""1". Die abhängige Assemblierung "Plug-ins\Common\TSStrider,type="win32",version=""" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (06/28/2016 02:47:15 PM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR DPTF Build Version: 8.1.10602.174 DPTF Build Date: Jul 23 2015 11:24:10 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (06/28/2016 01:45:55 PM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR DPTF Build Version: 8.1.10602.174 DPTF Build Date: Jul 23 2015 11:24:10 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (06/28/2016 12:51:05 PM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR DPTF Build Version: 8.1.10602.174 DPTF Build Date: Jul 23 2015 11:24:10 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (06/28/2016 08:18:08 AM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR DPTF Build Version: 8.1.10602.174 DPTF Build Date: Jul 23 2015 11:24:10 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] Error: (06/28/2016 07:27:19 AM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR DPTF Build Version: 8.1.10602.174 DPTF Build Date: Jul 23 2015 11:24:10 Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737 Executing Function: DptfEvent Message: Received unexpected event Framework Event: DptfResume [3] System errors: ============= Error: (06/29/2016 12:54:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (06/29/2016 10:39:30 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (06/29/2016 07:22:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "User Data Access_64b8d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service. Error: (06/29/2016 07:22:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "User Data Storage_64b8d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service. Error: (06/29/2016 07:22:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Contact Data_64b8d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service. Error: (06/29/2016 07:22:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Sync Host_64b8d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service. Error: (06/29/2016 07:22:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (06/29/2016 07:19:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "User Data Access_3e2c77" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service. Error: (06/29/2016 07:19:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "User Data Storage_3e2c77" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service. Error: (06/29/2016 07:19:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Contact Data_3e2c77" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Restart the service. CodeIntegrity: =================================== Date: 2016-06-28 08:19:14.772 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-27 22:04:07.630 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-27 19:27:12.657 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-27 19:26:36.802 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-27 19:21:45.747 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz Percentage of memory in use: 38% Total physical RAM: 8097.91 MB Available physical RAM: 4998.89 MB Total Virtual: 10017.91 MB Available Virtual: 7132.56 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:119.12 GB) (Free:42.3 GB) NTFS ==>[system with boot components (obtained from drive)] Drive e: (Volume) (Fixed) (Total:98.24 GB) (Free:53.4 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: 2BC178FB) Partition: GPT. ==================== End of Addition.txt ============================ |
![]() | #15 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() AVG user Interface FRST.exe fehlt
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() |
Themen zu AVG user Interface |
avg, direkt, drucker, einzelne, gestern, hoffe, interne, internet, jahre, manager, maus, melde, neuen, nicht mehr, photoshop, probleme, programme, programmen, starte, starten, suche, task manager, windows, überhaupt, öffnen |