Virenbefall?

krautsand · 22.10.2016, 22:36

Hallo,

ich kann die BitBox nicht installieren. Der Vorgang bricht immer ab.

im Internet bin ich auf diesen Schlüssel gestoßen, der offensichtlich in einem Zusammenhang damit zu stehen scheint:

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00020420-0000-0000-C000-000000000046}

in Verbindung mit diesem Schlüssel scheinen noch andere Einträge zu stehen, die ich ebenfalls gefunden habe und die auf Malware hinzudeuten scheinen:

HKEY_CLASSES_ROOT\TDCCtl.TDCCtl
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TDCCtl.TDCCtl.

Diese Einträge lassen sich nicht löschen

Auf meinem Rechner ist Windows 10 installiert.

Vielleicht kann mir ja jemand was dazu sagen. Vielen Dank imvoraus dafür

krautsand

deeprybka · 23.10.2016, 09:18

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
Poste die Logfiles direkt in Deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:

Schritt 1

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

krautsand · 23.10.2016, 10:55

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016
Ran by hannibla34 (administrator) on WO (23-10-2016 11:09:00)
Running from C:\Users\hannibla34\Downloads
Loaded Profiles: hannibla34 (Available Profiles: hannibla34)
Platform: Windows 10 Home Version 1607 (X64) Language: Englisch (Vereinigte Staaten)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
() C:\Windows\SysWOW64\spdsvc.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(The Document Foundation) C:\Program Files (x86)\LibreOffice 5\program\swriter.exe
(The Document Foundation) C:\Program Files (x86)\LibreOffice 5\program\soffice.exe
(The Document Foundation) C:\Program Files (x86)\LibreOffice 5\program\soffice.bin


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843784 2016-10-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1460744 2016-10-10] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-08] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-08-26] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1767944 2016-08-26] (NVIDIA Corporation)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9083840 2016-10-17] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-903397656-3433550281-814490945-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-903397656-3433550281-814490945-1002\...\Run: [STUISpeedLauncher] => C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [411136 2015-02-09] ()
HKU\S-1-5-21-903397656-3433550281-814490945-1002\...\RunOnce: [Uninstall C:\Users\hannibla34\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\hannibla34\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-903397656-3433550281-814490945-1002\...\MountPoints2: {edacece7-dd02-11e4-83a5-e03f494be62f} - "F:\LaunchU3.exe" -a
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-03] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\JonDo.lnk [2016-10-16]
ShortcutTarget: JonDo.lnk -> C:\Program Files (x86)\JonDo\JonDo.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk [2016-10-03]
ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe (Samsung Electronics Co., Ltd.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{08cc1ffa-e995-4050-bae0-a889450459c4}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{254b7778-8ee2-4215-b214-3ed75a8c8c16}: [NameServer] 10.74.210.210 10.74.210.211

Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\j 1\bin\ssv.dll [2016-10-22] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\j 1\bin\jp2ssv.dll [2016-10-22] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: pw7v4dn5.default-1422187340623
FF ProfilePath: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623 [2016-10-23]
FF NetworkProxy: Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623 -> type", 4
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\Extensions\adblockpopups@jessehakanen.net.xpi [2016-05-04]
FF Extension: (German Dictionary, extended for Austria) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\Extensions\de-AT@dictionaries.addons.mozilla.org [2016-01-30]
FF Extension: (Element Hiding Helper for Adblock Plus) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\Extensions\elemhidehelper@adblockplus.org.xpi [2016-08-03]
FF Extension: (FoxyProxy Standard) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\Extensions\foxyproxy@eric.h.jung [2016-09-02]
FF Extension: (Privacy Badger) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2016-10-16]
FF Extension: (YouTubeâ„¢ HD Plus) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\Extensions\jid1-wkCmfgboni3B1Q@jetpack.xpi [2016-01-30]
FF Extension: (SQLite Manager) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2016-05-04]
FF Extension: (uBlock Origin) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\Extensions\uBlock0@raymondhill.net.xpi [2016-10-16]
FF Extension: (EPUBReader) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2016-09-02]
FF Extension: (Video DownloadHelper) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-10-11]
FF Extension: (Adblock Plus) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-04]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\searchplugins\duckduckgo-de.xml [2015-01-25]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\searchplugins\duckduckgo-html.xml [2015-01-25]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\searchplugins\dudende-suche.xml [2015-01-25]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\searchplugins\google-ssl-1.xml [2015-01-25]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\searchplugins\google-ssl-de.xml [2015-01-25]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\searchplugins\google-ssl.xml [2015-01-25]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\searchplugins\googletranslate.xml [2015-01-25]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\searchplugins\ixquick-https.xml [2015-01-25]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\searchplugins\metager.xml [2015-01-25]
FF ProfilePath: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox [2016-10-22]
FF NewTab: Mozilla\Firefox\Profiles\JonDoFox -> about:blank
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\JonDoFox -> Startpage HTTPS
FF Homepage: Mozilla\Firefox\Profiles\JonDoFox -> about:home
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> ftp", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> ftp_port", 4001
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> gopher", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> gopher_port", 4001
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> http", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> http_port", 4001
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> no_proxies_on", ""
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> socks", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> socks_port", 4001
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> socks_remote_dns", true
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> ssl", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> ssl_port", 4001
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> type", 1
FF Extension: (HTTPS-Everywhere) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\https-everywhere@eff.org [2016-10-16]
FF Extension: (Adblock Plus) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-16]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\duckduckgo-ssl-javascript-free.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-de-ssl.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-encrypted-no-personalization.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick---deutsch.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---deutsch.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---english.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-eng-ger.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-esp-ale.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-fra-all.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\metager.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-deutsch.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-english.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startpage-https---deutsch.xml [2016-03-14]
FF ProfilePath: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\8w8h0nsx.Standard-Benutzer [2016-10-22]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-03]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-03]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-12] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\j 1\bin\dtplugin\npDeployJava1.dll [2016-10-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\j 1\bin\plugin2\npjp2.dll [2016-10-22] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-903397656-3433550281-814490945-1002: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-03] (AVAST Software)
S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-08-26] (NVIDIA Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-08] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [682064 2014-04-26] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-08-26] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-08-26] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-08-26] (NVIDIA Corporation)
R2 Samsung Network Fax Server; C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxServer64.exe [633024 2015-02-04] (Samsung Electronics Co., Ltd.)
R2 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [499000 2016-08-17] ()
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWoW64\SecUPDUtilSvc.exe [143664 2016-10-03] ()
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiChargerDT; C:\Windows\SysWow64\drivers\AiChargerDT.sys [14880 2012-10-18] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-03] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-03] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-03] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-03] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-16] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-30] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-03] (AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2015-01-01] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [119272 2014-10-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [131608 2014-10-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [542672 2016-10-10] (Intel Corporation)
S3 huawei_wwanecm; C:\WINDOWS\system32\DRIVERS\ew_juwwanecm.sys [248320 2014-08-21] (Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [27552 2016-09-04] (REALiX(tm))
S0 megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [64352 2016-10-05] (Avago Technologies)
S3 MEMSWEEP2; C:\Windows\system32\2284.tmp [6144 2009-06-18] (Sophos Plc) [File not signed]
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d3851cb7c8216f9e\nvlddmkm.sys [14216760 2016-08-27] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-08-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56376 2016-08-26] (NVIDIA Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42600 2016-09-04] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-23 11:09 - 2016-10-23 11:09 - 00024281 _____ C:\Users\hannibla34\Downloads\FRST.txt
2016-10-23 11:00 - 2016-10-23 11:00 - 00000093 ____H C:\Users\hannibla34\Documents\.~lock.Berlin.odt#
2016-10-23 10:58 - 2016-10-23 11:09 - 00000000 ____D C:\FRST
2016-10-23 10:57 - 2016-10-23 10:58 - 02407424 _____ (Farbar) C:\Users\hannibla34\Downloads\FRST64.exe
2016-10-22 23:38 - 2016-10-22 23:38 - 00010558 _____ C:\Users\hannibla34\Documents\Malware kurz.odt
2016-10-22 19:20 - 2016-10-22 19:20 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-10-22 19:20 - 2016-10-22 19:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-10-22 17:10 - 2016-10-23 10:52 - 00003032 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (hannibla34)
2016-10-22 17:10 - 2016-10-22 17:10 - 00003378 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2016-10-22 17:10 - 2016-10-22 17:10 - 00000000 ____D C:\ProgramData\ProductData
2016-10-22 14:35 - 2016-10-22 14:35 - 00000000 ____D C:\Users\hannibla34\AppData\Roaming\JonDo
2016-10-20 11:44 - 2016-10-20 11:44 - 00248343 _____ C:\Users\hannibla34\Downloads\Divi Basii Westfassade -Architekturzeichnung - Rekonstrukionsversuch der ursprÃ¼nglichen Westfasade.jpeg
2016-10-20 11:40 - 2016-10-20 11:47 - 651661120 _____ (Sirrix AG) C:\Users\hannibla34\Downloads\Browser_In_The_Box.4.3.2-r211.firefox.Archive.exe
2016-10-18 22:43 - 2016-10-22 17:10 - 00002332 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2016-10-18 22:43 - 2016-10-22 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2016-10-16 15:46 - 2016-10-16 15:46 - 00000000 ____D C:\Users\hannibla34\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JonDoFox
2016-10-16 15:41 - 2016-10-22 17:46 - 00000000 ____D C:\Program Files (x86)\JonDo
2016-10-16 15:41 - 2016-10-16 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JonDo
2016-10-13 23:27 - 2016-10-13 23:27 - 00000000 ____D C:\Users\hannibla34\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2016-10-13 19:58 - 2016-10-13 19:59 - 00726048 _____ C:\Users\hannibla34\Downloads\Stadtwerdung im berliner Nordosten - urbanisierung zwischen 1820 und 1920 - Ausstellungskonzeption.pdf
2016-10-13 13:42 - 2016-10-13 13:42 - 03874368 _____ C:\Users\hannibla34\Downloads\adwcleaner_6.021.exe
2016-10-12 23:11 - 2016-10-12 23:11 - 00078589 _____ C:\Users\hannibla34\Downloads\108979_Lange_Nacht_der_Tasten.pdf
2016-10-12 12:15 - 2016-10-05 12:34 - 01051104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-10-12 12:15 - 2016-10-05 12:34 - 00894088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-10-12 12:15 - 2016-10-05 12:31 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-10-12 12:15 - 2016-10-05 12:31 - 01353768 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-10-12 12:15 - 2016-10-05 12:31 - 01172472 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-10-12 12:15 - 2016-10-05 12:17 - 01322848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2016-10-12 12:15 - 2016-10-05 12:13 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-10-12 12:15 - 2016-10-05 12:13 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-10-12 12:15 - 2016-10-05 12:13 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2016-10-12 12:15 - 2016-10-05 12:12 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-10-12 12:15 - 2016-10-05 12:12 - 01112928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-10-12 12:15 - 2016-10-05 12:12 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-12 12:15 - 2016-10-05 12:09 - 22219328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-10-12 12:15 - 2016-10-05 12:09 - 00064352 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\MegaSas2i.sys
2016-10-12 12:15 - 2016-10-05 12:08 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-10-12 12:15 - 2016-10-05 12:03 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-10-12 12:15 - 2016-10-05 11:51 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-10-12 12:15 - 2016-10-05 11:50 - 02256592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-10-12 12:15 - 2016-10-05 11:50 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2016-10-12 12:15 - 2016-10-05 11:48 - 01022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-10-12 12:15 - 2016-10-05 11:46 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-10-12 12:15 - 2016-10-05 11:46 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-10-12 12:15 - 2016-10-05 11:46 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-10-12 12:15 - 2016-10-05 11:45 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-10-12 12:15 - 2016-10-05 11:44 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-10-12 12:15 - 2016-10-05 11:41 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-10-12 12:15 - 2016-10-05 11:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-10-12 12:15 - 2016-10-05 11:38 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2016-10-12 12:15 - 2016-10-05 11:36 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-12 12:15 - 2016-10-05 11:35 - 00327680 _____ C:\WINDOWS\system32\wc_storage.dll
2016-10-12 12:15 - 2016-10-05 11:35 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2016-10-12 12:15 - 2016-10-05 11:35 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2016-10-12 12:15 - 2016-10-05 11:34 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-10-12 12:15 - 2016-10-05 11:33 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2016-10-12 12:15 - 2016-10-05 11:33 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-10-12 12:15 - 2016-10-05 11:33 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-10-12 12:15 - 2016-10-05 11:33 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-10-12 12:15 - 2016-10-05 11:32 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-10-12 12:15 - 2016-10-05 11:32 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-10-12 12:15 - 2016-10-05 11:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2016-10-12 12:15 - 2016-10-05 11:32 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-10-12 12:15 - 2016-10-05 11:31 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-10-12 12:15 - 2016-10-05 11:31 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-10-12 12:15 - 2016-10-05 11:31 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2016-10-12 12:15 - 2016-10-05 11:31 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2016-10-12 12:15 - 2016-10-05 11:31 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-10-12 12:15 - 2016-10-05 11:30 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2016-10-12 12:15 - 2016-10-05 11:29 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-10-12 12:15 - 2016-10-05 11:29 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2016-10-12 12:15 - 2016-10-05 11:28 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-10-12 12:15 - 2016-10-05 11:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-10-12 12:15 - 2016-10-05 11:28 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2016-10-12 12:15 - 2016-10-05 11:27 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-10-12 12:15 - 2016-10-05 11:27 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-10-12 12:15 - 2016-10-05 11:27 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-12 12:15 - 2016-10-05 11:26 - 23680512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-10-12 12:15 - 2016-10-05 11:26 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-10-12 12:15 - 2016-10-05 11:26 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2016-10-12 12:15 - 2016-10-05 11:26 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-10-12 12:15 - 2016-10-05 11:26 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2016-10-12 12:15 - 2016-10-05 11:26 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2016-10-12 12:15 - 2016-10-05 11:25 - 01589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-10-12 12:15 - 2016-10-05 11:25 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-10-12 12:15 - 2016-10-05 11:25 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2016-10-12 12:15 - 2016-10-05 11:25 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-10-12 12:15 - 2016-10-05 11:25 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2016-10-12 12:15 - 2016-10-05 11:24 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2016-10-12 12:15 - 2016-10-05 11:24 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2016-10-12 12:15 - 2016-10-05 11:23 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-10-12 12:15 - 2016-10-05 11:23 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2016-10-12 12:15 - 2016-10-05 11:23 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-10-12 12:15 - 2016-10-05 11:23 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2016-10-12 12:15 - 2016-10-05 11:23 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-10-12 12:15 - 2016-10-05 11:22 - 13081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-10-12 12:15 - 2016-10-05 11:21 - 08075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-10-12 12:15 - 2016-10-05 11:21 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-10-12 12:15 - 2016-10-05 11:21 - 01364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-10-12 12:15 - 2016-10-05 11:21 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-10-12 12:15 - 2016-10-05 11:20 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-10-12 12:15 - 2016-10-05 11:20 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-10-12 12:15 - 2016-10-05 11:20 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-10-12 12:15 - 2016-10-05 11:19 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2016-10-12 12:15 - 2016-10-05 11:19 - 02265088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-10-12 12:15 - 2016-10-05 11:19 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-10-12 12:15 - 2016-10-05 11:19 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-10-12 12:15 - 2016-10-05 11:18 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-10-12 12:15 - 2016-10-05 11:18 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-10-12 12:15 - 2016-10-05 11:18 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-10-12 12:15 - 2016-10-05 11:18 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-10-12 12:15 - 2016-10-05 11:18 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-10-12 12:15 - 2016-10-05 11:17 - 08126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-10-12 12:15 - 2016-10-05 11:17 - 02914304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-10-12 12:15 - 2016-10-05 11:17 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-10-12 12:15 - 2016-10-05 11:16 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-10-12 12:15 - 2016-10-05 11:16 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-10-12 12:15 - 2016-10-05 11:16 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-10-12 12:15 - 2016-10-05 11:16 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-10-12 12:15 - 2016-10-05 11:15 - 07625728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-10-12 12:15 - 2016-10-05 11:15 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-10-12 12:15 - 2016-10-05 11:15 - 01980416 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-12 12:15 - 2016-10-05 11:15 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-10-12 12:15 - 2016-10-05 11:15 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-10-12 12:15 - 2016-10-05 11:15 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2016-10-12 12:15 - 2016-10-05 11:14 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-10-12 12:15 - 2016-10-05 11:14 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-10-12 12:15 - 2016-10-05 11:14 - 02667520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-10-12 12:15 - 2016-10-05 11:14 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-12 12:15 - 2016-10-05 11:14 - 01778176 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-10-12 12:15 - 2016-10-05 11:14 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-10-12 12:15 - 2016-10-05 11:14 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-10-12 12:15 - 2016-10-05 11:14 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-10-12 12:15 - 2016-10-05 11:13 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-10-12 12:15 - 2016-10-05 11:13 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2016-10-12 12:15 - 2016-10-05 11:12 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-10-12 12:15 - 2016-10-05 11:12 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-10-12 12:15 - 2016-10-05 11:12 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-10-12 12:15 - 2016-10-05 11:11 - 12174848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-10-12 12:15 - 2016-10-05 11:11 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-10-12 12:15 - 2016-10-05 11:11 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-10-12 12:15 - 2016-10-05 11:11 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-10-12 12:15 - 2016-10-05 11:11 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-10-12 12:15 - 2016-10-05 11:10 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-10-12 12:15 - 2016-10-05 11:09 - 07467520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-10-12 12:15 - 2016-10-05 11:09 - 03369984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-10-12 12:15 - 2016-10-05 11:09 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-10-12 12:15 - 2016-10-05 11:09 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-10-12 12:15 - 2016-10-05 11:09 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-10-12 12:15 - 2016-10-05 11:09 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-10-12 12:15 - 2016-10-05 11:08 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-10-12 12:15 - 2016-10-05 11:08 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-10-12 12:15 - 2016-10-05 11:08 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-10-12 12:15 - 2016-10-05 11:07 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-10-12 12:15 - 2016-10-05 11:07 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-10-12 12:15 - 2016-10-05 11:07 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-10-12 12:15 - 2016-10-05 11:07 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-10-12 12:15 - 2016-10-05 11:06 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-10-12 12:15 - 2016-10-05 11:06 - 02254336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-10-12 12:15 - 2016-10-05 11:06 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-12 12:15 - 2016-10-05 11:06 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-10-12 12:15 - 2016-10-05 11:06 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-10-12 12:15 - 2016-10-05 11:06 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-10-12 12:15 - 2016-10-05 11:06 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-10-12 12:15 - 2016-10-05 11:06 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-10-12 12:15 - 2016-10-05 11:05 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-10-12 12:15 - 2016-10-05 11:05 - 00751104 _____ (Microsoft Corporation)

krautsand · 23.10.2016, 10:56

Code:

ATTFilter

C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-10-12 12:15 - 2016-10-05 02:01 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-10-12 12:15 - 2016-09-07 07:34 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-10-12 12:14 - 2016-10-05 12:35 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-10-12 12:14 - 2016-10-05 12:33 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2016-10-12 12:14 - 2016-10-05 12:30 - 07812448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-10-12 12:14 - 2016-10-05 12:22 - 01181536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-10-12 12:14 - 2016-10-05 12:16 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-10-12 12:14 - 2016-10-05 12:09 - 04129928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-10-12 12:14 - 2016-10-05 12:09 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-10-12 12:14 - 2016-10-05 12:09 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-10-12 12:14 - 2016-10-05 12:04 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-10-12 12:14 - 2016-10-05 12:04 - 00628032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-10-12 12:14 - 2016-10-05 11:49 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-10-12 12:14 - 2016-10-05 11:36 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-10-12 12:14 - 2016-10-05 11:35 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2016-10-12 12:14 - 2016-10-05 11:35 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-10-12 12:14 - 2016-10-05 11:34 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-10-12 12:14 - 2016-10-05 11:31 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-10-12 12:14 - 2016-10-05 11:31 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-10-12 12:14 - 2016-10-05 11:29 - 09129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-10-12 12:14 - 2016-10-05 11:29 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-10-12 12:14 - 2016-10-05 11:29 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-10-12 12:14 - 2016-10-05 11:28 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-10-12 12:14 - 2016-10-05 11:28 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-12 12:14 - 2016-10-05 11:28 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2016-10-12 12:14 - 2016-10-05 11:26 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-10-12 12:14 - 2016-10-05 11:23 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-10-12 12:14 - 2016-10-05 11:22 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-10-12 12:14 - 2016-10-05 11:22 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-10-12 12:14 - 2016-10-05 11:22 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2016-10-12 12:14 - 2016-10-05 11:21 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-10-12 12:14 - 2016-10-05 11:21 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-10-12 12:14 - 2016-10-05 11:20 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-10-12 12:14 - 2016-10-05 11:18 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-10-12 12:14 - 2016-10-05 11:17 - 04136960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-10-12 12:14 - 2016-10-05 11:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
2016-10-12 12:14 - 2016-10-05 11:16 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-10-12 12:14 - 2016-10-05 11:16 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-10-12 12:14 - 2016-10-05 11:15 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-10-12 12:14 - 2016-10-05 11:15 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-12 12:14 - 2016-10-05 11:15 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-10-12 12:14 - 2016-10-05 11:15 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-10-12 12:14 - 2016-10-05 11:14 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-10-12 12:14 - 2016-10-05 11:14 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-10-12 12:14 - 2016-10-05 11:07 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2016-10-12 12:14 - 2016-10-05 11:07 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 72520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-10-10 21:45 - 2016-10-10 21:45 - 07172912 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 07096192 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 06618275 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-10-10 21:45 - 2016-10-10 21:45 - 03282544 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 03203592 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 02895104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-10-10 21:45 - 2016-10-10 21:45 - 02073088 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 02050184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 01965816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 01780624 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 01591064 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 01508936 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 01382240 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 01360520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 01166160 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00965032 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00873472 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00743968 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00727440 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00708312 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00678184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00677680 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00618192 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00514528 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00504312 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00500560 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00445408 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00441272 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00428232 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00330560 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00327456 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00272720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00253904 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00253864 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00252880 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00231920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00221976 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00214840 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00158704 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00151792 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00134208 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00118592 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00110992 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00090920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00088328 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2016-10-10 21:45 - 2016-10-10 21:45 - 00075544 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2016-10-10 21:41 - 2016-10-10 21:41 - 00542672 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\e1d65x64.sys
2016-10-10 21:41 - 2016-10-10 21:41 - 00125728 _____ (Intel Corporation) C:\WINDOWS\system32\NicCo4.dll
2016-10-10 21:41 - 2016-10-10 21:41 - 00090608 _____ (Intel Corporation) C:\WINDOWS\system32\NicInstD.dll
2016-10-10 21:41 - 2016-10-10 21:41 - 00075288 _____ (Intel Corporation) C:\WINDOWS\system32\e1dmsg.dll
2016-10-10 21:41 - 2016-10-10 21:41 - 00003130 _____ C:\WINDOWS\system32\e1d65x64.din
2016-10-03 00:18 - 2016-10-13 15:36 - 00002784 _____ C:\WINDOWS\System32\Tasks\EPM Preload
2016-10-03 00:18 - 2016-10-03 00:18 - 00000000 ____D C:\Program Files\Common Files\Common Desktop Agent
2016-10-03 00:17 - 2016-10-03 00:17 - 00000000 ____D C:\Users\hannibla34\AppData\Local\Samsung
2016-10-03 00:17 - 2016-10-03 00:17 - 00000000 ____D C:\Program Files\Samsung
2016-10-03 00:17 - 2015-01-24 12:22 - 03029504 ____N C:\WINDOWS\system32\DlgSearchEngine.dll
2016-10-03 00:15 - 2016-10-03 00:15 - 00002353 _____ C:\Users\Public\Desktop\Samsung Drucker-Diagnose.lnk
2016-10-03 00:15 - 2016-08-28 10:23 - 00018055 ____N C:\WINDOWS\SysWOW64\spddata.xml
2016-10-03 00:15 - 2016-08-17 13:43 - 00499000 ____N C:\WINDOWS\SysWOW64\spdsvc.exe
2016-10-03 00:10 - 2016-10-03 00:10 - 00143664 ____N C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe
2016-10-03 00:10 - 2016-10-03 00:10 - 00143664 ____N C:\WINDOWS\system32\SecUPDUtilSvc.exe
2016-10-03 00:10 - 2016-08-17 07:41 - 02078208 ____N C:\WINDOWS\SysWOW64\DlgSearchEngine.dll
2016-10-03 00:10 - 2015-03-12 04:43 - 00089600 _____ (SS) C:\WINDOWS\system32\ux003ci.dll
2016-10-03 00:10 - 2015-03-12 04:43 - 00022528 _____ () C:\WINDOWS\system32\ux003lm.dll
2016-10-03 00:10 - 2015-02-04 06:41 - 00158016 _____ C:\WINDOWS\system32\ux003ci.exe
2016-10-03 00:05 - 2016-10-03 00:06 - 28455728 _____ C:\Users\hannibla34\Downloads\SamsungUniversalPrintDriver3XPS.exe
2016-10-01 22:43 - 2016-10-01 22:43 - 00632904 _____ (O&O Software GmbH) C:\Users\hannibla34\Downloads\OOSU10.exe
2016-10-01 20:50 - 2016-10-01 20:50 - 16581414 _____ C:\Users\hannibla34\Downloads\Jilet Ayse, Ich bin voooll sauer !!!.mp4
2016-10-01 20:22 - 2016-10-22 15:53 - 00036747 _____ C:\Users\hannibla34\Documents\Berlin.odt
2016-10-01 20:07 - 2016-10-01 20:07 - 00502496 _____ C:\Users\hannibla34\Downloads\bezirksregionen_und_prognoseraume.pdf
2016-10-01 18:57 - 2016-10-01 18:57 - 09072300 _____ C:\Users\hannibla34\Downloads\kurzzusammenfassung_bzrp.pdf
2016-10-01 18:54 - 2016-10-01 18:54 - 09794166 _____ C:\Users\hannibla34\Downloads\wie-liest-man-ein-bezirksregionenprofil.pdf
2016-10-01 00:37 - 2016-10-01 00:37 - 00001219 _____ C:\Users\Public\Desktop\LibreOffice 5.2.lnk
2016-10-01 00:37 - 2016-10-01 00:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.2
2016-09-30 22:48 - 2016-09-30 22:48 - 00108236 _____ C:\Users\hannibla34\Downloads\Nutzungsvereinbarung+Postfach(1).pdf
2016-09-30 22:46 - 2016-10-23 10:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-30 22:46 - 2016-09-15 20:14 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-30 22:46 - 2016-09-15 19:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2016-09-30 22:46 - 2016-09-15 19:35 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2016-09-30 22:46 - 2016-09-15 19:33 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-09-30 22:46 - 2016-09-15 19:30 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-09-30 22:46 - 2016-09-15 19:29 - 01377016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-30 22:46 - 2016-09-15 19:29 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2016-09-30 22:46 - 2016-09-15 19:29 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-09-30 22:46 - 2016-09-15 19:29 - 00512416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2016-09-30 22:46 - 2016-09-15 19:27 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-30 22:46 - 2016-09-15 19:27 - 00553312 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-09-30 22:46 - 2016-09-15 19:27 - 00434528 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-09-30 22:46 - 2016-09-15 19:25 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-30 22:46 - 2016-09-15 19:23 - 00170960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-09-30 22:46 - 2016-09-15 19:22 - 00860512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-30 22:46 - 2016-09-15 19:21 - 01218912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-09-30 22:46 - 2016-09-15 19:21 - 01000288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-09-30 22:46 - 2016-09-15 19:20 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-30 22:46 - 2016-09-15 19:20 - 00634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2016-09-30 22:46 - 2016-09-15 19:18 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-30 22:46 - 2016-09-15 19:16 - 01292640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-30 22:46 - 2016-09-15 19:16 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-09-30 22:46 - 2016-09-15 19:15 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-09-30 22:46 - 2016-09-15 19:14 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-30 22:46 - 2016-09-15 19:14 - 00119648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2016-09-30 22:46 - 2016-09-15 19:13 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-30 22:46 - 2016-09-15 19:13 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2016-09-30 22:46 - 2016-09-15 19:12 - 08158672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-09-30 22:46 - 2016-09-15 19:12 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-30 22:46 - 2016-09-15 19:11 - 00773168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-09-30 22:46 - 2016-09-15 19:10 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-09-30 22:46 - 2016-09-15 19:10 - 00918848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-09-30 22:46 - 2016-09-15 19:06 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-09-30 22:46 - 2016-09-15 19:06 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-09-30 22:46 - 2016-09-15 19:06 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-09-30 22:46 - 2016-09-15 19:06 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-09-30 22:46 - 2016-09-15 19:03 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-09-30 22:46 - 2016-09-15 19:03 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TempSignedLicenseExchangeTask.dll
2016-09-30 22:46 - 2016-09-15 19:03 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2016-09-30 22:46 - 2016-09-15 19:02 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-30 22:46 - 2016-09-15 19:01 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2016-09-30 22:46 - 2016-09-15 19:00 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-30 22:46 - 2016-09-15 18:59 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovslegacy.dll
2016-09-30 22:46 - 2016-09-15 18:58 - 00491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-30 22:46 - 2016-09-15 18:58 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlancfg.dll
2016-09-30 22:46 - 2016-09-15 18:57 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2016-09-30 22:46 - 2016-09-15 18:57 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-30 22:46 - 2016-09-15 18:56 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-30 22:46 - 2016-09-15 18:56 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-09-30 22:46 - 2016-09-15 18:56 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2016-09-30 22:46 - 2016-09-15 18:56 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2016-09-30 22:46 - 2016-09-15 18:56 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManagerApi.dll
2016-09-30 22:46 - 2016-09-15 18:55 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2016-09-30 22:46 - 2016-09-15 18:55 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-30 22:46 - 2016-09-15 18:55 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2016-09-30 22:46 - 2016-09-15 18:55 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-09-30 22:46 - 2016-09-15 18:55 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-09-30 22:46 - 2016-09-15 18:54 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-09-30 22:46 - 2016-09-15 18:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-09-30 22:46 - 2016-09-15 18:54 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2016-09-30 22:46 - 2016-09-15 18:53 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-09-30 22:46 - 2016-09-15 18:53 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2016-09-30 22:46 - 2016-09-15 18:52 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-09-30 22:46 - 2016-09-15 18:51 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-09-30 22:46 - 2016-09-15 18:51 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2016-09-30 22:46 - 2016-09-15 18:50 - 07219200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-30 22:46 - 2016-09-15 18:50 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-09-30 22:46 - 2016-09-15 18:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-09-30 22:46 - 2016-09-15 18:49 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-09-30 22:46 - 2016-09-15 18:47 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-09-30 22:46 - 2016-09-15 18:47 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2016-09-30 22:46 - 2016-09-15 18:46 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2016-09-30 22:46 - 2016-09-15 18:46 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-30 22:46 - 2016-09-15 18:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll
2016-09-30 22:46 - 2016-09-15 18:43 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2016-09-30 22:46 - 2016-09-15 18:43 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-09-30 22:46 - 2016-09-15 18:43 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-09-30 22:46 - 2016-09-15 18:43 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2016-09-30 22:46 - 2016-09-15 18:43 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2016-09-30 22:46 - 2016-09-15 18:42 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-09-30 22:46 - 2016-09-15 18:42 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2016-09-30 22:46 - 2016-09-15 18:41 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-09-30 22:46 - 2016-09-15 18:41 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2016-09-30 22:46 - 2016-09-15 18:41 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2016-09-30 22:46 - 2016-09-15 18:40 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-09-30 22:46 - 2016-09-15 18:40 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-30 22:46 - 2016-09-15 18:40 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2016-09-30 22:46 - 2016-09-15 18:40 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-09-30 22:46 - 2016-09-15 18:40 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-09-30 22:46 - 2016-09-15 18:40 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-09-30 22:46 - 2016-09-15 18:39 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-09-30 22:46 - 2016-09-15 18:39 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2016-09-30 22:46 - 2016-09-15 18:39 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2016-09-30 22:46 - 2016-09-15 18:39 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2016-09-30 22:46 - 2016-09-15 18:39 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-09-30 22:46 - 2016-09-15 18:39 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2016-09-30 22:46 - 2016-09-15 18:38 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2016-09-30 22:46 - 2016-09-15 18:38 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-09-30 22:46 - 2016-09-15 18:38 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-09-30 22:46 - 2016-09-15 18:38 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-09-30 22:46 - 2016-09-15 18:38 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-30 22:46 - 2016-09-15 18:38 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2016-09-30 22:46 - 2016-09-15 18:38 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2016-09-30 22:46 - 2016-09-15 18:37 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-30 22:46 - 2016-09-15 18:37 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2016-09-30 22:46 - 2016-09-15 18:37 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-09-30 22:46 - 2016-09-15 18:37 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-09-30 22:46 - 2016-09-15 18:37 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-30 22:46 - 2016-09-15 18:37 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-09-30 22:46 - 2016-09-15 18:36 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2016-09-30 22:46 - 2016-09-15 18:36 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-09-30 22:46 - 2016-09-15 18:36 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-09-30 22:46 - 2016-09-15 18:36 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-09-30 22:46 - 2016-09-15 18:36 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-09-30 22:46 - 2016-09-15 18:36 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-09-30 22:46 - 2016-09-15 18:36 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-09-30 22:46 - 2016-09-15 18:36 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-09-30 22:46 - 2016-09-15 18:36 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovslegacy.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2016-09-30 22:46 - 2016-09-15 18:34 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-09-30 22:46 - 2016-09-15 18:34 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-09-30 22:46 - 2016-09-15 18:34 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-09-30 22:46 - 2016-09-15 18:33 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-09-30 22:46 - 2016-09-15 18:32 - 01037312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2016-09-30 22:46 - 2016-09-15 18:32 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-09-30 22:46 - 2016-09-15 18:31 - 01912320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-30 22:46 - 2016-09-15 18:31 - 01553408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-30 22:46 - 2016-09-15 18:30 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-09-30 22:46 - 2016-09-15 18:30 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-09-30 22:46 - 2016-09-15 18:30 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-09-30 22:46 - 2016-09-15 18:30 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-30 22:46 - 2016-09-15 18:29 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-30 22:46 - 2016-09-15 18:29 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-30 22:46 - 2016-09-15 18:29 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-30 22:46 - 2016-09-15 18:28 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-09-30 22:46 - 2016-09-15 18:27 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-09-30 22:46 - 2016-09-15 18:27 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-30 22:46 - 2016-09-15 18:27 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-09-30 22:46 - 2016-09-15 18:27 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2016-09-30 22:46 - 2016-09-15 18:27 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2016-09-30 22:46 - 2016-09-15 18:27 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-09-30 22:46 - 2016-09-15 18:27 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2016-09-30 22:46 - 2016-09-15 18:27 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2016-09-30 22:46 - 2016-09-15 18:27 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvenotify.exe
2016-09-30 22:46 - 2016-09-15 18:27 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Sens.dll
2016-09-30 22:46 - 2016-09-15 18:26 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-30 22:46 - 2016-09-15 18:26 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-30 22:46 - 2016-09-15 18:26 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-09-30 22:46 - 2016-09-15 18:26 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeui.dll
2016-09-30 22:46 - 2016-09-15 18:25 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2016-09-30 22:46 - 2016-09-15 18:25 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-09-30 22:46 - 2016-09-15 18:25 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2016-09-30 22:46 - 2016-09-15 18:24 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2016-09-30 22:46 - 2016-09-15 18:23 - 03405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-09-30 22:46 - 2016-09-15 18:23 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-09-30 22:46 - 2016-09-15 18:23 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-09-30 22:46 - 2016-09-15 18:22 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-09-30 22:46 - 2016-09-15 18:22 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-09-30 22:46 - 2016-09-15 18:21 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-09-30 22:46 - 2016-09-15 18:21 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-09-30 22:46 - 2016-09-15 18:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-09-30 22:46 - 2016-09-15 18:21 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-09-30 22:46 - 2016-09-15 18:20 - 01535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-09-30 22:46 - 2016-09-15 18:20 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-09-30 22:46 - 2016-09-15 18:20 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-09-30 22:46 - 2016-09-15 18:20 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-09-30 22:46 - 2016-09-15 18:20 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-09-30 22:46 - 2016-09-15 18:19 - 01130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-09-30 22:46 - 2016-09-15 18:19 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-09-30 22:46 - 2016-09-15 18:19 - 00788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-09-30 22:46 - 2016-09-15 18:19 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-30 22:46 - 2016-09-15 18:16 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-09-30 22:46 - 2016-09-15 18:16 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-09-30 22:46 - 2016-09-15 18:16 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2016-09-30 22:46 - 2016-08-05 10:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-30 22:45 - 2016-09-15 19:37 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-30 22:45 - 2016-09-15 19:37 - 00496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-09-30 22:45 - 2016-09-15 19:37 - 00402352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-09-30 22:45 - 2016-09-15 19:35 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-09-30 22:45 - 2016-09-15 19:32 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-09-30 22:45 - 2016-09-15 19:30 - 00646136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-09-30 22:45 - 2016-09-15 19:29 - 00424640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-09-30 22:45 - 2016-09-15 19:29 - 00218008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-09-30 22:45 - 2016-09-15 19:29 - 00169056 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2016-09-30 22:45 - 2016-09-15 19:29 - 00081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-09-30 22:45 - 2016-09-15 19:29 - 00074080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2016-09-30 22:45 - 2016-09-15 19:29 - 00023392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys
2016-09-30 22:45 - 2016-09-15 19:28 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-09-30 22:45 - 2016-09-15 19:27 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-30 22:45 - 2016-09-15 19:27 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-09-30 22:45 - 2016-09-15 19:26 - 00090400 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-09-30 22:45 - 2016-09-15 19:25 - 00340320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-30 22:45 - 2016-09-15 19:25 - 00280472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeunlock.exe
2016-09-30 22:45 - 2016-09-15 19:25 - 00262960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-09-30 22:45 - 2016-09-15 19:24 - 00764936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-09-30 22:45 - 2016-09-15 19:23 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-09-30 22:45 - 2016-09-15 19:22 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-30 22:45 - 2016-09-15 19:22 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-09-30 22:45 - 2016-09-15 19:22 - 00433832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-09-30 22:45 - 2016-09-15 19:21 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-09-30 22:45 - 2016-09-15 19:19 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-09-30 22:45 - 2016-09-15 19:18 - 06654616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-09-30 22:45 - 2016-09-15 19:18 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-09-30 22:45 - 2016-09-15 19:18 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-09-30 22:45 - 2016-09-15 19:18 - 00955528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-09-30 22:45 - 2016-09-15 19:18 - 00856872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-09-30 22:45 - 2016-09-15 19:18 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-09-30 22:45 - 2016-09-15 19:17 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-09-30 22:45 - 2016-09-15 19:16 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-30 22:45 - 2016-09-15 19:16 - 02190176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-30 22:45 - 2016-09-15 19:16 - 01738040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-30 22:45 - 2016-09-15 19:16 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-09-30 22:45 - 2016-09-15 19:16 - 00657760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-30 22:45 - 2016-09-15 19:16 - 00401760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-30 22:45 - 2016-09-15 19:16 - 00206096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-09-30 22:45 - 2016-09-15 19:15 - 00649568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-09-30 22:45 - 2016-09-15 19:15 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-09-30 22:45 - 2016-09-15 19:15 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-09-30 22:45 - 2016-09-15 19:15 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-09-30 22:45 - 2016-09-15 19:15 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-30 22:45 - 2016-09-15 19:15 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2016-09-30 22:45 - 2016-09-15 19:14 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-09-30 22:45 - 2016-09-15 19:14 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-30 22:45 - 2016-09-15 19:14 - 00988512 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-30 22:45 - 2016-09-15 19:14 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-30 22:45 - 2016-09-15 19:14 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-30 22:45 - 2016-09-15 19:14 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-09-30 22:45 - 2016-09-15 19:12 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-09-30 22:45 - 2016-09-15 19:11 - 04673296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-09-30 22:45 - 2016-09-15 19:11 - 01990640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-09-30 22:45 - 2016-09-15 19:11 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-09-30 22:45 - 2016-09-15 19:11 - 01066104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-30 22:45 - 2016-09-15 19:11 - 00862064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-09-30 22:45 - 2016-09-15 19:11 - 00725664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2016-09-30 22:45 - 2016-09-15 19:11 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-09-30 22:45 - 2016-09-15 19:08 - 05683712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-30 22:45 - 2016-09-15 19:07 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-09-30 22:45 - 2016-09-15 19:07 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-30 22:45 - 2016-09-15 19:07 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2016-09-30 22:45 - 2016-09-15 19:06 - 01046880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-09-30 22:45 - 2016-09-15 19:06 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-09-30 22:45 - 2016-09-15 19:01 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2016-09-30 22:45 - 2016-09-15 19:00 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2016-09-30 22:45 - 2016-09-15 19:00 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-09-30 22:45 - 2016-09-15 19:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-09-30 22:45 - 2016-09-15 18:59 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2016-09-30 22:45 - 2016-09-15 18:59 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2016-09-30 22:45 - 2016-09-15 18:58 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-09-30 22:45 - 2016-09-15 18:58 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-09-30 22:45 - 2016-09-15 18:58 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2016-09-30 22:45 - 2016-09-15 18:58 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2016-09-30 22:45 - 2016-09-15 18:58 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-09-30 22:45 - 2016-09-15 18:58 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2016-09-30 22:45 - 2016-09-15 18:57 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2016-09-30 22:45 - 2016-09-15 18:57 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2016-09-30 22:45 - 2016-09-15 18:57 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2016-09-30 22:45 - 2016-09-15 18:57 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-09-30 22:45 - 2016-09-15 18:57 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-30 22:45 - 2016-09-15 18:56 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2016-09-30 22:45 - 2016-09-15 18:56 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2016-09-30 22:45 - 2016-09-15 18:56 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2016-09-30 22:45 - 2016-09-15 18:56 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-09-30 22:45 - 2016-09-15 18:56 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DataExchange.dll
2016-09-30 22:45 - 2016-09-15 18:56 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2016-09-30 22:45 - 2016-09-15 18:55 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-09-30 22:45 - 2016-09-15 18:55 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2016-09-30 22:45 - 2016-09-15 18:55 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetworkCollectionAgent.dll
2016-09-30 22:45 - 2016-09-15 18:55 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-09-30 22:45 - 2016-09-15 18:55 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-09-30 22:45 - 2016-09-15 18:55 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-09-30 22:45 - 2016-09-15 18:55 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-09-30 22:45 - 2016-09-15 18:55 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2016-09-30 22:45 - 2016-09-15 18:55 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2016-09-30 22:45 - 2016-09-15 18:55 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\biwinrt.dll
2016-09-30 22:45 - 2016-09-15 18:55 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-09-30 22:45 - 2016-09-15 18:54 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2016-09-30 22:45 - 2016-09-15 18:54 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-30 22:45 - 2016-09-15 18:54 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2016-09-30 22:45 - 2016-09-15 18:53 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-09-30 22:45 - 2016-09-15 18:53 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-30 22:45 - 2016-09-15 18:53 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-09-30 22:45 - 2016-09-15 18:52 - 01358336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-09-30 22:45 - 2016-09-15 18:52 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2016-09-30 22:45 - 2016-09-15 18:52 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2016-09-30 22:45 - 2016-09-15 18:52 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-09-30 22:45 - 2016-09-15 18:52 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprapi.dll
2016-09-30 22:45 - 2016-09-15 18:52 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-09-30 22:45 - 2016-09-15 18:52 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-09-30 22:45 - 2016-09-15 18:51 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2016-09-30 22:45 - 2016-09-15 18:50 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pwrshplugin.dll
2016-09-30 22:45 - 2016-09-15 18:49 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-09-30 22:45 - 2016-09-15 18:49 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-09-30 22:45 - 2016-09-15 18:49 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-30 22:45 - 2016-09-15 18:48 - 01321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-30 22:45 - 2016-09-15 18:48 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-09-30 22:45 - 2016-09-15 18:48 - 01112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-30 22:45 - 2016-09-15 18:47 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-30 22:45 - 2016-09-15 18:47 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2016-09-30 22:45 - 2016-09-15 18:46 - 03305984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-09-30 22:45 - 2016-09-15 18:46 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-09-30 22:45 - 2016-09-15 18:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-09-30 22:45 - 2016-09-15 18:46 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-09-30 22:45 - 2016-09-15 18:45 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-30 22:45 - 2016-09-15 18:45 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-09-30 22:45 - 2016-09-15 18:45 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-09-30 22:45 - 2016-09-15 18:45 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-09-30 22:45 - 2016-09-15 18:44 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-30 22:45 - 2016-09-15 18:44 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-09-30 22:45 - 2016-09-15 18:44 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2016-09-30 22:45 - 2016-09-15 18:44 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-30 22:45 - 2016-09-15 18:43 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-09-30 22:45 - 2016-09-15 18:43 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-09-30 22:45 - 2016-09-15 18:43 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-30 22:45 - 2016-09-15 18:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-09-30 22:45 - 2016-09-15 18:43 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-09-30 22:45 - 2016-09-15 18:43 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2016-09-30 22:45 - 2016-09-15 18:42 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-30 22:45 - 2016-09-15 18:42 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2016-09-30 22:45 - 2016-09-15 18:42 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2016-09-30 22:45 - 2016-09-15 18:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2016-09-30 22:45 - 2016-09-15 18:42 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundMediaPolicy.dll
2016-09-30 22:45 - 2016-09-15 18:41 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-09-30 22:45 - 2016-09-15 18:41 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-09-30 22:45 - 2016-09-15 18:41 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2016-09-30 22:45 - 2016-09-15 18:41 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2016-09-30 22:45 - 2016-09-15 18:41 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-09-30 22:45 - 2016-09-15 18:41 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2016-09-30 22:45 - 2016-09-15 18:41 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2016-09-30 22:45 - 2016-09-15 18:40 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-09-30 22:45 - 2016-09-15 18:40 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-30 22:45 - 2016-09-15 18:40 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-09-30 22:45 - 2016-09-15 18:40 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-09-30 22:45 - 2016-09-15 18:40 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-09-30 22:45 - 2016-09-15 18:40 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2016-09-30 22:45 - 2016-09-15 18:40 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-09-30 22:45 - 2016-09-15 18:40 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2016-09-30 22:45 - 2016-09-15 18:40 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-09-30 22:45 - 2016-09-15 18:40 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-09-30 22:45 - 2016-09-15 18:40 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-09-30 22:45 - 2016-09-15 18:40 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2016-09-30 22:45 - 2016-09-15 18:39 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2016-09-30 22:45 - 2016-09-15 18:39 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2016-09-30 22:45 - 2016-09-15 18:39 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-09-30 22:45 - 2016-09-15 18:39 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-09-30 22:45 - 2016-09-15 18:39 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-09-30 22:45 - 2016-09-15 18:39 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2016-09-30 22:45 - 2016-09-15 18:39 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-09-30 22:45 - 2016-09-15 18:39 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-09-30 22:45 - 2016-09-15 18:38 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-09-30 22:45 - 2016-09-15 18:38 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-09-30 22:45 - 2016-09-15 18:38 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkCollectionAgent.dll
2016-09-30 22:45 - 2016-09-15 18:38 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-09-30 22:45 - 2016-09-15 18:38 - 00573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
2016-09-30 22:45 - 2016-09-15 18:38 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-09-30 22:45 - 2016-09-15 18:38 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2016-09-30 22:45 - 2016-09-15 18:38 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2016-09-30 22:45 - 2016-09-15 18:38 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2016-09-30 22:45 - 2016-09-15 18:38 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-30 22:45 - 2016-09-15 18:38 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-09-30 22:45 - 2016-09-15 18:38 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2016-09-30 22:45 - 2016-09-15 18:38 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-09-30 22:45 - 2016-09-15 18:37 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2016-09-30 22:45 - 2016-09-15 18:37 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-09-30 22:45 - 2016-09-15 18:37 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-09-30 22:45 - 2016-09-15 18:37 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2016-09-30 22:45 - 2016-09-15 18:37 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlancfg.dll
2016-09-30 22:45 - 2016-09-15 18:37 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-09-30 22:45 - 2016-09-15 18:37 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll
2016-09-30 22:45 - 2016-09-15 18:37 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-09-30 22:45 - 2016-09-15 18:36 - 00719360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-09-30 22:45 - 2016-09-15 18:36 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2016-09-30 22:45 - 2016-09-15 18:36 - 00648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-09-30 22:45 - 2016-09-15 18:36 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-09-30 22:45 - 2016-09-15 18:36 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2016-09-30 22:45 - 2016-09-15 18:36 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-09-30 22:45 - 2016-09-15 18:36 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-09-30 22:45 - 2016-09-15 18:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-09-30 22:45 - 2016-09-15 18:36 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-09-30 22:45 - 2016-09-15 18:36 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2016-09-30 22:45 - 2016-09-15 18:36 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2016-09-30 22:45 - 2016-09-15 18:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-30 22:45 - 2016-09-15 18:36 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-09-30 22:45 - 2016-09-15 18:35 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-09-30 22:45 - 2016-09-15 18:35 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-09-30 22:45 - 2016-09-15 18:35 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-09-30 22:45 - 2016-09-15 18:35 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2016-09-30 22:45 - 2016-09-15 18:35 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2016-09-30 22:45 - 2016-09-15 18:35 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-09-30 22:45 - 2016-09-15 18:35 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll
2016-09-30 22:45 - 2016-09-15 18:34 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-30 22:45 - 2016-09-15 18:34 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-09-30 22:45 - 2016-09-15 18:34 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2016-09-30 22:45 - 2016-09-15 18:34 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-09-30 22:45 - 2016-09-15 18:33 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2016-09-30 22:45 - 2016-09-15 18:33 - 01004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-09-30 22:45 - 2016-09-15 18:33 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2016-09-30 22:45 - 2016-09-15 18:33 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-30 22:45 - 2016-09-15 18:33 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-09-30 22:45 - 2016-09-15 18:33 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll
2016-09-30 22:45 - 2016-09-15 18:32 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-09-30 22:45 - 2016-09-15 18:32 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-09-30 22:45 - 2016-09-15 18:31 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-09-30 22:45 - 2016-09-15 18:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwrshplugin.dll
2016-09-30 22:45 - 2016-09-15 18:31 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-09-30 22:45 - 2016-09-15 18:30 - 03776512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-30 22:45 - 2016-09-15 18:30 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-09-30 22:45 - 2016-09-15 18:30 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-30 22:45 - 2016-09-15 18:30 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-30 22:45 - 2016-09-15 18:30 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2016-09-30 22:45 - 2016-09-15 18:29 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-09-30 22:45 - 2016-09-15 18:29 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-09-30 22:45 - 2016-09-15 18:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2016-09-30 22:45 - 2016-09-15 18:28 - 03288064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-30 22:45 - 2016-09-15 18:28 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2016-09-30 22:45 - 2016-09-15 18:28 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-09-30 22:45 - 2016-09-15 18:28 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-09-30 22:45 - 2016-09-15 18:27 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-30 22:45 - 2016-09-15 18:27 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-30 22:45 - 2016-09-15 18:27 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-09-30 22:45 - 2016-09-15 18:27 - 00702976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-09-30 22:45 - 2016-09-15 18:27 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAC3ENC.DLL
2016-09-30 22:45 - 2016-09-15 18:26 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2016-09-30 22:45 - 2016-09-15 18:25 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-30 22:45 - 2016-09-15 18:25 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-09-30 22:45 - 2016-09-15 18:25 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-09-30 22:45 - 2016-09-15 18:25 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundMediaPolicy.dll
2016-09-30 22:45 - 2016-09-15 18:24 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-09-30 22:45 - 2016-09-15 18:24 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-09-30 22:45 - 2016-09-15 18:24 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-09-30 22:45 - 2016-09-15 18:24 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-09-30 22:45 - 2016-09-15 18:24 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-09-30 22:45 - 2016-09-15 18:23 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-09-30 22:45 - 2016-09-15 18:23 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-09-30 22:45 - 2016-09-15 18:23 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2016-09-30 22:45 - 2016-09-15 18:23 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-09-30 22:45 - 2016-09-15 18:23 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-09-30 22:45 - 2016-09-15 18:23 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2016-09-30 22:45 - 2016-09-15 18:23 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-09-30 22:45 - 2016-09-15 18:22 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-09-30 22:45 - 2016-09-15 18:22 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-09-30 22:45 - 2016-09-15 18:22 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-30 22:45 - 2016-09-15 18:22 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-09-30 22:45 - 2016-09-15 18:22 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-09-30 22:45 - 2016-09-15 18:22 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-09-30 22:45 - 2016-09-15 18:21 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-09-30 22:45 - 2016-09-15 18:20 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-09-30 22:45 - 2016-09-15 18:20 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-30 22:45 - 2016-09-15 18:20 - 01710080 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-09-30 22:45 - 2016-09-15 18:20 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-09-30 22:45 - 2016-09-15 18:20 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-09-30 22:45 - 2016-09-15 18:19 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-09-30 22:45 - 2016-09-15 18:19 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2016-09-30 22:45 - 2016-09-15 18:19 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-30 22:45 - 2016-09-15 18:18 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2016-09-30 22:45 - 2016-09-15 18:18 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-09-30 22:45 - 2016-09-15 18:17 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-09-30 22:45 - 2016-09-15 18:17 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-09-30 22:45 - 2016-09-15 18:16 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-09-30 22:45 - 2016-09-15 18:16 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2016-09-30 22:45 - 2016-09-15 18:16 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2016-09-30 22:45 - 2016-08-06 05:34 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-30 22:45 - 2016-08-06 05:33 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-30 22:45 - 2016-08-05 10:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-30 22:43 - 2016-09-30 22:43 - 00108236 _____ C:\Users\hannibla34\Downloads\Nutzungsvereinbarung+Postfach.pdf
2016-09-30 22:23 - 2016-09-30 22:23 - 00001095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-23 10:55 - 2016-09-04 06:24 - 00723780 _____ C:\WINDOWS\system32\perfh007.dat
2016-10-23 10:55 - 2016-09-04 06:24 - 00163756 _____ C:\WINDOWS\system32\perfc007.dat
2016-10-23 10:55 - 2016-06-11 13:27 - 01953950 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-23 10:48 - 2016-09-03 20:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-23 10:48 - 2016-09-03 20:35 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-23 10:48 - 2016-09-03 20:32 - 00350896 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-23 10:48 - 2016-09-03 20:32 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-10-23 10:48 - 2014-11-28 17:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-22 23:16 - 2014-11-08 16:23 - 00036654 _____ C:\Users\hannibla34\Documents\Malware.odt
2016-10-22 20:07 - 2016-07-05 15:03 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-10-22 20:07 - 2016-07-05 15:02 - 00000000 ____D C:\Users\hannibla34\Desktop\mbar
2016-10-22 19:22 - 2015-01-24 18:06 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-22 19:22 - 2015-01-24 18:06 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-10-22 19:20 - 2016-06-27 17:17 - 00000000 ____D C:\Program Files (x86)\Java
2016-10-22 19:20 - 2014-10-22 18:25 - 00000000 ____D C:\ProgramData\Oracle
2016-10-22 17:27 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-10-22 17:10 - 2016-09-04 15:16 - 00000000 ____D C:\Users\hannibla34\AppData\Roaming\IObit
2016-10-22 17:10 - 2016-09-04 15:16 - 00000000 ____D C:\Program Files (x86)\IObit
2016-10-22 17:10 - 2014-05-17 08:21 - 00000000 ____D C:\ProgramData\IObit
2016-10-22 16:57 - 2014-11-25 18:42 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-10-22 15:40 - 2016-09-03 20:49 - 00002064 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-10-21 16:16 - 2015-03-08 16:27 - 00000000 ____D C:\Users\hannibla34\Downloads\Diverse Scans
2016-10-21 00:34 - 2014-05-16 05:10 - 00000000 ____D C:\Users\hannibla34\AppData\Roaming\vlc
2016-10-20 15:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-20 11:39 - 2014-11-30 01:14 - 00000000 ____D C:\ProgramData\Sirrix AG
2016-10-20 11:39 - 2014-11-30 01:14 - 00000000 ____D C:\Program Files (x86)\Sirrix AG
2016-10-20 11:32 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-20 11:32 - 2014-05-14 22:38 - 00000000 ____D C:\Users\hannibla34\AppData\Local\Packages
2016-10-18 22:34 - 2015-11-06 23:51 - 00000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-10-18 22:34 - 2014-05-19 01:17 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-18 17:45 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-16 23:34 - 2016-07-16 08:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2016-10-16 21:06 - 2014-05-16 04:59 - 00000000 ___RD C:\Users\hannibla34\Documents\Eigene Dateien
2016-10-16 16:04 - 2016-09-03 20:49 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-10-16 16:04 - 2015-11-06 23:38 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-10-15 15:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-10-13 23:44 - 2014-11-10 17:30 - 00000000 ____D C:\Users\hannibla34\AppData\Roaming\Everything
2016-10-13 23:27 - 2014-11-10 17:30 - 00000000 ____D C:\Program Files\Everything
2016-10-13 22:41 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-10-13 13:54 - 2016-09-03 18:48 - 00293352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-10-13 13:50 - 2014-06-09 15:30 - 00000000 ____D C:\AdwCleaner
2016-10-13 13:45 - 2014-11-24 20:26 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-10-12 23:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-10-12 23:25 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-10-12 22:38 - 2016-04-27 08:39 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-10-12 15:06 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-10-12 15:06 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-10-12 15:06 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-10-12 15:06 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-10-12 15:06 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-10-12 15:06 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-10-12 15:06 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-10-12 13:07 - 2014-05-15 02:57 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-12 12:57 - 2014-05-15 02:57 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-12 11:59 - 2016-07-16 13:43 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2016-10-12 11:59 - 2016-07-16 13:42 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2016-10-11 11:17 - 2016-09-02 21:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-10-10 21:46 - 2016-09-03 20:35 - 00319059 _____ C:\WINDOWS\system32\Drivers\RTWAVES40.dat
2016-10-10 21:46 - 2016-09-03 20:35 - 00006786 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat
2016-10-10 21:46 - 2016-09-03 20:35 - 00002626 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat
2016-10-10 21:46 - 2016-09-03 20:35 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-10-10 21:45 - 2014-12-11 15:15 - 05220360 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2016-10-10 21:45 - 2014-12-11 15:15 - 03283248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-10-10 21:45 - 2014-12-11 15:15 - 03133152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2016-10-10 21:45 - 2014-12-11 15:15 - 00192984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-10-10 21:45 - 2014-12-11 15:15 - 00023696 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2016-10-10 21:41 - 2016-03-28 22:01 - 00202848 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2016-10-03 22:09 - 2016-07-16 13:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-03 22:09 - 2016-07-16 13:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-03 16:10 - 2014-05-19 04:05 - 00000000 ____D C:\Users\hannibla34\AppData\Roaming\TV-Browser
2016-10-03 00:18 - 2015-03-25 14:51 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2016-10-03 00:17 - 2015-03-25 14:49 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-10-03 00:14 - 2016-09-03 20:35 - 00000000 ____D C:\ProgramData\Samsung
2016-10-03 00:10 - 2015-03-24 20:30 - 00000000 ____D C:\Users\hannibla34\AppData\Roaming\Samsung
2016-10-02 14:30 - 2016-09-03 20:39 - 00000000 ____D C:\Users\hannibla34
2016-10-02 14:28 - 2016-09-03 20:59 - 00002890 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-10-01 22:32 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-10-01 22:32 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-10-01 22:32 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-10-01 22:32 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2016-10-01 22:32 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-10-01 22:32 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-01 22:32 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-10-01 22:32 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-10-01 22:32 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-10-01 22:32 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-10-01 22:32 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-10-01 18:56 - 2015-11-06 23:38 - 00002131 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-10-01 00:37 - 2016-05-15 00:36 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2016-09-30 22:27 - 2016-09-03 18:48 - 00513632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-09-30 22:23 - 2016-09-03 20:49 - 00003994 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1472921408

==================== Files in the root of some directories =======

2014-06-19 14:54 - 2014-06-19 14:54 - 0000024 _____ () C:\Users\hannibla34\AppData\Roaming\temp.ini
2016-09-03 20:35 - 2016-09-03 20:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-10-18 00:08

==================== End of FRST.txt ============================

krautsand · 23.10.2016, 11:01

Hallo Jürgen,

vielen Dank für die schnelle Antwort.

Ich habe FRST.txt in zwei Teile aufgespalten, wil die Datei zu lang war. Jetzt noch der Addition.txt.

Ich hoffe, es ist nicht allzu verwirrend.....................

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-10-2016
Ran by hannibla34 (23-10-2016 11:09:42)
Running from C:\Users\hannibla34\Downloads
Windows 10 Home Version 1607 (X64) (2016-09-03 18:55:43)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-903397656-3433550281-814490945-500 - Administrator - Disabled)
BitBox (S-1-5-21-903397656-3433550281-814490945-1006 - Limited - Enabled)
DefaultAccount (S-1-5-21-903397656-3433550281-814490945-503 - Limited - Disabled)
Guest (S-1-5-21-903397656-3433550281-814490945-501 - Limited - Disabled)
hannibla34 (S-1-5-21-903397656-3433550281-814490945-1002 - Administrator - Enabled) => C:\Users\hannibla34
HomeGroupUser$ (S-1-5-21-903397656-3433550281-814490945-1004 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

. . . (Version: 2.1.28.3 - Intel) Hidden
. . . (x32 Version: 2.6.1.4 - Intel) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20039 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\AmUStor) (Version: 20.15.6362.54439 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.15.6362.54439 - Alcor Micro Corp.) Hidden
Ansel (Version: 372.70 - NVIDIA Corporation) Hidden
Atomuhr (HKLM-x32\...\{F5CEAB8C-19F8-4A29-9977-FED8D5DE6D31}) (Version: 1.0.1 - A. Weintrub)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 7.0.0.0 - Auslogics Labs Pty Ltd)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
CPUID HWMonitor 1.29 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Driver Booster 4.0 (HKLM-x32\...\Driver Booster_is1) (Version: 4.0.4 - IObit)
Elegant-Treiber Paket (HKLM-x32\...\Samsung Stylish UI Pack) (Version: 1.01.74.00 (09.02.2015) - Samsung Electronics Co., Ltd.)
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version:  - )
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.4.530 - DVDVideoSoft Ltd.)
Galeria de Fotografias (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
GalerÃ*a de fotos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
IntelÂ® Driver Update Utility (HKLM-x32\...\{fe2eebd3-ee15-4538-bb19-b627e3f2a911}) (Version: 2.6.1.4 - Intel)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.19.11.55 - Huawei Technologies Co.,Ltd)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
LibreOffice 5.2 Help Pack (German) (HKLM-x32\...\{C7DC16A3-8C61-434B-978E-8428AB3D8841}) (Version: 5.2.2.2 - The Document Foundation)
LibreOffice 5.2.2.2 (HKLM-x32\...\{69751441-D5E0-4668-893F-CB797B082D09}) (Version: 5.2.2.2 - The Document Foundation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version:  - )
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 49.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 de)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla)
Mozilla Thunderbird 45.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.4.0 (x86 de)) (Version: 45.4.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MyMicroBalance (HKLM-x32\...\{4B393BCF-3540-4B42-92BA-50E795066E9E}) (Version: 1.0.8 - G4BI)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.70 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Ã–ko-Treiber Pack (HKLM-x32\...\Samsung Eco Driver Pack) (Version: 2.01.06.00 (05.02.2015) - Samsung Electronics Co., Ltd.)
Power8 (HKLM-x32\...\{AEE2067B-73CC-4322-AF5A-1DA86E448E26}) (Version: 1.4.4.628 - Power8 team)
Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
RadiAnt DICOM Viewer (64-bit) (HKLM-x32\...\RadiAnt64) (Version: 1.9.14.7431 - Medixant)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7891 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.0 - VS Revo Group, Ltd.)
SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Samsung Drucker-Diagnose (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.4.7.04 - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 2.01.05 (11.02.2015) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 2.0.0.65 - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 2.01.28 (04.02.2015) - Samsung Electronics Co., Ltd.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.21 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version:  - Samsung Electronics Co., Ltd.)
Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.05.07 (20.07.2012) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.03.05.19 - Samsung Electronics Co., Ltd.) Hidden
Samsung SCX-472x Series (HKLM-x32\...\Samsung SCX-472x Series) (Version:  - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 3.31.79:03 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TV-Browser 3.4.3 (HKLM-x32\...\tvbrowser) (Version: 3.4.3 - TV-Browser Team)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.8 - Samsung Electronics CO., LTD.)
UsbFix (HKLM-x32\...\Usbfix) (Version: 7.807 - El Desaparecido - www.usbfix.net - www.sosvirus.net)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17354 - Microsoft Corporation)
WISO steuer:Sparbuch 2016 (HKLM-x32\...\{F6B7AD1A-FC00-424A-AB50-EA4E5FBC432E}) (Version: 23.00.1146 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKU\S-1-5-21-903397656-3433550281-814490945-1002\...\{AF2519A0-3640-41DB-BF30-DB6C108A99C9}) (Version: 21.00.8480 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2015 (HKLM-x32\...\{F0A14325-834A-4ADD-BAFA-B5DF0F64030A}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Î£Ï…Î»Î»Î¿Î³Î® Ï†Ï‰Ï„Î¿Î³Ï�Î±Ï†Î¹ÏŽÎ½ (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
å½±åƒ�ä¸*å¿ƒ (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
ç…§ç‰‡åº“ (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-903397656-3433550281-814490945-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\hannibla34\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A066C6B-000F-4A65-AB9B-6940BFDD45EE} - \WPD\SqmUpload_S-1-5-21-903397656-3433550281-814490945-1002 -> No File <==== ATTENTION
Task: {11A106BC-5E5D-4789-BBAB-CD159B4C10B6} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
Task: {1453CCEC-DBF6-4839-B77F-B64E654D8D4C} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.0.4\Scheduler.exe [2016-09-20] (IObit)
Task: {297DAC8B-1DB2-4C0B-BA90-C616C1838BBC} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {2C4B8AC4-41CD-4956-9654-ECD4767FAFCB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-12] (Adobe Systems Incorporated)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3D794281-38B0-461B-82BA-E2A1CD5DE3B5} - System32\Tasks\ASUS\ASUS Updater => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSFourceUpdater.exe
Task: {5A2A982A-166B-49F7-A113-8BF12659A15C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd)
Task: {5A76CF45-2D4E-4A09-B384-281D30AD08DC} - System32\Tasks\SafeZone scheduled Autoupdate 1472921408 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {61C7433A-6719-492E-ABC8-F1CCA2F5124A} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\hannibla34\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-09-03] (Microsoft Corporation)
Task: {67BCD63F-C426-48B9-AB83-F4958604E0A3} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe
Task: {682ED690-9AA9-4011-8360-8CD47E349B7E} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe
Task: {7573CD68-1982-4AFA-A8EC-18CF7A97813B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-10-12] (Microsoft Corporation)
Task: {943CEA94-5761-4155-AFA3-1EB3121998FD} - System32\Tasks\Driver Booster SkipUAC (hannibla34) => C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DriverBooster.exe [2016-10-09] (IObit)
Task: {96F795F7-8D05-4776-AC3A-E3ABEE04EAA3} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {A33C8CF8-61C4-411D-A666-FBD2C121882D} - System32\Tasks\{74D991CE-FE24-45B1-8499-0E6137032053} => pcalua.exe -a I:\PCgo.exe -d I:\
Task: {A9F02C50-0AFA-4774-B298-FC5361AB621B} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {B2029956-DCB4-4CE2-AC14-D8BA7ACD36D9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-03] (AVAST Software)
Task: {BDF00A52-C0D9-45F9-8834-8BF0B6D40019} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {CF263EF5-FD80-4F25-829D-36AA646DD609} - System32\Tasks\SafeZone scheduled Autoupdate 1462468405 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {DC525F3D-6C6F-4FA6-B0F0-3E27BE7AD911} - System32\Tasks\SafeZone scheduled Autoupdate 1446846246 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {EB67DF33-164F-4629-AC42-B12D81FA3FD8} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [2015-03-08] ()
Task: {F000F819-307A-4023-B2F2-518FC8F572A8} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-30 22:46 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-03 20:35 - 2016-08-25 23:12 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-25 14:50 - 2011-05-11 09:38 - 00034304 _____ () C:\WINDOWS\System32\ssa3mlm.dll
2015-02-20 09:01 - 2015-02-20 09:01 - 00022528 _____ () C:\WINDOWS\System32\us001lm.dll
2016-09-04 15:21 - 2016-09-04 15:21 - 00022528 _____ () C:\WINDOWS\System32\us003lm.dll
2015-03-18 00:16 - 2014-04-16 10:22 - 00029184 _____ () C:\WINDOWS\System32\usp02l.dll
2016-10-03 00:10 - 2015-03-12 04:43 - 00022528 _____ () C:\WINDOWS\System32\ux003lm.dll
2014-01-15 05:42 - 2014-01-15 05:42 - 00351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2016-10-03 00:15 - 2016-08-17 13:43 - 00499000 ____N () C:\WINDOWS\SysWoW64\spdsvc.exe
2016-10-03 00:10 - 2016-10-03 00:10 - 00143664 ____N () C:\WINDOWS\SysWoW64\SecUPDUtilSvc.exe
2016-09-02 22:25 - 2016-08-26 01:27 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-09-02 22:25 - 2016-08-26 01:27 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-09-02 22:25 - 2016-08-26 01:27 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-09-02 22:25 - 2016-08-26 01:27 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-06-08 18:04 - 2016-06-08 18:04 - 00117400 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2015-07-13 14:25 - 2014-04-26 08:15 - 00682064 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2016-09-02 22:25 - 2016-08-26 01:27 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-09-02 22:25 - 2016-08-26 01:27 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-09-02 22:25 - 2016-08-26 01:27 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-09-02 22:25 - 2016-08-26 01:27 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-09-02 22:25 - 2016-08-26 01:27 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-09-02 22:25 - 2016-08-26 01:27 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-09-30 22:46 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-03 20:58 - 2016-09-03 20:58 - 01864384 _____ () C:\Users\hannibla34\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-09-16 21:01 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-12 12:14 - 2016-10-05 11:35 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-12 12:15 - 2016-10-05 11:21 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-12 12:15 - 2016-10-05 11:13 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-12 12:15 - 2016-10-05 11:13 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-12 12:15 - 2016-10-05 11:13 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-12 12:15 - 2016-10-05 11:14 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-10-06 14:37 - 2014-12-05 16:32 - 00420352 _____ () C:\WINDOWS\system32\SaMinDrv.dll
2014-07-25 06:36 - 2014-09-18 07:08 - 00087552 ____N () C:\WINDOWS\system32\ssdevm64.dll
2016-09-03 18:48 - 2016-09-03 18:48 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-10-22 14:35 - 2016-10-22 14:35 - 03121496 _____ () C:\Program Files\AVAST Software\Avast\defs\16102200\algo.dll
2016-09-03 18:48 - 2016-09-03 18:48 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-10-03 00:17 - 2015-01-24 12:22 - 03029504 ____N () C:\WINDOWS\system32\DlgSearchEngine.dll
2015-07-13 14:25 - 2013-08-16 08:53 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2015-07-13 14:25 - 2013-08-16 08:53 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2015-07-13 14:25 - 2014-02-15 09:31 - 02416640 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2015-07-13 14:25 - 2014-02-15 09:33 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2016-09-02 22:25 - 2016-08-26 01:27 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-03 18:48 - 2016-09-03 18:48 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-09-22 19:40 - 2016-09-22 19:40 - 00404072 _____ () C:\Program Files (x86)\LibreOffice 5\program\glew32.dll
2016-09-22 19:40 - 2016-09-22 19:40 - 01034856 _____ () C:\Program Files (x86)\LibreOffice 5\program\libxml2.dll
2016-09-22 19:40 - 2016-09-22 19:40 - 00182888 _____ () C:\Program Files (x86)\LibreOffice 5\program\libxslt.dll
2016-09-22 19:41 - 2016-09-22 19:41 - 00116328 _____ () C:\Program Files (x86)\LibreOffice 5\program\python3.dll
2016-09-22 17:51 - 2016-09-22 17:51 - 00049152 _____ () C:\Program Files (x86)\LibreOffice 5\program\python-core-3.3.0\lib\_socket.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2016-01-14 23:41 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-903397656-3433550281-814490945-1002\Control Panel\Desktop\\Wallpaper -> M:\Eigene Bilder\Erinnerungsbilder\Erfurt\Erfurt,Zitadelle_Petersberg_Blick auf den Dom 12 10 2005.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 1) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "Virtual Router Manager.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Samsung Network PC Fax.lnk"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "RtHDVBg"
HKLM\...\StartupApproved\Run: => "CDAServer"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "Everything"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "ASUSPRP"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKU\S-1-5-21-903397656-3433550281-814490945-1002\...\StartupApproved\StartupFolder: => "WISO Mein Steuer-Sparbuch heute.lnk"
HKU\S-1-5-21-903397656-3433550281-814490945-1002\...\StartupApproved\StartupFolder: => "Mediencenter.lnk"
HKU\S-1-5-21-903397656-3433550281-814490945-1002\...\StartupApproved\Run: => "Advanced SystemCare 7"
HKU\S-1-5-21-903397656-3433550281-814490945-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-903397656-3433550281-814490945-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-903397656-3433550281-814490945-1002\...\StartupApproved\Run: => "Uninstall C:\Users\hannibla34\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-903397656-3433550281-814490945-1002\...\StartupApproved\Run: => "Uninstall C:\Users\hannibla34\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-903397656-3433550281-814490945-1002\...\StartupApproved\Run: => "STUISpeedLauncher"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2BD4D7B5-DD63-4BC7-9384-C72F89C0FAE1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DAB8C9A5-61DD-41DB-884A-A29DEAAB110E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F3B173FD-48B9-4C88-8DA4-C0412B157101}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F8D91D5E-440A-4E2C-B587-4CC89B00C677}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{85D04301-5F0D-424A-B051-E6E6CF4B1CBE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4AC1FB1D-7F9B-4C69-8402-4ECBA01930EC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5EDF4ED2-3246-45B2-B324-A9488D8605D5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{53A1FC65-895D-45F8-B707-AC83F4B18967}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser.exe
FirewallRules: [{EC5639B7-2D30-4A6A-BB83-7744B9B18B7F}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser.exe
FirewallRules: [{1ED2484A-115E-4946-981A-C7D037D1DDB8}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser_noDD.exe
FirewallRules: [{1652476E-D0C9-455E-9E33-A60BFA10A4D6}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser_noDD.exe
FirewallRules: [{02F04B9A-39AF-4BEF-A26C-CEF32CB3B375}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{93FEABAA-39E9-4487-9F9D-6A14A93D31CE}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [TCP Query User{5069CF40-BA57-4F69-A55F-319E45BB68F8}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{249028FF-C75C-4570-B25F-99840B60C0E6}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{7C97C9DD-51EE-4325-B34B-48EB52E379BC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4E74E2DF-29F9-4BB9-9D1E-39815BE93D90}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{BDD97E84-B3F2-4AC2-A965-5A57EB526806}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{48A74F90-3968-4D51-AD6C-2D4F95BDAE31}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{6DBFFF39-151E-4B34-9907-0EA233AF3ADD}] => (Allow) C:\Windows\twain_32\Samsung\SCX472x\SCNSearch\USDAgent.exe
FirewallRules: [{B008319C-E487-4D78-8821-13F71D9998C0}] => (Allow) C:\Windows\twain_32\Samsung\SCX472x\SCNSearch\USDAgent.exe
FirewallRules: [{A9208BC0-AA6E-4909-B2B4-D434439C7EA9}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{0F9FA671-1DC0-45EB-819E-528AB89430A2}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{7D2466FB-46A8-4D2E-BD79-08317AF67F81}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{4BFC0FE8-ED6E-45C0-9F24-18BF503196F8}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{A07D1881-6060-43AA-AC30-F95C686B9CC9}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
FirewallRules: [{95E7027C-EC3B-49D0-AC3A-872CDA002A07}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
FirewallRules: [{66B3817A-E1D3-4CFB-B9E4-DA4B0A2340B9}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{82327C54-E27D-46CF-9FE1-6EAA21918F27}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{D2DE1A0F-D57F-4EFE-B1F1-8A71F859BB7D}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
FirewallRules: [{987A45CE-06E7-415A-939F-1D42AA1F993F}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
FirewallRules: [{4DF55BA5-C96C-4506-93DE-09A2D5B72BB8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{56D60ED2-CA60-461A-B78E-702F1F4745A0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{82BC4EB4-4B38-4E8A-B5B3-B5616F5DB75C}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser.exe
FirewallRules: [{0E93B86F-46D9-4C8D-89A6-3060A3399F0D}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser.exe
FirewallRules: [{5F0D6BD9-6BAD-4421-A9A3-9646613631E2}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser_noDD.exe
FirewallRules: [{FC2E148E-CBEA-4A14-BBB0-01E73798FFE2}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser_noDD.exe
FirewallRules: [{5C198E3B-3A0D-4A5F-907D-A198FA71E845}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe
FirewallRules: [{8746A8A2-7EBB-4B60-A501-8FF18AC09EED}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe
FirewallRules: [{60FFA804-EB35-4F02-BBF3-2651469ED108}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe
FirewallRules: [{5F60920A-5815-4CC6-9727-E827F2AADB4C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe
FirewallRules: [{F59D476F-7007-40B9-8C2E-A58D28386280}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{06763CB0-041C-4042-9A8A-B679B952A5AA}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{D2BB22C8-8490-4E8B-BBA7-AA1637ACBBF6}] => (Allow) C:\Program Files (x86)\Samsung\Network PC Fax\drv\NetFaxMon64.exe
FirewallRules: [{605FB5CF-67AC-47E0-9BD1-AB8554A65967}] => (Allow) C:\Program Files (x86)\Samsung\Network PC Fax\drv\NetFaxMon.exe
FirewallRules: [{74DD5E0B-6F8E-4C36-BAA7-DEB24E7191C8}] => (Allow) C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxMon64.exe
FirewallRules: [{A51167BD-9A93-4A08-ABBC-0A03B019C7B5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe
FirewallRules: [{F5CB9172-4B3F-4D14-B043-764CB83A7B80}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{13DF45BD-9916-46BE-91A5-47936BEB8D57}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe
FirewallRules: [{A6D5CD38-58F5-4C76-99A3-FBDBCB55AE25}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe
FirewallRules: [{0D20E601-268F-4BC7-AC2F-61C930A60F23}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{5247658C-ED72-4282-B471-A4C5720D7AE3}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{EE6DCB97-CD2B-4456-B5C7-D1A4968BB984}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{A0F4E40E-E062-4F6D-A3DB-E24675A7F249}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{A87196E9-0F75-4613-88E1-90D4CA93EB9C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DriverBooster.exe
FirewallRules: [{A1A08825-F6C3-4A46-B445-6E37ED5D8E79}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DriverBooster.exe
FirewallRules: [{90E160A7-B178-4760-A676-A8BE85BC2B6B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DBDownloader.exe
FirewallRules: [{C1CFDCBD-D253-49EA-B4C6-F41AB42C9189}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DBDownloader.exe
FirewallRules: [{7CF87A20-5252-4E56-B105-6579047CC535}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\AutoUpdate.exe
FirewallRules: [{BED1C8EA-F20F-4855-A7A6-0BCD5F789336}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\AutoUpdate.exe

==================== Restore Points =========================

17-10-2016 14:59:59 JRT Pre-Junkware Removal
17-10-2016 15:01:23 JRT Pre-Junkware Removal
20-10-2016 11:48:04 Installed Oracle VM VirtualBox 5.0.20_Sirrix
21-10-2016 16:12:59 Installed Oracle VM VirtualBox 5.0.20_Sirrix
22-10-2016 16:56:05 Removed Java 8 Update 101
22-10-2016 17:05:07 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/22/2016 11:41:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: CCleaner64 (708) testing: Fehler -1032 (0xfffffbf8) beim Ã–ffnen von Protokolldatei C:\Users\hannibla34\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (10/22/2016 11:41:57 PM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (708) testing: Der Versuch, die Datei "C:\Users\hannibla34\AppData\Local\Microsoft\Windows\WebCache\V01.log" fÃ¼r den Lesezugriff zu Ã¶ffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Ã–ffnen von Dateien.

Error: (10/22/2016 10:01:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: CCleaner64 (6344) testing: Fehler -1032 (0xfffffbf8) beim Ã–ffnen von Protokolldatei C:\Users\hannibla34\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (10/22/2016 10:01:25 PM) (Source: ESENT) (EventID: 490) (User: )
Description: CCleaner64 (6344) testing: Der Versuch, die Datei "C:\Users\hannibla34\AppData\Local\Microsoft\Windows\WebCache\V01.log" fÃ¼r den Lese-/Schreibzugriff zu Ã¶ffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Ã–ffnen von Dateien.

Error: (10/22/2016 08:15:44 PM) (Source: MsiInstaller) (EventID: 11714) (User: wo)
Description: Product: Oracle VM VirtualBox 5.0.20_Sirrix -- Error 1714. The older version of Oracle VM VirtualBox 5.0.20_Sirrix cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (10/22/2016 08:15:42 PM) (Source: MsiInstaller) (EventID: 11714) (User: wo)
Description: Product: Oracle VM VirtualBox 5.0.20_Sirrix -- Error 1714. The older version of Oracle VM VirtualBox 5.0.20_Sirrix cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (10/22/2016 08:15:40 PM) (Source: MsiInstaller) (EventID: 11714) (User: wo)
Description: Product: Oracle VM VirtualBox 5.0.20_Sirrix -- Error 1714. The older version of Oracle VM VirtualBox 5.0.20_Sirrix cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (10/22/2016 08:15:38 PM) (Source: MsiInstaller) (EventID: 11714) (User: wo)
Description: Product: Oracle VM VirtualBox 5.0.20_Sirrix -- Error 1714. The older version of Oracle VM VirtualBox 5.0.20_Sirrix cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (10/22/2016 08:15:22 PM) (Source: MsiInstaller) (EventID: 11714) (User: wo)
Description: Product: Oracle VM VirtualBox 5.0.20_Sirrix -- Error 1714. The older version of Oracle VM VirtualBox 5.0.20_Sirrix cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (10/22/2016 08:12:14 PM) (Source: ESENT) (EventID: 454) (User: )
Description: CCleaner64 (7780) testing: Unerwarteter Fehler "-1032" bei der Datenbankwiederherstellung.


System errors:
=============
Error: (10/23/2016 10:51:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (10/23/2016 10:51:09 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst gupdate erreicht.

Error: (10/23/2016 10:51:09 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Connected Devices Platform Service" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (10/23/2016 10:49:38 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Connected Devices Platform Service" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (10/23/2016 10:49:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. RunOuc" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (10/23/2016 10:49:05 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. RunOuc erreicht.

Error: (10/23/2016 10:48:03 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 32212256841095488

Error: (10/23/2016 10:48:56 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am â€Ž10/â€Ž22/â€Ž2016 um 11:31:22 PM unerwartet heruntergefahren.

Error: (10/22/2016 08:24:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Durch die Berechtigungseinstellungen fÃ¼r "application-specific" wird dem Benutzer "NT AUTHORITY\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (Using LRPC)" keine Berechtigung vom Typ "Local Activation" fÃ¼r die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Unavailable" (SID: Unavailable) gewÃ¤hrt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool fÃ¼r Komponentendienste geÃ¤ndert werden.

Error: (10/19/2016 01:34:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Durch die Berechtigungseinstellungen fÃ¼r "application-specific" wird dem Benutzer "NT AUTHORITY\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (Using LRPC)" keine Berechtigung vom Typ "Local Activation" fÃ¼r die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Unavailable" (SID: Unavailable) gewÃ¤hrt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool fÃ¼r Komponentendienste geÃ¤ndert werden.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 27%
Total physical RAM: 8131.29 MB
Available physical RAM: 5921.2 MB
Total Virtual: 9411.29 MB
Available Virtual: 7004.46 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:150 GB) (Free:37.9 GB) NTFS
Drive d: (Data) (Fixed) (Total:764.71 GB) (Free:739.5 GB) NTFS
Drive f: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
Drive g: () (Removable) (Total:7.47 GB) (Free:6.46 GB) FAT32
Drive i: (DVD1) (CDROM) (Total:4.06 GB) (Free:0 GB) UDF
Drive m: (SAMSUNG) (Fixed) (Total:596.02 GB) (Free:179.35 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 74A7F63F)

Partition: GPT.

========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 596.2 GB) (Disk ID: F4CF956B)
Partition 1: (Active) - (Size=596.2 GB) - (Type=0C)

==================== End of Addition.txt ============================

deeprybka · 23.10.2016, 12:54

Schritt 1
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

krautsand · 28.10.2016, 19:58

Hallo Jürgen,

Es wurden keine infizierten Objekte gefunden.

Grüße

krautsand

deeprybka · 29.10.2016, 15:31

Bitte das Log posten wie beschrieben. Das gilt auch für alle weiteren Schritte und Logs.

krautsand · 29.10.2016, 16:17

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-10-2016
Ran by hannibla34 (administrator) on WO (29-10-2016 17:06:37)
Running from C:\Users\hannibla34\Downloads
Loaded Profiles: hannibla34 (Available Profiles: hannibla34)
Platform: Windows 10 Home Version 1607 (X64) Language: Englisch (Vereinigte Staaten)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Windows\SysWOW64\spdsvc.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8902664 2016-10-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1467400 2016-10-29] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-08] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-08-26] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1767944 2016-08-26] (NVIDIA Corporation)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9099440 2016-10-28] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-903397656-3433550281-814490945-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
HKU\S-1-5-21-903397656-3433550281-814490945-1002\...\Run: [STUISpeedLauncher] => C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [411136 2015-02-09] ()
HKU\S-1-5-21-903397656-3433550281-814490945-1002\...\RunOnce: [Uninstall C:\Users\hannibla34\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\hannibla34\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-03] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\JonDo.lnk [2016-10-16]
ShortcutTarget: JonDo.lnk -> C:\Program Files (x86)\JonDo\JonDo.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk [2016-10-03]
ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe (Samsung Electronics Co., Ltd.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{08cc1ffa-e995-4050-bae0-a889450459c4}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{254b7778-8ee2-4215-b214-3ed75a8c8c16}: [NameServer] 10.74.210.210 10.74.210.211

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\j 1\bin\ssv.dll [2016-10-22] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\j 1\bin\jp2ssv.dll [2016-10-22] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: pw7v4dn5.default-1422187340623
FF ProfilePath: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623 [2016-10-29]
FF NetworkProxy: Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623 -> type", 4
FF Extension: (Adblock Plus Pop-up Addon) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\Extensions\adblockpopups@jessehakanen.net.xpi [2016-05-04]
FF Extension: (German Dictionary, extended for Austria) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\Extensions\de-AT@dictionaries.addons.mozilla.org [2016-01-30]
FF Extension: (Element Hiding Helper for Adblock Plus) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\Extensions\elemhidehelper@adblockplus.org.xpi [2016-10-28]
FF Extension: (FoxyProxy Standard) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\Extensions\foxyproxy@eric.h.jung [2016-09-02]
FF Extension: (Privacy Badger) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2016-10-16]
FF Extension: (YouTubeâ„¢ HD Plus) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\Extensions\jid1-wkCmfgboni3B1Q@jetpack.xpi [2016-01-30]
FF Extension: (SQLite Manager) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2016-05-04]
FF Extension: (uBlock Origin) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\Extensions\uBlock0@raymondhill.net.xpi [2016-10-28]
FF Extension: (EPUBReader) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2016-09-02]
FF Extension: (Video DownloadHelper) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-10-11]
FF Extension: (Adblock Plus) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-28]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\searchplugins\duckduckgo-de.xml [2015-01-25]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\searchplugins\duckduckgo-html.xml [2015-01-25]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\searchplugins\dudende-suche.xml [2015-01-25]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\searchplugins\google-ssl-1.xml [2015-01-25]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\searchplugins\google-ssl-de.xml [2015-01-25]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\searchplugins\google-ssl.xml [2015-01-25]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\searchplugins\googletranslate.xml [2015-01-25]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\searchplugins\ixquick-https.xml [2015-01-25]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\pw7v4dn5.default-1422187340623\searchplugins\metager.xml [2015-01-25]
FF ProfilePath: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox [2016-10-29]
FF NewTab: Mozilla\Firefox\Profiles\JonDoFox -> about:blank
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\JonDoFox -> Startpage HTTPS
FF Homepage: Mozilla\Firefox\Profiles\JonDoFox -> about:home
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> ftp", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> ftp_port", 4001
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> gopher", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> gopher_port", 4001
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> http", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> http_port", 4001
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> no_proxies_on", ""
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> socks", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> socks_port", 4001
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> socks_remote_dns", true
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> ssl", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> ssl_port", 4001
FF NetworkProxy: Mozilla\Firefox\Profiles\JonDoFox -> type", 1
FF Extension: (HTTPS-Everywhere) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\https-everywhere@eff.org [2016-10-16]
FF Extension: (Adblock Plus) - C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-16]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\duckduckgo-ssl-javascript-free.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-de-ssl.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-encrypted-no-personalization.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick---deutsch.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---deutsch.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---english.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-eng-ger.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-esp-ale.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-fra-all.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\metager.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-deutsch.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-english.xml [2016-03-14]
FF SearchPlugin: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startpage-https---deutsch.xml [2016-03-14]
FF ProfilePath: C:\Users\hannibla34\AppData\Roaming\Mozilla\Firefox\Profiles\8w8h0nsx.Standard-Benutzer [2016-10-29]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-03]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-03]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-10-29] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-10-29] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\j 1\bin\dtplugin\npDeployJava1.dll [2016-10-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\j 1\bin\plugin2\npjp2.dll [2016-10-22] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-08-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-903397656-3433550281-814490945-1002: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2014-02-17] (Tracker Software Products (Canada) Ltd.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-03] (AVAST Software)
S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-08-26] (NVIDIA Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-08] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [682064 2014-04-26] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-08-26] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-08-26] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-08-26] (NVIDIA Corporation)
R2 Samsung Network Fax Server; C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxServer64.exe [633024 2015-02-04] (Samsung Electronics Co., Ltd.)
R2 Samsung Printer Dianostics Service; C:\WINDOWS\SysWOW64\\spdsvc.exe [499000 2016-08-17] ()
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWoW64\SecUPDUtilSvc.exe [143664 2016-10-03] ()
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiChargerDT; C:\Windows\SysWow64\drivers\AiChargerDT.sys [14880 2012-10-18] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-03] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-03] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-03] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-03] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-16] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-30] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-03] (AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2015-01-01] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [119272 2014-10-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [131608 2014-10-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [542672 2016-10-10] (Intel Corporation)
S3 huawei_wwanecm; C:\WINDOWS\system32\DRIVERS\ew_juwwanecm.sys [248320 2014-08-21] (Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS [27552 2016-09-04] (REALiX(tm))
S0 megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [64352 2016-10-05] (Avago Technologies)
S3 MEMSWEEP2; C:\Windows\system32\2284.tmp [6144 2009-06-18] (Sophos Plc) [File not signed]
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d3851cb7c8216f9e\nvlddmkm.sys [14216760 2016-08-27] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-08-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56376 2016-08-26] (NVIDIA Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42600 2016-09-04] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-29 17:06 - 2016-10-29 17:06 - 00000000 ____D C:\Users\hannibla34\Downloads\FRST-OlderVersion
2016-10-29 11:13 - 2016-10-29 11:13 - 72520720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-10-29 11:13 - 2016-10-29 11:13 - 07172920 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 07101220 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-10-29 11:13 - 2016-10-29 11:13 - 07096192 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 03291320 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 03283248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 03203592 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 03133848 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 02895104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-10-29 11:13 - 2016-10-29 11:13 - 02073096 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 02050184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 01965816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 01780624 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 01591064 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 01508936 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 01382240 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 01360520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 01166168 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00965032 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00873464 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00743968 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00727440 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00708320 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00678192 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00677680 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00618192 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00514528 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00504312 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00500560 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00441272 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00428232 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00330568 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00327456 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00272720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00253904 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00253872 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00252880 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00231920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00192984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00158704 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00151792 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00134208 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00090920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00088320 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2016-10-29 11:13 - 2016-10-29 11:13 - 00075544 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2016-10-29 11:10 - 2016-10-29 11:13 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-10-29 11:10 - 2016-10-29 11:10 - 00041952 _____ C:\WINDOWS\system32\AmUStor.ini
2016-10-29 11:10 - 2016-10-29 11:10 - 00000640 _____ C:\WINDOWS\system32\VendorCmd6435.bin
2016-10-29 11:10 - 2016-10-29 11:10 - 00000124 _____ C:\WINDOWS\system32\VendorCmd6485_SetSSC.bin
2016-10-29 11:10 - 2016-10-29 11:10 - 00000032 _____ C:\WINDOWS\system32\VendorCommand_MS1bit.bin
2016-10-29 11:10 - 2016-10-29 11:10 - 00000032 _____ C:\WINDOWS\system32\VendorCmd6485.bin
2016-10-29 11:10 - 2016-10-29 11:10 - 00000032 _____ C:\WINDOWS\system32\VendorCmd6465.bin
2016-10-29 11:10 - 2016-10-29 11:10 - 00000008 _____ C:\WINDOWS\system32\CardDetect6485.bin
2016-10-29 11:10 - 2016-10-29 11:10 - 00000008 _____ C:\WINDOWS\system32\CardDetect6339.bin
2016-10-28 21:02 - 2016-10-15 07:11 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-10-28 21:02 - 2016-10-15 06:51 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-10-28 21:02 - 2016-10-15 06:51 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-28 21:02 - 2016-10-15 06:51 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-28 21:02 - 2016-10-15 06:51 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-10-28 21:02 - 2016-10-15 06:51 - 00894088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-10-28 21:02 - 2016-10-15 06:51 - 00595296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-28 21:02 - 2016-10-15 06:51 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-10-28 21:02 - 2016-10-15 06:51 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-28 21:02 - 2016-10-15 06:51 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-28 21:02 - 2016-10-15 06:51 - 00283488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-10-28 21:02 - 2016-10-15 06:51 - 00232800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-10-28 21:02 - 2016-10-15 06:51 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-28 21:02 - 2016-10-15 06:51 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-28 21:02 - 2016-10-15 06:48 - 07817568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-10-28 21:02 - 2016-10-15 06:48 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-10-28 21:02 - 2016-10-15 06:48 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-10-28 21:02 - 2016-10-15 06:48 - 00773712 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-10-28 21:02 - 2016-10-15 06:48 - 00498952 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-10-28 21:02 - 2016-10-15 06:47 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-10-28 21:02 - 2016-10-15 06:43 - 01356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-10-28 21:02 - 2016-10-15 06:41 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-10-28 21:02 - 2016-10-15 06:38 - 00500064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-10-28 21:02 - 2016-10-15 06:37 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-10-28 21:02 - 2016-10-15 06:34 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-10-28 21:02 - 2016-10-15 06:33 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2016-10-28 21:02 - 2016-10-15 06:32 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-10-28 21:02 - 2016-10-15 06:31 - 02827864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-10-28 21:02 - 2016-10-15 06:30 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-10-28 21:02 - 2016-10-15 06:30 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-10-28 21:02 - 2016-10-15 06:30 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-10-28 21:02 - 2016-10-15 06:30 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-10-28 21:02 - 2016-10-15 06:30 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-10-28 21:02 - 2016-10-15 06:29 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-10-28 21:02 - 2016-10-15 06:29 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-10-28 21:02 - 2016-10-15 06:29 - 00908640 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2016-10-28 21:02 - 2016-10-15 06:29 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2016-10-28 21:02 - 2016-10-15 06:26 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-10-28 21:02 - 2016-10-15 06:26 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-10-28 21:02 - 2016-10-15 06:26 - 04129928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-10-28 21:02 - 2016-10-15 06:26 - 01990648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-28 21:02 - 2016-10-15 06:26 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-10-28 21:02 - 2016-10-15 06:26 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-10-28 21:02 - 2016-10-15 06:26 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-10-28 21:02 - 2016-10-15 06:26 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-10-28 21:02 - 2016-10-15 06:26 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-10-28 21:02 - 2016-10-15 06:26 - 00691080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-10-28 21:02 - 2016-10-15 06:26 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-10-28 21:02 - 2016-10-15 06:25 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-10-28 21:02 - 2016-10-15 06:25 - 00742704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-10-28 21:02 - 2016-10-15 06:22 - 01608896 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-10-28 21:02 - 2016-10-15 06:22 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-10-28 21:02 - 2016-10-15 06:22 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-10-28 21:02 - 2016-10-15 06:22 - 00628040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-10-28 21:02 - 2016-10-15 06:19 - 02256592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-10-28 21:02 - 2016-10-15 06:18 - 00749920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2016-10-28 21:02 - 2016-10-15 06:18 - 00576400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-10-28 21:02 - 2016-10-15 06:18 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-10-28 21:02 - 2016-10-15 06:15 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-10-28 21:02 - 2016-10-15 06:15 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-10-28 21:02 - 2016-10-15 06:15 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-10-28 21:02 - 2016-10-15 06:14 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-10-28 21:02 - 2016-10-15 06:11 - 01424488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-10-28 21:02 - 2016-10-15 06:11 - 01263848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-10-28 21:02 - 2016-10-15 06:11 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-10-28 21:02 - 2016-10-15 06:06 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-10-28 21:02 - 2016-10-15 06:05 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-28 21:02 - 2016-10-15 06:01 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-10-28 21:02 - 2016-10-15 06:00 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-10-28 21:02 - 2016-10-15 06:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-10-28 21:02 - 2016-10-15 06:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdole2.tlb
2016-10-28 21:02 - 2016-10-15 05:59 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-10-28 21:02 - 2016-10-15 05:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-10-28 21:02 - 2016-10-15 05:59 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-10-28 21:02 - 2016-10-15 05:58 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-10-28 21:02 - 2016-10-15 05:58 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-10-28 21:02 - 2016-10-15 05:58 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-10-28 21:02 - 2016-10-15 05:57 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-10-28 21:02 - 2016-10-15 05:57 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2016-10-28 21:02 - 2016-10-15 05:56 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2016-10-28 21:02 - 2016-10-15 05:56 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2016-10-28 21:02 - 2016-10-15 05:56 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-10-28 21:02 - 2016-10-15 05:56 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-10-28 21:02 - 2016-10-15 05:56 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-10-28 21:02 - 2016-10-15 05:56 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-10-28 21:02 - 2016-10-15 05:56 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-10-28 21:02 - 2016-10-15 05:56 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-10-28 21:02 - 2016-10-15 05:55 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-10-28 21:02 - 2016-10-15 05:55 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-10-28 21:02 - 2016-10-15 05:55 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2016-10-28 21:02 - 2016-10-15 05:55 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-10-28 21:02 - 2016-10-15 05:55 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-10-28 21:02 - 2016-10-15 05:55 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-10-28 21:02 - 2016-10-15 05:55 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2016-10-28 21:02 - 2016-10-15 05:54 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2016-10-28 21:02 - 2016-10-15 05:54 - 00555008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-10-28 21:02 - 2016-10-15 05:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-10-28 21:02 - 2016-10-15 05:54 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-10-28 21:02 - 2016-10-15 05:54 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingFolder.dll
2016-10-28 21:02 - 2016-10-15 05:54 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-10-28 21:02 - 2016-10-15 05:54 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-10-28 21:02 - 2016-10-15 05:54 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll
2016-10-28 21:02 - 2016-10-15 05:54 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-10-28 21:02 - 2016-10-15 05:53 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-10-28 21:02 - 2016-10-15 05:53 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-10-28 21:02 - 2016-10-15 05:53 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-10-28 21:02 - 2016-10-15 05:53 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-10-28 21:02 - 2016-10-15 05:53 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-10-28 21:02 - 2016-10-15 05:53 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-10-28 21:02 - 2016-10-15 05:53 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-10-28 21:02 - 2016-10-15 05:53 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-10-28 21:02 - 2016-10-15 05:52 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-10-28 21:02 - 2016-10-15 05:52 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-10-28 21:02 - 2016-10-15 05:52 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-10-28 21:02 - 2016-10-15 05:52 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-10-28 21:02 - 2016-10-15 05:52 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-10-28 21:02 - 2016-10-15 05:52 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-10-28 21:02 - 2016-10-15 05:52 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2016-10-28 21:02 - 2016-10-15 05:52 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-10-28 21:02 - 2016-10-15 05:52 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll
2016-10-28 21:02 - 2016-10-15 05:52 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-10-28 21:02 - 2016-10-15 05:51 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-10-28 21:02 - 2016-10-15 05:51 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-10-28 21:02 - 2016-10-15 05:50 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-10-28 21:02 - 2016-10-15 05:50 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-10-28 21:02 - 2016-10-15 05:50 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-10-28 21:02 - 2016-10-15 05:50 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-10-28 21:02 - 2016-10-15 05:50 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-10-28 21:02 - 2016-10-15 05:50 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-10-28 21:02 - 2016-10-15 05:50 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-10-28 21:02 - 2016-10-15 05:50 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-10-28 21:02 - 2016-10-15 05:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-10-28 21:02 - 2016-10-15 05:49 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-10-28 21:02 - 2016-10-15 05:49 - 01913344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-10-28 21:02 - 2016-10-15 05:49 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-10-28 21:02 - 2016-10-15 05:49 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-10-28 21:02 - 2016-10-15 05:49 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-10-28 21:02 - 2016-10-15 05:49 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-10-28 21:02 - 2016-10-15 05:49 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-10-28 21:02 - 2016-10-15 05:49 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-10-28 21:02 - 2016-10-15 05:49 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-10-28 21:02 - 2016-10-15 05:48 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-10-28 21:02 - 2016-10-15 05:48 - 01554944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-10-28 21:02 - 2016-10-15 05:48 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-10-28 21:02 - 2016-10-15 05:48 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-10-28 21:02 - 2016-10-15 05:47 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-10-28 21:02 - 2016-10-15 05:47 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-10-28 21:02 - 2016-10-15 05:47 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-10-28 21:02 - 2016-10-15 05:47 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-28 21:02 - 2016-10-15 05:47 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-10-28 21:02 - 2016-10-15 05:47 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-10-28 21:02 - 2016-10-15 05:46 - 03287552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-10-28 21:02 - 2016-10-15 05:46 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-28 21:02 - 2016-10-15 05:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-10-28 21:02 - 2016-10-15 05:46 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-10-28 21:02 - 2016-10-15 05:45 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-10-28 21:02 - 2016-10-15 05:45 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-28 21:02 - 2016-10-15 05:45 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-28 21:02 - 2016-10-15 05:45 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-10-28 21:02 - 2016-10-15 05:44 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-10-28 21:02 - 2016-10-15 05:44 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-28 21:02 - 2016-10-15 05:44 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-10-28 21:02 - 2016-10-15 05:44 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2016-10-28 21:02 - 2016-10-15 05:43 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-10-28 21:02 - 2016-10-15 05:43 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-10-28 21:02 - 2016-10-15 05:43 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2016-10-28 21:02 - 2016-10-15 05:43 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2016-10-28 21:02 - 2016-10-15 05:42 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-10-28 21:02 - 2016-10-15 05:42 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-10-28 21:02 - 2016-10-15 05:42 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-10-28 21:02 - 2016-10-15 05:42 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-10-28 21:02 - 2016-10-15 05:42 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-10-28 21:02 - 2016-10-15 05:42 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-10-28 21:02 - 2016-10-15 05:41 - 12174848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-10-28 21:02 - 2016-10-15 05:41 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-10-28 21:02 - 2016-10-15 05:41 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-10-28 21:02 - 2016-10-15 05:41 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-10-28 21:02 - 2016-10-15 05:41 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-10-28 21:02 - 2016-10-15 05:41 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-10-28 21:02 - 2016-10-15 05:41 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-10-28 21:02 - 2016-10-15 05:41 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2016-10-28 21:02 - 2016-10-15 05:40 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-10-28 21:02 - 2016-10-15 05:39 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-10-28 21:02 - 2016-10-15 05:39 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-28 21:02 - 2016-10-15 05:39 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-10-28 21:02 - 2016-10-15 05:39 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-10-28 21:02 - 2016-10-15 05:39 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-10-28 21:02 - 2016-10-15 05:39 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-10-28 21:02 - 2016-10-15 05:39 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-10-28 21:02 - 2016-10-15 05:39 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-10-28 21:02 - 2016-10-15 05:39 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-10-28 21:02 - 2016-10-15 05:39 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-10-28 21:02 - 2016-10-15 05:39 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-10-28 21:02 - 2016-10-15 05:39 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-10-28 21:02 - 2016-10-15 05:39 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-10-28 21:02 - 2016-10-15 05:38 - 07468032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-10-28 21:02 - 2016-10-15 05:38 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-10-28 21:02 - 2016-10-15 05:38 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-10-28 21:02 - 2016-10-15 05:38 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-10-28 21:02 - 2016-10-15 05:38 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-10-28 21:02 - 2016-10-15 05:38 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-10-28 21:02 - 2016-10-15 05:38 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-10-28 21:02 - 2016-10-15 05:37 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-10-28 21:02 - 2016-10-15 05:37 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-10-28 21:02 - 2016-10-15 05:37 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-10-28 21:02 - 2016-10-15 05:37 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-10-28 21:02 - 2016-10-15 05:37 - 01980416 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-28 21:02 - 2016-10-15 05:37 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-10-28 21:02 - 2016-10-15 05:37 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-10-28 21:02 - 2016-10-15 05:37 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-10-28 21:02 - 2016-10-15 05:37 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmifw.dll
2016-10-28 21:02 - 2016-10-15 05:36 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-10-28 21:02 - 2016-10-15 05:36 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-10-28 21:02 - 2016-10-15 05:36 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-10-28 21:02 - 2016-10-15 05:36 - 02290176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-10-28 21:02 - 2016-10-15 05:36 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-10-28 21:02 - 2016-10-15 05:36 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-10-28 21:02 - 2016-10-15 05:36 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-10-28 21:02 - 2016-10-15 05:36 - 01492480 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-10-28 21:02 - 2016-10-15 05:36 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-10-28 21:02 - 2016-10-15 05:36 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-10-28 21:02 - 2016-10-15 05:36 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-10-28 21:02 - 2016-10-15 05:36 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-10-28 21:02 - 2016-10-15 05:36 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-10-28 21:02 - 2016-10-15 05:36 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-10-28 21:02 - 2016-10-15 05:36 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-10-28 21:02 - 2016-10-15 05:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-10-28 21:02 - 2016-10-15 05:36 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-10-28 21:02 - 2016-10-15 05:36 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2016-10-28 21:02 - 2016-10-15 05:36 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmifw.dll
2016-10-28 21:02 - 2016-10-15 05:35 - 03054080 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-10-28 21:02 - 2016-10-15 05:35 - 02999808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-10-28 21:02 - 2016-10-15 05:35 - 02708992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-10-28 21:02 - 2016-10-15 05:35 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-10-28 21:02 - 2016-10-15 05:35 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-10-28 21:02 - 2016-10-15 05:35 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-10-28 21:02 - 2016-10-15 05:35 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-10-28 21:02 - 2016-10-15 05:35 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-10-28 21:02 - 2016-10-15 05:35 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-10-28 21:02 - 2016-10-15 05:35 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-10-28 21:02 - 2016-10-15 05:35 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-10-28 21:02 - 2016-10-15 05:35 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-10-28 21:02 - 2016-10-15 05:35 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-10-28 21:02 - 2016-10-15 05:34 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-10-28 21:02 - 2016-10-15 05:34 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-28 21:02 - 2016-10-15 05:34 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-10-28 21:02 - 2016-10-15 05:34 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-10-28 21:02 - 2016-10-15 05:34 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-10-28 21:02 - 2016-10-15 05:32 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-10-28 21:02 - 2016-10-15 05:31 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2016-10-28 21:02 - 2016-09-10 15:21 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-10-28 21:02 - 2016-08-27 07:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-10-28 21:02 - 2016-08-06 06:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-28 21:01 - 2016-10-15 06:38 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-10-28 21:01 - 2016-10-15 06:32 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-10-28 21:01 - 2016-10-15 06:31 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-10-28 21:01 - 2016-10-15 06:31 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-10-28 21:01 - 2016-10-15 06:31 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-10-28 21:01 - 2016-10-15 06:31 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-10-28 21:01 - 2016-10-15 06:30 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-10-28 21:01 - 2016-10-15 06:29 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-10-28 21:01 - 2016-10-15 06:26 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-10-28 21:01 - 2016-10-15 06:26 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-10-28 21:01 - 2016-10-15 06:21 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-10-28 21:01 - 2016-10-15 06:21 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-10-28 21:01 - 2016-10-15 06:21 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-10-28 21:01 - 2016-10-15 06:20 - 02276736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-10-28 21:01 - 2016-10-15 06:19 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-10-28 21:01 - 2016-10-15 06:18 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-10-28 21:01 - 2016-10-15 06:18 - 01556712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-10-28 21:01 - 2016-10-15 06:18 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-10-28 21:01 - 2016-10-15 06:15 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-10-28 21:01 - 2016-10-15 06:15 - 01853776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-10-28 21:01 - 2016-10-15 06:15 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-10-28 21:01 - 2016-10-15 06:15 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-10-28 21:01 - 2016-10-15 06:15 - 00687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-10-28 21:01 - 2016-10-15 06:11 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-10-28 21:01 - 2016-10-15 06:02 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-10-28 21:01 - 2016-10-15 06:00 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2016-10-28 21:01 - 2016-10-15 05:59 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\stdole2.tlb
2016-10-28 21:01 - 2016-10-15 05:57 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-10-28 21:01 - 2016-10-15 05:56 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2016-10-28 21:01 - 2016-10-15 05:56 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-10-28 21:01 - 2016-10-15 05:56 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2016-10-28 21:01 - 2016-10-15 05:55 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-10-28 21:01 - 2016-10-15 05:54 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-10-28 21:01 - 2016-10-15 05:54 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-10-28 21:01 - 2016-10-15 05:54 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-10-28 21:01 - 2016-10-15 05:53 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-10-28 21:01 - 2016-10-15 05:52 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-10-28 21:01 - 2016-10-15 05:52 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-10-28 21:01 - 2016-10-15 05:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-10-28 21:01 - 2016-10-15 05:52 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-10-28 21:01 - 2016-10-15 05:51 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-10-28 21:01 - 2016-10-15 05:51 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-10-28 21:01 - 2016-10-15 05:50 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-10-28 21:01 - 2016-10-15 05:49 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-10-28 21:01 - 2016-10-15 05:48 - 23680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-10-28 21:01 - 2016-10-15 05:47 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-10-28 21:01 - 2016-10-15 05:46 - 19418112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-10-28 21:01 - 2016-10-15 05:46 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-10-28 21:01 - 2016-10-15 05:45 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-10-28 21:01 - 2016-10-15 05:44 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-10-28 21:01 - 2016-10-15 05:44 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-10-28 21:01 - 2016-10-15 05:42 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-10-28 21:01 - 2016-10-15 05:42 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-10-28 21:01 - 2016-10-15 05:42 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-10-28 21:01 - 2016-10-15 05:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2016-10-28 21:01 - 2016-10-15 05:41 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-10-28 21:01 - 2016-10-15 05:40 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-10-28 21:01 - 2016-10-15 05:39 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-10-28 21:01 - 2016-10-15 05:39 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-10-28 21:01 - 2016-10-15 05:39 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-10-28 21:01 - 2016-10-15 05:37 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-10-28 21:01 - 2016-10-15 05:37 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-10-28 21:01 - 2016-10-15 05:37 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-10-28 21:01 - 2016-10-15 05:37 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-10-28 21:01 - 2016-10-15 05:36 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-10-28 21:01 - 2016-10-15 05:36 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-10-28 21:01 - 2016-10-15 05:36 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-10-28 21:01 - 2016-10-15 05:36 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-10-28 21:01 - 2016-10-15 05:36 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-10-28 21:01 - 2016-10-15 05:35 - 02670592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-10-28 21:01 - 2016-10-15 05:35 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-28 21:01 - 2016-10-15 05:35 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-10-28 21:01 - 2016-10-15 05:35 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-10-28 21:01 - 2016-10-15 05:35 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-10-28 21:01 - 2016-10-15 05:34 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-28 20:54 - 2016-10-28 20:59 - 00088720 _____ C:\TDSSKiller.3.1.0.11_28.10.2016_20.54.36_log.txt
2016-10-28 20:52 - 2016-10-28 20:52 - 01474568 _____ C:\Users\hannibla34\Downloads\TDSSKiller - CHIP-Installer.exe
2016-10-23 11:09 - 2016-10-29 17:07 - 00024678 _____ C:\Users\hannibla34\Downloads\FRST.txt
2016-10-23 11:09 - 2016-10-23 11:10 - 00041323 _____ C:\Users\hannibla34\Downloads\Addition.txt
2016-10-23 10:58 - 2016-10-29 17:06 - 00000000 ____D C:\FRST
2016-10-23 10:57 - 2016-10-29 17:06 - 02408448 _____ (Farbar) C:\Users\hannibla34\Downloads\FRST64.exe
2016-10-22 23:38 - 2016-10-22 23:38 - 00010558 _____ C:\Users\hannibla34\Documents\Malware kurz.odt
2016-10-22 19:20 - 2016-10-22 19:20 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-10-22 19:20 - 2016-10-22 19:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-10-22 17:10 - 2016-10-29 17:05 - 00003032 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (hannibla34)
2016-10-22 17:10 - 2016-10-22 17:10 - 00003378 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2016-10-22 17:10 - 2016-10-22 17:10 - 00000000 ____D C:\ProgramData\ProductData
2016-10-22 14:35 - 2016-10-22 14:35 - 00000000 ____D C:\Users\hannibla34\AppData\Roaming\JonDo
2016-10-20 11:44 - 2016-10-20 11:44 - 00248343 _____ C:\Users\hannibla34\Downloads\Divi Basii Westfassade -Architekturzeichnung - Rekonstrukionsversuch der ursprÃ¼nglichen Westfasade.jpeg
2016-10-20 11:40 - 2016-10-20 11:47 - 651661120 _____ (Sirrix AG) C:\Users\hannibla34\Downloads\Browser_In_The_Box.4.3.2-r211.firefox.Archive.exe
2016-10-18 22:43 - 2016-10-29 11:14 - 00002332 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2016-10-18 22:43 - 2016-10-22 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2016-10-16 15:46 - 2016-10-16 15:46 - 00000000 ____D C:\Users\hannibla34\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JonDoFox
2016-10-16 15:41 - 2016-10-22 17:46 - 00000000 ____D C:\Program Files (x86)\JonDo
2016-10-16 15:41 - 2016-10-16 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JonDo
2016-10-13 23:27 - 2016-10-13 23:27 - 00000000 ____D C:\Users\hannibla34\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2016-10-13 19:58 - 2016-10-13 19:59 - 00726048 _____ C:\Users\hannibla34\Downloads\Stadtwerdung im berliner Nordosten - urbanisierung zwischen 1820 und 1920 - Ausstellungskonzeption.pdf
2016-10-13 13:42 - 2016-10-13 13:42 - 03874368 _____ C:\Users\hannibla34\Downloads\adwcleaner_6.021.exe
2016-10-12 23:11 - 2016-10-12 23:11 - 00078589 _____ C:\Users\hannibla34\Downloads\108979_Lange_Nacht_der_Tasten.pdf
2016-10-12 12:15 - 2016-10-05 12:31 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-10-12 12:15 - 2016-10-05 12:17 - 01322848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2016-10-12 12:15 - 2016-10-05 12:13 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-10-12 12:15 - 2016-10-05 12:13 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2016-10-12 12:15 - 2016-10-05 12:12 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-10-12 12:15 - 2016-10-05 12:12 - 01112928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-10-12 12:15 - 2016-10-05 12:09 - 00064352 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\MegaSas2i.sys
2016-10-12 12:15 - 2016-10-05 12:08 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-10-12 12:15 - 2016-10-05 12:03 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-10-12 12:15 - 2016-10-05 11:51 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-10-12 12:15 - 2016-10-05 11:50 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2016-10-12 12:15 - 2016-10-05 11:48 - 01022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-10-12 12:15 - 2016-10-05 11:46 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-10-12 12:15 - 2016-10-05 11:46 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-10-12 12:15 - 2016-10-05 11:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-10-12 12:15 - 2016-10-05 11:38 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2016-10-12 12:15 - 2016-10-05 11:36 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-12 12:15 - 2016-10-05 11:35 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2016-10-12 12:15 - 2016-10-05 11:35 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2016-10-12 12:15 - 2016-10-05 11:33 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2016-10-12 12:15 - 2016-10-05 11:33 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-10-12 12:15 - 2016-10-05 11:33 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-10-12 12:15 - 2016-10-05 11:32 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-10-12 12:15 - 2016-10-05 11:32 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-10-12 12:15 - 2016-10-05 11:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2016-10-12 12:15 - 2016-10-05 11:32 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-10-12 12:15 - 2016-10-05 11:31 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-10-12 12:15 - 2016-10-05 11:31 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-10-12 12:15 - 2016-10-05 11:31 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2016-10-12 12:15 - 2016-10-05 11:31 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2016-10-12 12:15 - 2016-10-05 11:31 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-10-12 12:15 - 2016-10-05 11:30 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2016-10-12 12:15 - 2016-10-05 11:29 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2016-10-12 12:15 - 2016-10-05 11:28 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-10-12 12:15 - 2016-10-05 11:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-10-12 12:15 - 2016-10-05 11:28 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2016-10-12 12:15 - 2016-10-05 11:27 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-10-12 12:15 - 2016-10-05 11:27 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-10-12 12:15 - 2016-10-05 11:27 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-12 12:15 - 2016-10-05 11:26 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-10-12 12:15 - 2016-10-05 11:26 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-10-12 12:15 - 2016-10-05 11:26 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2016-10-12 12:15 - 2016-10-05 11:26 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2016-10-12 12:15 - 2016-10-05 11:25 - 01589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-10-12 12:15 - 2016-10-05 11:25 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-10-12 12:15 - 2016-10-05 11:25 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2016-10-12 12:15 - 2016-10-05 11:25 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-10-12 12:15 - 2016-10-05 11:25 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2016-10-12 12:15 - 2016-10-05 11:24 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2016-10-12 12:15 - 2016-10-05 11:24 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2016-10-12 12:15 - 2016-10-05 11:23 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-10-12 12:15 - 2016-10-05 11:23 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2016-10-12 12:15 - 2016-10-05 11:23 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-10-12 12:15 - 2016-10-05 11:23 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2016-10-12 12:15 - 2016-10-05 11:23 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-10-12 12:15 - 2016-10-05 11:21 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-10-12 12:15 - 2016-10-05 11:21 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-10-12 12:15 - 2016-10-05 11:20 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-10-12 12:15 - 2016-10-05 11:20 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-10-12 12:15 - 2016-10-05 11:19 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2016-10-12 12:15 - 2016-10-05 11:18 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-10-12 12:15 - 2016-10-05 11:18 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-10-12 12:15 - 2016-10-05 11:18 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-10-12 12:15 - 2016-10-05 11:17 - 08126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-10-12 12:15 - 2016-10-05 11:17 - 02914304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-10-12 12:15 - 2016-10-05 11:16 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-10-12 12:15 - 2016-10-05 11:16 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-10-12 12:15 - 2016-10-05 11:16 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-10-12 12:15 - 2016-10-05 11:15 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-10-12 12:15 - 2016-10-05 11:15 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-10-12 12:15 - 2016-10-05 11:15 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2016-10-12 12:15 - 2016-10-05 11:14 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-10-12 12:15 - 2016-10-05 11:13 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-10-12 12:15 - 2016-10-05 11:13 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2016-10-12 12:15 - 2016-10-05 11:12 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-10-12 12:15 - 2016-10-05 11:12 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-10-12 12:15 - 2016-10-05 11:12 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-10-12 12:15 - 2016-10-05 11:11 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-10-12 12:15 - 2016-10-05 11:11 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-10-12 12:15 - 2016-10-05 11:11 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-10-12 12:15 - 2016-10-05 11:10 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-10-12 12:15 - 2016-10-05 11:09 - 03369984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-10-12 12:15 - 2016-10-05 11:09 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-10-12 12:15 - 2016-10-05 11:09 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-10-12 12:15 - 2016-10-05 11:08 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-10-12 12:15 - 2016-10-05 11:08 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-10-12 12:15 - 2016-10-05 11:08 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-10-12 12:15 - 2016-10-05 11:07 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-10-12 12:15 - 2016-10-05 11:07 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-10-12 12:15 - 2016-10-05 11:07 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-10-12 12:15 - 2016-10-05 11:07 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-10-12 12:15 - 2016-10-05 11:06 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-10-12 12:15 - 2016-10-05 11:06 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-10-12 12:15 - 2016-10-05 11:05 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-10-12 12:15 - 2016-10-05 11:05 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-10-12 12:15 - 2016-10-05 02:01 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-10-12 12:15 - 2016-09-07 07:34 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-10-12 12:14 - 2016-10-05 12:35 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-10-12 12:14 - 2016-10-05 12:33 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2016-10-12 12:14 - 2016-10-05 12:22 - 01181536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-10-12 12:14 - 2016-10-05 12:16 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-10-12 12:14 - 2016-10-05 12:09 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-10-12 12:14 - 2016-10-05 11:49 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-10-12 12:14 - 2016-10-05 11:36 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-10-12 12:14 - 2016-10-05 11:35 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2016-10-12 12:14 - 2016-10-05 11:35 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-10-12 12:14 - 2016-10-05 11:34 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-10-12 12:14 - 2016-10-05 11:31 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-10-12 12:14 - 2016-10-05 11:31 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-10-12 12:14 - 2016-10-05 11:29 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-10-12 12:14 - 2016-10-05 11:28 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-10-12 12:14 - 2016-10-05 11:28 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2016-10-12 12:14 - 2016-10-05 11:23 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-10-12 12:14 - 2016-10-05 11:22 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2016-10-12 12:14 - 2016-10-05 11:21 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-10-12 12:14 - 2016-10-05 11:20 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-10-12 12:14 - 2016-10-05 11:18 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-10-12 12:14 - 2016-10-05 11:17 - 04136960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-10-12 12:14 - 2016-10-05 11:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
2016-10-12 12:14 - 2016-10-05 11:16 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-10-12 12:14 - 2016-10-05 11:16 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-10-12 12:14 - 2016-10-05 11:15 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-10-12 12:14 - 2016-10-05 11:15 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-10-12 12:14 - 2016-10-05 11:14 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-10-12 12:14 - 2016-10-05 11:14 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-10-12 12:14 - 2016-10-05 11:07 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2016-10-10 21:41 - 2016-10-10 21:41 - 00542672 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\e1d65x64.sys
2016-10-10 21:41 - 2016-10-10 21:41 - 00125728 _____ (Intel Corporation) C:\WINDOWS\system32\NicCo4.dll
2016-10-10 21:41 - 2016-10-10 21:41 - 00090608 _____ (Intel Corporation) C:\WINDOWS\system32\NicInstD.dll
2016-10-10 21:41 - 2016-10-10 21:41 - 00075288 _____ (Intel Corporation) C:\WINDOWS\system32\e1dmsg.dll
2016-10-10 21:41 - 2016-10-10 21:41 - 00003130 _____ C:\WINDOWS\system32\e1d65x64.din
2016-10-03 00:18 - 2016-10-13 15:36 - 00002784 _____ C:\WINDOWS\System32\Tasks\EPM Preload
2016-10-03 00:18 - 2016-10-03 00:18 - 00000000 ____D C:\Program Files\Common Files\Common Desktop Agent
2016-10-03 00:17 - 2016-10-03 00:17 - 00000000 ____D C:\Users\hannibla34\AppData\Local\Samsung
2016-10-03 00:17 - 2016-10-03 00:17 - 00000000 ____D C:\Program Files\Samsung
2016-10-03 00:17 - 2015-01-24 12:22 - 03029504 ____N C:\WINDOWS\system32\DlgSearchEngine.dll
2016-10-03 00:15 - 2016-10-03 00:15 - 00002353 _____ C:\Users\Public\Desktop\Samsung Drucker-Diagnose.lnk
2016-10-03 00:15 - 2016-08-28 10:23 - 00018055 ____N C:\WINDOWS\SysWOW64\spddata.xml
2016-10-03 00:15 - 2016-08-17 13:43 - 00499000 ____N C:\WINDOWS\SysWOW64\spdsvc.exe
2016-10-03 00:10 - 2016-10-03 00:10 - 00143664 ____N C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe
2016-10-03 00:10 - 2016-10-03 00:10 - 00143664 ____N C:\WINDOWS\system32\SecUPDUtilSvc.exe
2016-10-03 00:10 - 2016-08-17 07:41 - 02078208 ____N C:\WINDOWS\SysWOW64\DlgSearchEngine.dll
2016-10-03 00:10 - 2015-03-12 04:43 - 00089600 _____ (SS) C:\WINDOWS\system32\ux003ci.dll
2016-10-03 00:10 - 2015-03-12 04:43 - 00022528 _____ () C:\WINDOWS\system32\ux003lm.dll
2016-10-03 00:10 - 2015-02-04 06:41 - 00158016 _____ C:\WINDOWS\system32\ux003ci.exe
2016-10-03 00:05 - 2016-10-03 00:06 - 28455728 _____ C:\Users\hannibla34\Downloads\SamsungUniversalPrintDriver3XPS.exe
2016-10-01 22:43 - 2016-10-01 22:43 - 00632904 _____ (O&O Software GmbH) C:\Users\hannibla34\Downloads\OOSU10.exe
2016-10-01 20:50 - 2016-10-01 20:50 - 16581414 _____ C:\Users\hannibla34\Downloads\Jilet Ayse, Ich bin voooll sauer !!!.mp4
2016-10-01 20:22 - 2016-10-23 13:07 - 00036636 _____ C:\Users\hannibla34\Documents\Berlin.odt
2016-10-01 20:07 - 2016-10-01 20:07 - 00502496 _____ C:\Users\hannibla34\Downloads\bezirksregionen_und_prognoseraume.pdf
2016-10-01 18:57 - 2016-10-01 18:57 - 09072300 _____ C:\Users\hannibla34\Downloads\kurzzusammenfassung_bzrp.pdf
2016-10-01 18:54 - 2016-10-01 18:54 - 09794166 _____ C:\Users\hannibla34\Downloads\wie-liest-man-ein-bezirksregionenprofil.pdf
2016-10-01 00:37 - 2016-10-01 00:37 - 00001219 _____ C:\Users\Public\Desktop\LibreOffice 5.2.lnk
2016-10-01 00:37 - 2016-10-01 00:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.2
2016-09-30 22:48 - 2016-09-30 22:48 - 00108236 _____ C:\Users\hannibla34\Downloads\Nutzungsvereinbarung+Postfach(1).pdf
2016-09-30 22:46 - 2016-10-23 10:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-30 22:46 - 2016-09-15 19:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2016-09-30 22:46 - 2016-09-15 19:33 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-09-30 22:46 - 2016-09-15 19:30 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-09-30 22:46 - 2016-09-15 19:29 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2016-09-30 22:46 - 2016-09-15 19:29 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-09-30 22:46 - 2016-09-15 19:29 - 00512416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2016-09-30 22:46 - 2016-09-15 19:27 - 00434528 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-09-30 22:46 - 2016-09-15 19:25 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-30 22:46 - 2016-09-15 19:23 - 00170960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-09-30 22:46 - 2016-09-15 19:22 - 00860512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-30 22:46 - 2016-09-15 19:21 - 01000288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-09-30 22:46 - 2016-09-15 19:20 - 00634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2016-09-30 22:46 - 2016-09-15 19:18 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-30 22:46 - 2016-09-15 19:16 - 01292640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-30 22:46 - 2016-09-15 19:16 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-09-30 22:46 - 2016-09-15 19:15 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-09-30 22:46 - 2016-09-15 19:14 - 00119648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2016-09-30 22:46 - 2016-09-15 19:13 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2016-09-30 22:46 - 2016-09-15 19:12 - 08158672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-09-30 22:46 - 2016-09-15 19:12 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-30 22:46 - 2016-09-15 19:06 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-09-30 22:46 - 2016-09-15 19:03 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-09-30 22:46 - 2016-09-15 19:03 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TempSignedLicenseExchangeTask.dll
2016-09-30 22:46 - 2016-09-15 19:03 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2016-09-30 22:46 - 2016-09-15 19:01 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2016-09-30 22:46 - 2016-09-15 19:00 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-30 22:46 - 2016-09-15 18:59 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovslegacy.dll
2016-09-30 22:46 - 2016-09-15 18:58 - 00491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-30 22:46 - 2016-09-15 18:58 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlancfg.dll
2016-09-30 22:46 - 2016-09-15 18:57 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2016-09-30 22:46 - 2016-09-15 18:56 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2016-09-30 22:46 - 2016-09-15 18:56 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2016-09-30 22:46 - 2016-09-15 18:56 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManagerApi.dll
2016-09-30 22:46 - 2016-09-15 18:55 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2016-09-30 22:46 - 2016-09-15 18:55 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2016-09-30 22:46 - 2016-09-15 18:55 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-09-30 22:46 - 2016-09-15 18:55 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-09-30 22:46 - 2016-09-15 18:54 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-09-30 22:46 - 2016-09-15 18:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-09-30 22:46 - 2016-09-15 18:54 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2016-09-30 22:46 - 2016-09-15 18:53 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-09-30 22:46 - 2016-09-15 18:53 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2016-09-30 22:46 - 2016-09-15 18:52 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-09-30 22:46 - 2016-09-15 18:51 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2016-09-30 22:46 - 2016-09-15 18:50 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-09-30 22:46 - 2016-09-15 18:49 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-09-30 22:46 - 2016-09-15 18:47 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-09-30 22:46 - 2016-09-15 18:47 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2016-09-30 22:46 - 2016-09-15 18:46 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2016-09-30 22:46 - 2016-09-15 18:46 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-30 22:46 - 2016-09-15 18:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll
2016-09-30 22:46 - 2016-09-15 18:43 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2016-09-30 22:46 - 2016-09-15 18:43 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-09-30 22:46 - 2016-09-15 18:43 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2016-09-30 22:46 - 2016-09-15 18:43 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2016-09-30 22:46 - 2016-09-15 18:42 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-09-30 22:46 - 2016-09-15 18:42 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2016-09-30 22:46 - 2016-09-15 18:41 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2016-09-30 22:46 - 2016-09-15 18:41 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2016-09-30 22:46 - 2016-09-15 18:40 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-09-30 22:46 - 2016-09-15 18:40 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2016-09-30 22:46 - 2016-09-15 18:40 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-09-30 22:46 - 2016-09-15 18:40 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-09-30 22:46 - 2016-09-15 18:39 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-09-30 22:46 - 2016-09-15 18:39 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2016-09-30 22:46 - 2016-09-15 18:39 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2016-09-30 22:46 - 2016-09-15 18:39 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2016-09-30 22:46 - 2016-09-15 18:39 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2016-09-30 22:46 - 2016-09-15 18:38 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2016-09-30 22:46 - 2016-09-15 18:38 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-09-30 22:46 - 2016-09-15 18:38 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-09-30 22:46 - 2016-09-15 18:38 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-09-30 22:46 - 2016-09-15 18:38 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2016-09-30 22:46 - 2016-09-15 18:38 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2016-09-30 22:46 - 2016-09-15 18:37 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2016-09-30 22:46 - 2016-09-15 18:37 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-09-30 22:46 - 2016-09-15 18:37 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-09-30 22:46 - 2016-09-15 18:37 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-30 22:46 - 2016-09-15 18:37 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-09-30 22:46 - 2016-09-15 18:36 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2016-09-30 22:46 - 2016-09-15 18:36 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-09-30 22:46 - 2016-09-15 18:36 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-09-30 22:46 - 2016-09-15 18:36 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-09-30 22:46 - 2016-09-15 18:36 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovslegacy.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2016-09-30 22:46 - 2016-09-15 18:35 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2016-09-30 22:46 - 2016-09-15 18:34 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-09-30 22:46 - 2016-09-15 18:34 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-09-30 22:46 - 2016-09-15 18:34 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-09-30 22:46 - 2016-09-15 18:33 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-09-30 22:46 - 2016-09-15 18:32 - 01037312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2016-09-30 22:46 - 2016-09-15 18:32 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-09-30 22:46 - 2016-09-15 18:30 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll

krautsand · 29.10.2016, 16:21

Code:

ATTFilter

2016-09-30 22:46 - 2016-09-15 18:30 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-09-30 22:46 - 2016-09-15 18:30 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-09-30 22:46 - 2016-09-15 18:30 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-30 22:46 - 2016-09-15 18:29 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-30 22:46 - 2016-09-15 18:29 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-30 22:46 - 2016-09-15 18:29 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-30 22:46 - 2016-09-15 18:28 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-09-30 22:46 - 2016-09-15 18:27 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-09-30 22:46 - 2016-09-15 18:27 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-30 22:46 - 2016-09-15 18:27 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-09-30 22:46 - 2016-09-15 18:27 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2016-09-30 22:46 - 2016-09-15 18:27 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2016-09-30 22:46 - 2016-09-15 18:27 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-09-30 22:46 - 2016-09-15 18:27 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2016-09-30 22:46 - 2016-09-15 18:27 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2016-09-30 22:46 - 2016-09-15 18:27 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvenotify.exe
2016-09-30 22:46 - 2016-09-15 18:27 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Sens.dll
2016-09-30 22:46 - 2016-09-15 18:26 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-30 22:46 - 2016-09-15 18:26 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-30 22:46 - 2016-09-15 18:26 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-09-30 22:46 - 2016-09-15 18:26 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeui.dll
2016-09-30 22:46 - 2016-09-15 18:25 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2016-09-30 22:46 - 2016-09-15 18:25 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-09-30 22:46 - 2016-09-15 18:25 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2016-09-30 22:46 - 2016-09-15 18:24 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2016-09-30 22:46 - 2016-09-15 18:23 - 03405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-09-30 22:46 - 2016-09-15 18:23 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-09-30 22:46 - 2016-09-15 18:22 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-09-30 22:46 - 2016-09-15 18:22 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-09-30 22:46 - 2016-09-15 18:21 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-09-30 22:46 - 2016-09-15 18:21 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-09-30 22:46 - 2016-09-15 18:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-09-30 22:46 - 2016-09-15 18:20 - 01535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-09-30 22:46 - 2016-09-15 18:20 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-09-30 22:46 - 2016-09-15 18:20 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-09-30 22:46 - 2016-09-15 18:20 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-09-30 22:46 - 2016-09-15 18:20 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-09-30 22:46 - 2016-09-15 18:19 - 01130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-09-30 22:46 - 2016-09-15 18:19 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-09-30 22:46 - 2016-09-15 18:19 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-30 22:46 - 2016-09-15 18:16 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-09-30 22:46 - 2016-09-15 18:16 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-09-30 22:46 - 2016-09-15 18:16 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2016-09-30 22:46 - 2016-08-05 10:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-30 22:45 - 2016-09-15 19:37 - 00496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-09-30 22:45 - 2016-09-15 19:37 - 00402352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-09-30 22:45 - 2016-09-15 19:32 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-09-30 22:45 - 2016-09-15 19:30 - 00646136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-09-30 22:45 - 2016-09-15 19:29 - 00424640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-09-30 22:45 - 2016-09-15 19:29 - 00218008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-09-30 22:45 - 2016-09-15 19:29 - 00169056 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2016-09-30 22:45 - 2016-09-15 19:29 - 00081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-09-30 22:45 - 2016-09-15 19:29 - 00074080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2016-09-30 22:45 - 2016-09-15 19:29 - 00023392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys
2016-09-30 22:45 - 2016-09-15 19:27 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-09-30 22:45 - 2016-09-15 19:26 - 00090400 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-09-30 22:45 - 2016-09-15 19:25 - 00340320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-30 22:45 - 2016-09-15 19:25 - 00280472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeunlock.exe
2016-09-30 22:45 - 2016-09-15 19:25 - 00262960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-09-30 22:45 - 2016-09-15 19:24 - 00764936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-09-30 22:45 - 2016-09-15 19:23 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-09-30 22:45 - 2016-09-15 19:22 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-30 22:45 - 2016-09-15 19:22 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-09-30 22:45 - 2016-09-15 19:22 - 00433832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-09-30 22:45 - 2016-09-15 19:19 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-09-30 22:45 - 2016-09-15 19:18 - 06654616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-09-30 22:45 - 2016-09-15 19:18 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-09-30 22:45 - 2016-09-15 19:18 - 00856872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-09-30 22:45 - 2016-09-15 19:18 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-09-30 22:45 - 2016-09-15 19:16 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-30 22:45 - 2016-09-15 19:16 - 01738040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-30 22:45 - 2016-09-15 19:16 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-09-30 22:45 - 2016-09-15 19:16 - 00206096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-09-30 22:45 - 2016-09-15 19:15 - 00649568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-09-30 22:45 - 2016-09-15 19:15 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-30 22:45 - 2016-09-15 19:15 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2016-09-30 22:45 - 2016-09-15 19:14 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-09-30 22:45 - 2016-09-15 19:14 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-30 22:45 - 2016-09-15 19:14 - 00988512 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-30 22:45 - 2016-09-15 19:14 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-30 22:45 - 2016-09-15 19:14 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-30 22:45 - 2016-09-15 19:14 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-09-30 22:45 - 2016-09-15 19:11 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-09-30 22:45 - 2016-09-15 19:11 - 00862064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-09-30 22:45 - 2016-09-15 19:11 - 00725664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2016-09-30 22:45 - 2016-09-15 19:07 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-09-30 22:45 - 2016-09-15 19:07 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2016-09-30 22:45 - 2016-09-15 19:06 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-09-30 22:45 - 2016-09-15 19:01 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2016-09-30 22:45 - 2016-09-15 19:00 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2016-09-30 22:45 - 2016-09-15 19:00 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-09-30 22:45 - 2016-09-15 19:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-09-30 22:45 - 2016-09-15 18:59 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2016-09-30 22:45 - 2016-09-15 18:59 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2016-09-30 22:45 - 2016-09-15 18:58 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-09-30 22:45 - 2016-09-15 18:58 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-09-30 22:45 - 2016-09-15 18:58 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2016-09-30 22:45 - 2016-09-15 18:58 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-09-30 22:45 - 2016-09-15 18:58 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2016-09-30 22:45 - 2016-09-15 18:57 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2016-09-30 22:45 - 2016-09-15 18:57 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2016-09-30 22:45 - 2016-09-15 18:57 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2016-09-30 22:45 - 2016-09-15 18:57 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-09-30 22:45 - 2016-09-15 18:57 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-30 22:45 - 2016-09-15 18:56 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2016-09-30 22:45 - 2016-09-15 18:56 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2016-09-30 22:45 - 2016-09-15 18:56 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2016-09-30 22:45 - 2016-09-15 18:56 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-09-30 22:45 - 2016-09-15 18:56 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DataExchange.dll
2016-09-30 22:45 - 2016-09-15 18:56 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2016-09-30 22:45 - 2016-09-15 18:55 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-09-30 22:45 - 2016-09-15 18:55 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2016-09-30 22:45 - 2016-09-15 18:55 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetworkCollectionAgent.dll
2016-09-30 22:45 - 2016-09-15 18:55 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-09-30 22:45 - 2016-09-15 18:55 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-09-30 22:45 - 2016-09-15 18:55 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-09-30 22:45 - 2016-09-15 18:55 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2016-09-30 22:45 - 2016-09-15 18:55 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2016-09-30 22:45 - 2016-09-15 18:55 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\biwinrt.dll
2016-09-30 22:45 - 2016-09-15 18:55 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-09-30 22:45 - 2016-09-15 18:54 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2016-09-30 22:45 - 2016-09-15 18:54 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-30 22:45 - 2016-09-15 18:54 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2016-09-30 22:45 - 2016-09-15 18:53 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-09-30 22:45 - 2016-09-15 18:53 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-30 22:45 - 2016-09-15 18:53 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-09-30 22:45 - 2016-09-15 18:52 - 01358336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-09-30 22:45 - 2016-09-15 18:52 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2016-09-30 22:45 - 2016-09-15 18:52 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2016-09-30 22:45 - 2016-09-15 18:52 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-09-30 22:45 - 2016-09-15 18:52 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprapi.dll
2016-09-30 22:45 - 2016-09-15 18:52 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-09-30 22:45 - 2016-09-15 18:52 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-09-30 22:45 - 2016-09-15 18:51 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2016-09-30 22:45 - 2016-09-15 18:50 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pwrshplugin.dll
2016-09-30 22:45 - 2016-09-15 18:49 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-09-30 22:45 - 2016-09-15 18:49 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-09-30 22:45 - 2016-09-15 18:49 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-30 22:45 - 2016-09-15 18:48 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-09-30 22:45 - 2016-09-15 18:47 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-30 22:45 - 2016-09-15 18:47 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2016-09-30 22:45 - 2016-09-15 18:46 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-09-30 22:45 - 2016-09-15 18:46 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-09-30 22:45 - 2016-09-15 18:45 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-09-30 22:45 - 2016-09-15 18:45 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-09-30 22:45 - 2016-09-15 18:44 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-30 22:45 - 2016-09-15 18:44 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2016-09-30 22:45 - 2016-09-15 18:44 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-30 22:45 - 2016-09-15 18:43 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-09-30 22:45 - 2016-09-15 18:43 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-09-30 22:45 - 2016-09-15 18:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-09-30 22:45 - 2016-09-15 18:43 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2016-09-30 22:45 - 2016-09-15 18:42 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-30 22:45 - 2016-09-15 18:42 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2016-09-30 22:45 - 2016-09-15 18:42 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2016-09-30 22:45 - 2016-09-15 18:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2016-09-30 22:45 - 2016-09-15 18:42 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundMediaPolicy.dll
2016-09-30 22:45 - 2016-09-15 18:41 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-09-30 22:45 - 2016-09-15 18:41 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2016-09-30 22:45 - 2016-09-15 18:41 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2016-09-30 22:45 - 2016-09-15 18:41 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-09-30 22:45 - 2016-09-15 18:41 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2016-09-30 22:45 - 2016-09-15 18:41 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2016-09-30 22:45 - 2016-09-15 18:40 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-09-30 22:45 - 2016-09-15 18:40 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-30 22:45 - 2016-09-15 18:40 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-09-30 22:45 - 2016-09-15 18:40 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-09-30 22:45 - 2016-09-15 18:40 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-09-30 22:45 - 2016-09-15 18:40 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2016-09-30 22:45 - 2016-09-15 18:40 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-09-30 22:45 - 2016-09-15 18:40 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2016-09-30 22:45 - 2016-09-15 18:40 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-09-30 22:45 - 2016-09-15 18:40 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-09-30 22:45 - 2016-09-15 18:40 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2016-09-30 22:45 - 2016-09-15 18:39 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2016-09-30 22:45 - 2016-09-15 18:39 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2016-09-30 22:45 - 2016-09-15 18:39 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-09-30 22:45 - 2016-09-15 18:39 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-09-30 22:45 - 2016-09-15 18:39 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-09-30 22:45 - 2016-09-15 18:39 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2016-09-30 22:45 - 2016-09-15 18:39 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-09-30 22:45 - 2016-09-15 18:38 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-09-30 22:45 - 2016-09-15 18:38 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-09-30 22:45 - 2016-09-15 18:38 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkCollectionAgent.dll
2016-09-30 22:45 - 2016-09-15 18:38 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-09-30 22:45 - 2016-09-15 18:38 - 00573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
2016-09-30 22:45 - 2016-09-15 18:38 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-09-30 22:45 - 2016-09-15 18:38 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2016-09-30 22:45 - 2016-09-15 18:38 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2016-09-30 22:45 - 2016-09-15 18:38 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2016-09-30 22:45 - 2016-09-15 18:38 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-30 22:45 - 2016-09-15 18:38 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-09-30 22:45 - 2016-09-15 18:38 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2016-09-30 22:45 - 2016-09-15 18:38 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-09-30 22:45 - 2016-09-15 18:37 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2016-09-30 22:45 - 2016-09-15 18:37 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-09-30 22:45 - 2016-09-15 18:37 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2016-09-30 22:45 - 2016-09-15 18:37 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlancfg.dll
2016-09-30 22:45 - 2016-09-15 18:37 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-09-30 22:45 - 2016-09-15 18:37 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll
2016-09-30 22:45 - 2016-09-15 18:36 - 00719360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-09-30 22:45 - 2016-09-15 18:36 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2016-09-30 22:45 - 2016-09-15 18:36 - 00648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-09-30 22:45 - 2016-09-15 18:36 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-09-30 22:45 - 2016-09-15 18:36 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2016-09-30 22:45 - 2016-09-15 18:36 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-09-30 22:45 - 2016-09-15 18:36 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-09-30 22:45 - 2016-09-15 18:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-09-30 22:45 - 2016-09-15 18:36 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-09-30 22:45 - 2016-09-15 18:36 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2016-09-30 22:45 - 2016-09-15 18:36 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2016-09-30 22:45 - 2016-09-15 18:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-30 22:45 - 2016-09-15 18:36 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-09-30 22:45 - 2016-09-15 18:35 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-09-30 22:45 - 2016-09-15 18:35 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-09-30 22:45 - 2016-09-15 18:35 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2016-09-30 22:45 - 2016-09-15 18:35 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2016-09-30 22:45 - 2016-09-15 18:35 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-09-30 22:45 - 2016-09-15 18:35 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll
2016-09-30 22:45 - 2016-09-15 18:34 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-30 22:45 - 2016-09-15 18:34 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-09-30 22:45 - 2016-09-15 18:34 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2016-09-30 22:45 - 2016-09-15 18:34 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-09-30 22:45 - 2016-09-15 18:33 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2016-09-30 22:45 - 2016-09-15 18:33 - 01004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-09-30 22:45 - 2016-09-15 18:33 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2016-09-30 22:45 - 2016-09-15 18:33 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-30 22:45 - 2016-09-15 18:33 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-09-30 22:45 - 2016-09-15 18:33 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll
2016-09-30 22:45 - 2016-09-15 18:32 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-09-30 22:45 - 2016-09-15 18:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwrshplugin.dll
2016-09-30 22:45 - 2016-09-15 18:30 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-09-30 22:45 - 2016-09-15 18:30 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-30 22:45 - 2016-09-15 18:30 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-30 22:45 - 2016-09-15 18:30 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2016-09-30 22:45 - 2016-09-15 18:29 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-09-30 22:45 - 2016-09-15 18:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2016-09-30 22:45 - 2016-09-15 18:28 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2016-09-30 22:45 - 2016-09-15 18:28 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-09-30 22:45 - 2016-09-15 18:27 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-30 22:45 - 2016-09-15 18:27 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-09-30 22:45 - 2016-09-15 18:27 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAC3ENC.DLL
2016-09-30 22:45 - 2016-09-15 18:26 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2016-09-30 22:45 - 2016-09-15 18:25 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-30 22:45 - 2016-09-15 18:25 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-09-30 22:45 - 2016-09-15 18:25 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-09-30 22:45 - 2016-09-15 18:25 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundMediaPolicy.dll
2016-09-30 22:45 - 2016-09-15 18:24 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-09-30 22:45 - 2016-09-15 18:24 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-09-30 22:45 - 2016-09-15 18:24 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-09-30 22:45 - 2016-09-15 18:24 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-09-30 22:45 - 2016-09-15 18:23 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-09-30 22:45 - 2016-09-15 18:23 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2016-09-30 22:45 - 2016-09-15 18:23 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-09-30 22:45 - 2016-09-15 18:23 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-09-30 22:45 - 2016-09-15 18:23 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2016-09-30 22:45 - 2016-09-15 18:23 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-09-30 22:45 - 2016-09-15 18:22 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-09-30 22:45 - 2016-09-15 18:22 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-09-30 22:45 - 2016-09-15 18:22 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-09-30 22:45 - 2016-09-15 18:22 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-09-30 22:45 - 2016-09-15 18:22 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-09-30 22:45 - 2016-09-15 18:21 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-09-30 22:45 - 2016-09-15 18:20 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-09-30 22:45 - 2016-09-15 18:20 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-30 22:45 - 2016-09-15 18:20 - 01710080 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-09-30 22:45 - 2016-09-15 18:20 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-09-30 22:45 - 2016-09-15 18:20 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-09-30 22:45 - 2016-09-15 18:19 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-09-30 22:45 - 2016-09-15 18:19 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2016-09-30 22:45 - 2016-09-15 18:19 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-30 22:45 - 2016-09-15 18:18 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2016-09-30 22:45 - 2016-09-15 18:18 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-09-30 22:45 - 2016-09-15 18:17 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-09-30 22:45 - 2016-09-15 18:17 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-09-30 22:45 - 2016-09-15 18:16 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2016-09-30 22:45 - 2016-09-15 18:16 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2016-09-30 22:45 - 2016-08-06 05:34 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-30 22:45 - 2016-08-06 05:33 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-30 22:45 - 2016-08-05 10:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-30 22:43 - 2016-09-30 22:43 - 00108236 _____ C:\Users\hannibla34\Downloads\Nutzungsvereinbarung+Postfach.pdf
2016-09-30 22:23 - 2016-09-30 22:23 - 00001095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-29 17:02 - 2016-09-03 20:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-29 17:02 - 2016-09-03 20:35 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-29 17:01 - 2016-07-16 08:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2016-10-29 15:43 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-10-29 12:54 - 2016-09-03 20:32 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-10-29 11:27 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-10-29 11:13 - 2016-09-03 20:35 - 00319059 _____ C:\WINDOWS\system32\Drivers\RTWAVES40.dat
2016-10-29 11:13 - 2016-09-03 20:35 - 00006786 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat
2016-10-29 11:13 - 2016-09-03 20:35 - 00002626 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat
2016-10-29 11:13 - 2016-09-03 20:35 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-10-29 11:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-29 11:13 - 2014-12-11 15:15 - 05322248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2016-10-29 11:13 - 2014-12-11 15:15 - 00023696 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2016-10-29 11:11 - 2016-09-04 06:24 - 00750836 _____ C:\WINDOWS\system32\perfh007.dat
2016-10-29 11:11 - 2016-09-04 06:24 - 00172128 _____ C:\WINDOWS\system32\perfc007.dat
2016-10-29 11:11 - 2016-06-11 13:27 - 02007346 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-29 11:10 - 2016-09-04 15:17 - 00020632 _____ (Alcor Micro, Corp.) C:\WINDOWS\system32\AmUStor2.dll
2016-10-29 11:10 - 2013-08-15 17:29 - 00090264 _____ (Alcor Micro, Corp.) C:\WINDOWS\system32\Drivers\AmUStor.sys
2016-10-29 11:06 - 2016-04-27 08:39 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-10-29 11:04 - 2014-11-24 20:26 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-10-29 11:03 - 2016-09-03 20:32 - 00350896 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-29 00:21 - 2016-07-16 13:47 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-10-29 00:21 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-10-29 00:21 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-10-29 00:21 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-10-29 00:21 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-29 00:19 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-29 00:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-10-29 00:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-10-28 20:41 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-25 01:30 - 2016-07-16 13:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-25 01:30 - 2016-07-16 13:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-23 10:48 - 2014-11-28 17:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-22 23:16 - 2014-11-08 16:23 - 00036654 _____ C:\Users\hannibla34\Documents\Malware.odt
2016-10-22 20:07 - 2016-07-05 15:03 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-10-22 20:07 - 2016-07-05 15:02 - 00000000 ____D C:\Users\hannibla34\Desktop\mbar
2016-10-22 19:22 - 2015-01-24 18:06 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-22 19:22 - 2015-01-24 18:06 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-10-22 19:20 - 2016-06-27 17:17 - 00000000 ____D C:\Program Files (x86)\Java
2016-10-22 19:20 - 2014-10-22 18:25 - 00000000 ____D C:\ProgramData\Oracle
2016-10-22 17:10 - 2016-09-04 15:16 - 00000000 ____D C:\Users\hannibla34\AppData\Roaming\IObit
2016-10-22 17:10 - 2016-09-04 15:16 - 00000000 ____D C:\Program Files (x86)\IObit
2016-10-22 17:10 - 2014-05-17 08:21 - 00000000 ____D C:\ProgramData\IObit
2016-10-22 16:57 - 2014-11-25 18:42 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-10-22 15:40 - 2016-09-03 20:49 - 00002064 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-10-21 16:16 - 2015-03-08 16:27 - 00000000 ____D C:\Users\hannibla34\Downloads\Diverse Scans
2016-10-21 00:34 - 2014-05-16 05:10 - 00000000 ____D C:\Users\hannibla34\AppData\Roaming\vlc
2016-10-20 11:39 - 2014-11-30 01:14 - 00000000 ____D C:\ProgramData\Sirrix AG
2016-10-20 11:39 - 2014-11-30 01:14 - 00000000 ____D C:\Program Files (x86)\Sirrix AG
2016-10-20 11:32 - 2014-05-14 22:38 - 00000000 ____D C:\Users\hannibla34\AppData\Local\Packages
2016-10-18 22:34 - 2015-11-06 23:51 - 00000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-10-18 22:34 - 2014-05-19 01:17 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-16 21:06 - 2014-05-16 04:59 - 00000000 ___RD C:\Users\hannibla34\Documents\Eigene Dateien
2016-10-16 16:04 - 2016-09-03 20:49 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-10-16 16:04 - 2015-11-06 23:38 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-10-15 15:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-10-13 23:44 - 2014-11-10 17:30 - 00000000 ____D C:\Users\hannibla34\AppData\Roaming\Everything
2016-10-13 23:27 - 2014-11-10 17:30 - 00000000 ____D C:\Program Files\Everything
2016-10-13 13:54 - 2016-09-03 18:48 - 00293352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-10-13 13:50 - 2014-06-09 15:30 - 00000000 ____D C:\AdwCleaner
2016-10-12 15:06 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-10-12 15:06 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-10-12 15:06 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-10-12 15:06 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-10-12 15:06 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-10-12 13:07 - 2014-05-15 02:57 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-12 12:57 - 2014-05-15 02:57 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-12 11:59 - 2016-07-16 13:43 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2016-10-12 11:59 - 2016-07-16 13:42 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2016-10-11 11:17 - 2016-09-02 21:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-10-10 21:41 - 2016-03-28 22:01 - 00202848 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2016-10-03 16:10 - 2014-05-19 04:05 - 00000000 ____D C:\Users\hannibla34\AppData\Roaming\TV-Browser
2016-10-03 00:18 - 2015-03-25 14:51 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2016-10-03 00:17 - 2015-03-25 14:49 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-10-03 00:14 - 2016-09-03 20:35 - 00000000 ____D C:\ProgramData\Samsung
2016-10-03 00:10 - 2015-03-24 20:30 - 00000000 ____D C:\Users\hannibla34\AppData\Roaming\Samsung
2016-10-02 14:30 - 2016-09-03 20:39 - 00000000 ____D C:\Users\hannibla34
2016-10-02 14:28 - 2016-09-03 20:59 - 00002890 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-10-01 22:32 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-10-01 22:32 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-10-01 22:32 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-10-01 22:32 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2016-10-01 22:32 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-10-01 22:32 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-10-01 22:32 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-10-01 22:32 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-10-01 22:32 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-10-01 18:56 - 2015-11-06 23:38 - 00002131 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-10-01 00:37 - 2016-05-15 00:36 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2016-09-30 22:27 - 2016-09-03 18:48 - 00513632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-09-30 22:23 - 2016-09-03 20:49 - 00003994 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1472921408

==================== Files in the root of some directories =======

2014-06-19 14:54 - 2014-06-19 14:54 - 0000024 _____ () C:\Users\hannibla34\AppData\Roaming\temp.ini
2016-09-03 20:35 - 2016-09-03 20:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-10-28 21:42

==================== End of FRST.txt ============================

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-10-2016
Ran by hannibla34 (29-10-2016 17:07:52)
Running from C:\Users\hannibla34\Downloads
Windows 10 Home Version 1607 (X64) (2016-09-03 18:55:43)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-903397656-3433550281-814490945-500 - Administrator - Disabled)
BitBox (S-1-5-21-903397656-3433550281-814490945-1006 - Limited - Enabled)
DefaultAccount (S-1-5-21-903397656-3433550281-814490945-503 - Limited - Disabled)
Guest (S-1-5-21-903397656-3433550281-814490945-501 - Limited - Disabled)
hannibla34 (S-1-5-21-903397656-3433550281-814490945-1002 - Administrator - Enabled) => C:\Users\hannibla34
HomeGroupUser$ (S-1-5-21-903397656-3433550281-814490945-1004 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

. . . (Version: 2.1.28.3 - Intel) Hidden
. . . (x32 Version: 2.6.1.4 - Intel) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20039 - Adobe Systems Incorporated)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\AmUStor) (Version: 20.15.6362.54439 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.15.6362.54439 - Alcor Micro Corp.) Hidden
Ansel (Version: 372.70 - NVIDIA Corporation) Hidden
Atomuhr (HKLM-x32\...\{F5CEAB8C-19F8-4A29-9977-FED8D5DE6D31}) (Version: 1.0.1 - A. Weintrub)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 7.0.0.0 - Auslogics Labs Pty Ltd)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
CPUID HWMonitor 1.29 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Driver Booster 4.0 (HKLM-x32\...\Driver Booster_is1) (Version: 4.0.4 - IObit)
Elegant-Treiber Paket (HKLM-x32\...\Samsung Stylish UI Pack) (Version: 1.01.74.00 (09.02.2015) - Samsung Electronics Co., Ltd.)
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version:  - )
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.4.530 - DVDVideoSoft Ltd.)
Galeria de Fotografias (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{fe2eebd3-ee15-4538-bb19-b627e3f2a911}) (Version: 2.6.1.4 - Intel)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.19.11.55 - Huawei Technologies Co.,Ltd)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
LibreOffice 5.2 Help Pack (German) (HKLM-x32\...\{C7DC16A3-8C61-434B-978E-8428AB3D8841}) (Version: 5.2.2.2 - The Document Foundation)
LibreOffice 5.2.2.2 (HKLM-x32\...\{69751441-D5E0-4668-893F-CB797B082D09}) (Version: 5.2.2.2 - The Document Foundation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version:  - )
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 49.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 de)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla)
Mozilla Thunderbird 45.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.4.0 (x86 de)) (Version: 45.4.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MyMicroBalance (HKLM-x32\...\{4B393BCF-3540-4B42-92BA-50E795066E9E}) (Version: 1.0.8 - G4BI)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 372.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.70 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Öko-Treiber Pack (HKLM-x32\...\Samsung Eco Driver Pack) (Version: 2.01.06.00 (05.02.2015) - Samsung Electronics Co., Ltd.)
Power8 (HKLM-x32\...\{AEE2067B-73CC-4322-AF5A-1DA86E448E26}) (Version: 1.4.4.628 - Power8 team)
Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
RadiAnt DICOM Viewer (64-bit) (HKLM-x32\...\RadiAnt64) (Version: 1.9.14.7431 - Medixant)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7936 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.0 - VS Revo Group, Ltd.)
SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Samsung Drucker-Diagnose (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.4.7.04 - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 2.01.05 (11.02.2015) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 2.0.0.65 - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 2.01.28 (04.02.2015) - Samsung Electronics Co., Ltd.)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.21 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version:  - Samsung Electronics Co., Ltd.)
Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.05.07 (20.07.2012) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.03.05.19 - Samsung Electronics Co., Ltd.) Hidden
Samsung SCX-472x Series (HKLM-x32\...\Samsung SCX-472x Series) (Version:  - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 3.31.79:03 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TV-Browser 3.4.3 (HKLM-x32\...\tvbrowser) (Version: 3.4.3 - TV-Browser Team)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.8 - Samsung Electronics CO., LTD.)
UsbFix (HKLM-x32\...\Usbfix) (Version: 7.807 - El Desaparecido - www.usbfix.net - www.sosvirus.net)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17354 - Microsoft Corporation)
WISO steuer:Sparbuch 2016 (HKLM-x32\...\{F6B7AD1A-FC00-424A-AB50-EA4E5FBC432E}) (Version: 23.00.1146 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKU\S-1-5-21-903397656-3433550281-814490945-1002\...\{AF2519A0-3640-41DB-BF30-DB6C108A99C9}) (Version: 21.00.8480 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2015 (HKLM-x32\...\{F0A14325-834A-4ADD-BAFA-B5DF0F64030A}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Συλλογή φωτογραφιών (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-903397656-3433550281-814490945-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\hannibla34\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A066C6B-000F-4A65-AB9B-6940BFDD45EE} - \WPD\SqmUpload_S-1-5-21-903397656-3433550281-814490945-1002 -> No File <==== ATTENTION
Task: {11A106BC-5E5D-4789-BBAB-CD159B4C10B6} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
Task: {1453CCEC-DBF6-4839-B77F-B64E654D8D4C} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.0.4\Scheduler.exe [2016-09-20] (IObit)
Task: {2279742C-DC1B-4896-BD98-53B439276585} - System32\Tasks\Driver Booster SkipUAC (hannibla34) => C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DriverBooster.exe [2016-10-09] (IObit)
Task: {297DAC8B-1DB2-4C0B-BA90-C616C1838BBC} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {2C4B8AC4-41CD-4956-9654-ECD4767FAFCB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-29] (Adobe Systems Incorporated)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3D794281-38B0-461B-82BA-E2A1CD5DE3B5} - System32\Tasks\ASUS\ASUS Updater => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSFourceUpdater.exe
Task: {5A2A982A-166B-49F7-A113-8BF12659A15C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd)
Task: {5A76CF45-2D4E-4A09-B384-281D30AD08DC} - System32\Tasks\SafeZone scheduled Autoupdate 1472921408 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {61C7433A-6719-492E-ABC8-F1CCA2F5124A} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\hannibla34\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-09-03] (Microsoft Corporation)
Task: {67BCD63F-C426-48B9-AB83-F4958604E0A3} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe
Task: {682ED690-9AA9-4011-8360-8CD47E349B7E} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe
Task: {7573CD68-1982-4AFA-A8EC-18CF7A97813B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-10-12] (Microsoft Corporation)
Task: {96F795F7-8D05-4776-AC3A-E3ABEE04EAA3} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {A33C8CF8-61C4-411D-A666-FBD2C121882D} - System32\Tasks\{74D991CE-FE24-45B1-8499-0E6137032053} => pcalua.exe -a I:\PCgo.exe -d I:\
Task: {A9F02C50-0AFA-4774-B298-FC5361AB621B} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {B2029956-DCB4-4CE2-AC14-D8BA7ACD36D9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-03] (AVAST Software)
Task: {BDF00A52-C0D9-45F9-8834-8BF0B6D40019} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {CF263EF5-FD80-4F25-829D-36AA646DD609} - System32\Tasks\SafeZone scheduled Autoupdate 1462468405 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {DC525F3D-6C6F-4FA6-B0F0-3E27BE7AD911} - System32\Tasks\SafeZone scheduled Autoupdate 1446846246 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {EB67DF33-164F-4629-AC42-B12D81FA3FD8} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [2015-03-08] ()
Task: {F000F819-307A-4023-B2F2-518FC8F572A8} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-30 22:46 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-03 20:35 - 2016-08-25 23:12 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-25 14:50 - 2011-05-11 09:38 - 00034304 _____ () C:\WINDOWS\System32\ssa3mlm.dll
2015-02-20 09:01 - 2015-02-20 09:01 - 00022528 _____ () C:\WINDOWS\System32\us001lm.dll
2016-09-04 15:21 - 2016-09-04 15:21 - 00022528 _____ () C:\WINDOWS\System32\us003lm.dll
2015-03-18 00:16 - 2014-04-16 10:22 - 00029184 _____ () C:\WINDOWS\System32\usp02l.dll
2016-10-03 00:10 - 2015-03-12 04:43 - 00022528 _____ () C:\WINDOWS\System32\ux003lm.dll
2014-01-15 05:42 - 2014-01-15 05:42 - 00351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2016-09-02 22:25 - 2016-08-26 01:27 - 00367552 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-09-02 22:25 - 2016-08-26 01:27 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-09-02 22:25 - 2016-08-26 01:27 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-09-02 22:25 - 2016-08-26 01:27 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-10-03 00:15 - 2016-08-17 13:43 - 00499000 ____N () C:\WINDOWS\SysWoW64\spdsvc.exe
2016-10-03 00:10 - 2016-10-03 00:10 - 00143664 ____N () C:\WINDOWS\SysWoW64\SecUPDUtilSvc.exe
2016-06-08 18:04 - 2016-06-08 18:04 - 00117400 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2015-07-13 14:25 - 2014-04-26 08:15 - 00682064 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2016-09-02 22:25 - 2016-08-26 01:27 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-09-02 22:25 - 2016-08-26 01:27 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-09-02 22:25 - 2016-08-26 01:27 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-09-02 22:25 - 2016-08-26 01:27 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-09-02 22:25 - 2016-08-26 01:27 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-09-02 22:25 - 2016-08-26 01:27 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-09-30 22:46 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-03 20:58 - 2016-09-03 20:58 - 01864384 _____ () C:\Users\hannibla34\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-09-16 21:01 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-12 12:14 - 2016-10-05 11:35 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-28 21:02 - 2016-10-15 05:41 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-28 21:02 - 2016-10-15 05:34 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-28 21:02 - 2016-10-15 05:34 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-28 21:02 - 2016-10-15 05:34 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-28 21:02 - 2016-10-15 05:38 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-10-06 14:37 - 2014-12-05 16:32 - 00420352 _____ () C:\WINDOWS\system32\SaMinDrv.dll
2014-07-25 06:36 - 2014-09-18 07:08 - 00087552 ____N () C:\WINDOWS\system32\ssdevm64.dll
2016-09-03 18:48 - 2016-09-03 18:48 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-10-29 11:04 - 2016-10-29 11:04 - 03125136 _____ () C:\Program Files\AVAST Software\Avast\defs\16102900\algo.dll
2016-09-03 18:48 - 2016-09-03 18:48 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-10-03 00:17 - 2015-01-24 12:22 - 03029504 ____N () C:\WINDOWS\system32\DlgSearchEngine.dll
2015-07-13 14:25 - 2013-08-16 08:53 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2015-07-13 14:25 - 2013-08-16 08:53 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2015-07-13 14:25 - 2014-02-15 09:31 - 02416640 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2015-07-13 14:25 - 2014-02-15 09:33 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2016-09-02 22:25 - 2016-08-26 01:27 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-03 18:48 - 2016-09-03 18:48 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2016-01-14 23:41 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-903397656-3433550281-814490945-1002\Control Panel\Desktop\\Wallpaper -> M:\Eigene Bilder\Erinnerungsbilder\Erfurt\Erfurt,Zitadelle_Petersberg_Blick auf den Dom 12 10 2005.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 1) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "Virtual Router Manager.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Samsung Network PC Fax.lnk"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "RtHDVBg"
HKLM\...\StartupApproved\Run: => "CDAServer"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "Everything"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "ASUSPRP"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKU\S-1-5-21-903397656-3433550281-814490945-1002\...\StartupApproved\StartupFolder: => "WISO Mein Steuer-Sparbuch heute.lnk"
HKU\S-1-5-21-903397656-3433550281-814490945-1002\...\StartupApproved\StartupFolder: => "Mediencenter.lnk"
HKU\S-1-5-21-903397656-3433550281-814490945-1002\...\StartupApproved\Run: => "Advanced SystemCare 7"
HKU\S-1-5-21-903397656-3433550281-814490945-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-903397656-3433550281-814490945-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-903397656-3433550281-814490945-1002\...\StartupApproved\Run: => "Uninstall C:\Users\hannibla34\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-903397656-3433550281-814490945-1002\...\StartupApproved\Run: => "Uninstall C:\Users\hannibla34\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-903397656-3433550281-814490945-1002\...\StartupApproved\Run: => "STUISpeedLauncher"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2BD4D7B5-DD63-4BC7-9384-C72F89C0FAE1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DAB8C9A5-61DD-41DB-884A-A29DEAAB110E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F3B173FD-48B9-4C88-8DA4-C0412B157101}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F8D91D5E-440A-4E2C-B587-4CC89B00C677}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{85D04301-5F0D-424A-B051-E6E6CF4B1CBE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4AC1FB1D-7F9B-4C69-8402-4ECBA01930EC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5EDF4ED2-3246-45B2-B324-A9488D8605D5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{53A1FC65-895D-45F8-B707-AC83F4B18967}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser.exe
FirewallRules: [{EC5639B7-2D30-4A6A-BB83-7744B9B18B7F}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser.exe
FirewallRules: [{1ED2484A-115E-4946-981A-C7D037D1DDB8}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser_noDD.exe
FirewallRules: [{1652476E-D0C9-455E-9E33-A60BFA10A4D6}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser_noDD.exe
FirewallRules: [{02F04B9A-39AF-4BEF-A26C-CEF32CB3B375}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{93FEABAA-39E9-4487-9F9D-6A14A93D31CE}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [TCP Query User{5069CF40-BA57-4F69-A55F-319E45BB68F8}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{249028FF-C75C-4570-B25F-99840B60C0E6}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{7C97C9DD-51EE-4325-B34B-48EB52E379BC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4E74E2DF-29F9-4BB9-9D1E-39815BE93D90}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{BDD97E84-B3F2-4AC2-A965-5A57EB526806}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{48A74F90-3968-4D51-AD6C-2D4F95BDAE31}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{6DBFFF39-151E-4B34-9907-0EA233AF3ADD}] => (Allow) C:\Windows\twain_32\Samsung\SCX472x\SCNSearch\USDAgent.exe
FirewallRules: [{B008319C-E487-4D78-8821-13F71D9998C0}] => (Allow) C:\Windows\twain_32\Samsung\SCX472x\SCNSearch\USDAgent.exe
FirewallRules: [{A9208BC0-AA6E-4909-B2B4-D434439C7EA9}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{0F9FA671-1DC0-45EB-819E-528AB89430A2}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{7D2466FB-46A8-4D2E-BD79-08317AF67F81}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{4BFC0FE8-ED6E-45C0-9F24-18BF503196F8}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{A07D1881-6060-43AA-AC30-F95C686B9CC9}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
FirewallRules: [{95E7027C-EC3B-49D0-AC3A-872CDA002A07}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
FirewallRules: [{66B3817A-E1D3-4CFB-B9E4-DA4B0A2340B9}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{82327C54-E27D-46CF-9FE1-6EAA21918F27}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{D2DE1A0F-D57F-4EFE-B1F1-8A71F859BB7D}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
FirewallRules: [{987A45CE-06E7-415A-939F-1D42AA1F993F}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
FirewallRules: [{4DF55BA5-C96C-4506-93DE-09A2D5B72BB8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{56D60ED2-CA60-461A-B78E-702F1F4745A0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{82BC4EB4-4B38-4E8A-B5B3-B5616F5DB75C}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser.exe
FirewallRules: [{0E93B86F-46D9-4C8D-89A6-3060A3399F0D}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser.exe
FirewallRules: [{5F0D6BD9-6BAD-4421-A9A3-9646613631E2}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser_noDD.exe
FirewallRules: [{FC2E148E-CBEA-4A14-BBB0-01E73798FFE2}] => (Allow) C:\Program Files (x86)\TV-Browser\tvbrowser_noDD.exe
FirewallRules: [{5C198E3B-3A0D-4A5F-907D-A198FA71E845}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe
FirewallRules: [{8746A8A2-7EBB-4B60-A501-8FF18AC09EED}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe
FirewallRules: [{60FFA804-EB35-4F02-BBF3-2651469ED108}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe
FirewallRules: [{5F60920A-5815-4CC6-9727-E827F2AADB4C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe
FirewallRules: [{F59D476F-7007-40B9-8C2E-A58D28386280}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{06763CB0-041C-4042-9A8A-B679B952A5AA}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{D2BB22C8-8490-4E8B-BBA7-AA1637ACBBF6}] => (Allow) C:\Program Files (x86)\Samsung\Network PC Fax\drv\NetFaxMon64.exe
FirewallRules: [{605FB5CF-67AC-47E0-9BD1-AB8554A65967}] => (Allow) C:\Program Files (x86)\Samsung\Network PC Fax\drv\NetFaxMon.exe
FirewallRules: [{74DD5E0B-6F8E-4C36-BAA7-DEB24E7191C8}] => (Allow) C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxMon64.exe
FirewallRules: [{A51167BD-9A93-4A08-ABBC-0A03B019C7B5}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe
FirewallRules: [{F5CB9172-4B3F-4D14-B043-764CB83A7B80}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{13DF45BD-9916-46BE-91A5-47936BEB8D57}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe
FirewallRules: [{A6D5CD38-58F5-4C76-99A3-FBDBCB55AE25}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe
FirewallRules: [{0D20E601-268F-4BC7-AC2F-61C930A60F23}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{5247658C-ED72-4282-B471-A4C5720D7AE3}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{EE6DCB97-CD2B-4456-B5C7-D1A4968BB984}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{A0F4E40E-E062-4F6D-A3DB-E24675A7F249}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{A87196E9-0F75-4613-88E1-90D4CA93EB9C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DriverBooster.exe
FirewallRules: [{A1A08825-F6C3-4A46-B445-6E37ED5D8E79}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DriverBooster.exe
FirewallRules: [{90E160A7-B178-4760-A676-A8BE85BC2B6B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DBDownloader.exe
FirewallRules: [{C1CFDCBD-D253-49EA-B4C6-F41AB42C9189}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DBDownloader.exe
FirewallRules: [{7CF87A20-5252-4E56-B105-6579047CC535}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\AutoUpdate.exe
FirewallRules: [{BED1C8EA-F20F-4855-A7A6-0BCD5F789336}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.0.4\AutoUpdate.exe

==================== Restore Points =========================

28-10-2016 21:42:43 Windows Update
29-10-2016 11:09:33 Driver Booster : Alcor Micro USB 2.0 Card Reader

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/29/2016 03:43:40 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-903397656-3433550281-814490945-1002}/">.

Error: (10/29/2016 01:08:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamUserAgent.exe, Version: 7.1.2084.9592, Zeitstempel: 0x57605c64
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.351, Zeitstempel: 0x5801a332
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003061d
ID des fehlerhaften Prozesses: 0x1ac8
Startzeit der fehlerhaften Anwendung: 0x01d231d4b5ff50a3
Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: f90dab18-8e63-4123-be02-5ee5f37dace1
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (10/29/2016 12:53:52 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-903397656-3433550281-814490945-1002}/">.

Error: (10/29/2016 11:27:32 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-903397656-3433550281-814490945-1002}/">.

Error: (10/29/2016 11:09:48 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (10/29/2016 12:16:50 AM) (Source: ESENT) (EventID: 455) (User: )
Description: CCleaner64 (2796) testing: Fehler -1032 (0xfffffbf8) beim Öffnen von Protokolldatei C:\Users\hannibla34\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (10/29/2016 12:16:50 AM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (2796) testing: Der Versuch, die Datei "C:\Users\hannibla34\AppData\Local\Microsoft\Windows\WebCache\V01.log" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error: (10/28/2016 09:43:57 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (10/28/2016 09:43:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (10/23/2016 03:02:51 PM) (Source: ESENT) (EventID: 455) (User: )
Description: CCleaner64 (5536) testing: Fehler -1032 (0xfffffbf8) beim Öffnen von Protokolldatei C:\Users\hannibla34\AppData\Local\Microsoft\Windows\WebCache\V01.log.


System errors:
=============
Error: (10/29/2016 05:04:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (10/29/2016 05:04:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst gupdate erreicht.

Error: (10/29/2016 05:04:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Connected Devices Platform Service" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (10/29/2016 05:02:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Connected Devices Platform Service" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (10/29/2016 05:02:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. RunOuc" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (10/29/2016 05:02:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. RunOuc erreicht.

Error: (10/29/2016 04:57:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Connected Devices Platform Service" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (10/29/2016 01:07:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Connected Devices Platform Service" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (10/29/2016 11:06:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (10/29/2016 11:06:18 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst gupdate erreicht.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 26%
Total physical RAM: 8131.29 MB
Available physical RAM: 5999.21 MB
Total Virtual: 9411.29 MB
Available Virtual: 7124.54 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:150 GB) (Free:37.77 GB) NTFS
Drive d: (Data) (Fixed) (Total:764.71 GB) (Free:739.5 GB) NTFS
Drive i: (DVD1) (CDROM) (Total:4.06 GB) (Free:0 GB) UDF
Drive m: (SAMSUNG) (Fixed) (Total:596.02 GB) (Free:179.35 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 74A7F63F)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 596.2 GB) (Disk ID: F4CF956B)
Partition 1: (Active) - (Size=596.2 GB) - (Type=0C)

==================== End of Addition.txt ============================

deeprybka · 30.10.2016, 13:29

TDSS-Killer Log?

krautsand · 30.10.2016, 18:07

Entschuldigung

Code:

ATTFilter

20:54:36.0782 0x11b4  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
20:54:36.0782 0x11b4  UEFI system
20:54:41.0261 0x11b4  ============================================================
20:54:41.0261 0x11b4  Current date / time: 2016/10/28 20:54:41.0261
20:54:41.0261 0x11b4  SystemInfo:
20:54:41.0261 0x11b4  
20:54:41.0261 0x11b4  OS Version: 10.0.14393 ServicePack: 0.0
20:54:41.0261 0x11b4  Product type: Workstation
20:54:41.0261 0x11b4  ComputerName: WO
20:54:41.0262 0x11b4  UserName: hannibla34
20:54:41.0262 0x11b4  Windows directory: C:\WINDOWS
20:54:41.0262 0x11b4  System windows directory: C:\WINDOWS
20:54:41.0262 0x11b4  Running under WOW64
20:54:41.0262 0x11b4  Processor architecture: Intel x64
20:54:41.0262 0x11b4  Number of processors: 8
20:54:41.0262 0x11b4  Page size: 0x1000
20:54:41.0262 0x11b4  Boot type: Normal boot
20:54:41.0262 0x11b4  CodeIntegrityOptions = 0x00000001
20:54:41.0262 0x11b4  ============================================================
20:54:41.0689 0x11b4  KLMD registered as C:\WINDOWS\system32\drivers\79873187.sys
20:54:41.0689 0x11b4  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.321, osProperties = 0x19
20:54:41.0916 0x11b4  System UUID: {3F8E22D3-6932-8A58-EF4E-56EC65BDDB2D}
20:54:42.0390 0x11b4  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:54:42.0395 0x11b4  Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:54:47.0568 0x11b4  ============================================================
20:54:47.0568 0x11b4  \Device\Harddisk0\DR0:
20:54:47.0568 0x11b4  GPT partitions:
20:54:47.0599 0x11b4  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A87557AB-C51B-4C81-A8FC-3238F1BE4911}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x190000
20:54:47.0599 0x11b4  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {442E0D00-58E8-4B54-BEC3-3295F0F195A3}, Name: EFI system partition, StartLBA 0x190800, BlocksNum 0x82000
20:54:47.0599 0x11b4  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {4B05466C-2242-4D97-AAC9-A12E5E0953B1}, Name: Microsoft reserved partition, StartLBA 0x212800, BlocksNum 0x40000
20:54:47.0599 0x11b4  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {854EB602-EB6C-4F29-8747-355D62CA0D02}, Name: Basic data partition, StartLBA 0x252800, BlocksNum 0x12C00000
20:54:47.0599 0x11b4  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3E25A1E3-9C34-4CFB-866B-31769D6D5425}, Name: Basic data partition, StartLBA 0x12E52800, BlocksNum 0x5F96D800
20:54:47.0599 0x11b4  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {6A62A54D-E3A4-441B-8B72-187100569643}, Name: Basic data partition, StartLBA 0x727C0000, BlocksNum 0x1F46800
20:54:47.0599 0x11b4  MBR partitions:
20:54:47.0599 0x11b4  \Device\Harddisk1\DR1:
20:54:47.0600 0x11b4  MBR partitions:
20:54:47.0600 0x11b4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x40, BlocksNum 0x4A856E81
20:54:47.0600 0x11b4  ============================================================
20:54:47.0614 0x11b4  C: <-> \Device\Harddisk0\DR0\Partition4
20:54:47.0635 0x11b4  D: <-> \Device\Harddisk0\DR0\Partition5
20:54:47.0636 0x11b4  M: <-> \Device\Harddisk1\DR1\Partition1
20:54:47.0636 0x11b4  ============================================================
20:54:47.0636 0x11b4  Initialize success
20:54:47.0636 0x11b4  ============================================================
20:54:50.0979 0x1700  ============================================================
20:54:50.0979 0x1700  Scan started
20:54:50.0979 0x1700  Mode: Manual; 
20:54:50.0979 0x1700  ============================================================
20:54:50.0979 0x1700  KSN ping started
20:54:51.0077 0x1700  KSN ping finished: true
20:54:54.0872 0x1700  ================ Scan system memory ========================
20:54:54.0872 0x1700  System memory - ok
20:54:54.0872 0x1700  ================ Scan services =============================
20:54:55.0014 0x1700  1394ohci - ok
20:54:55.0019 0x1700  3ware - ok
20:54:55.0035 0x1700  ACPI - ok
20:54:55.0048 0x1700  AcpiDev - ok
20:54:55.0052 0x1700  acpiex - ok
20:54:55.0057 0x1700  acpipagr - ok
20:54:55.0083 0x1700  AcpiPmi - ok
20:54:55.0088 0x1700  acpitime - ok
20:54:55.0138 0x1700  [ DC00FD73505DAEDD99CAF4533B0C05BD, 2863D1F0587B79254FBE093C191C73892768CF2AC59BEF97745EE66CEE3473AF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:54:55.0141 0x1700  AdobeARMservice - ok
20:54:55.0280 0x1700  [ 1E30AB3A4D3EB916FF6C1B71B9F2331A, 4D1D703CD16FAE5096A8897DDC69C925FA3BFF1F45E1EA55898BF251AF0D3E9A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:54:55.0289 0x1700  AdobeFlashPlayerUpdateSvc - ok
20:54:55.0297 0x1700  ADP80XX - ok
20:54:55.0301 0x1700  AFD - ok
20:54:55.0305 0x1700  ahcache - ok
20:54:55.0352 0x1700  [ 2C37AD878725987DF1A31B3899CB7FD7, B9161DCD5374FA546C4E1D5FBD69788028BC60BA84E67DE7F49B0B7CDD12B097 ] AiChargerDT     C:\WINDOWS\syswow64\drivers\AiChargerDT.sys
20:54:55.0352 0x1700  AiChargerDT - ok
20:54:55.0365 0x1700  AJRouter - ok
20:54:55.0374 0x1700  ALG - ok
20:54:55.0377 0x1700  AmdK8 - ok
20:54:55.0379 0x1700  AmdPPM - ok
20:54:55.0383 0x1700  amdsata - ok
20:54:55.0385 0x1700  amdsbs - ok
20:54:55.0389 0x1700  amdxata - ok
20:54:55.0424 0x1700  [ 2031B877E46AEB934E1434BB52EB3700, EC072DED1D1F727AD89C5AA8062933AF6C1265B1C0D2F43D82574A90D9A907AA ] AmUStor         C:\WINDOWS\system32\drivers\AmUStor.SYS
20:54:55.0426 0x1700  AmUStor - ok
20:54:55.0429 0x1700  AppID - ok
20:54:55.0432 0x1700  AppIDSvc - ok
20:54:55.0445 0x1700  Appinfo - ok
20:54:55.0460 0x1700  applockerfltr - ok
20:54:55.0481 0x1700  AppReadiness - ok
20:54:55.0510 0x1700  AppXSvc - ok
20:54:55.0512 0x1700  arcsas - ok
20:54:55.0536 0x1700  [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO            C:\WINDOWS\syswow64\drivers\AsIO.sys
20:54:55.0537 0x1700  AsIO - ok
20:54:55.0560 0x1700  [ 1392B92179B07B672720763D9B1028A5, B4D47EA790920A4531E3DF5A4B4B0721B7FEA6B49A35679F0652F1E590422602 ] AsUpIO          C:\WINDOWS\syswow64\drivers\AsUpIO.sys
20:54:55.0561 0x1700  AsUpIO - ok
20:54:55.0587 0x1700  [ 9B480B472D6826E7257C90E2D0EE2954, C52C198602D180011A9345AE6F108EC4B1FD91234AF2E6296B2E39C1888B0D4D ] aswHwid         C:\WINDOWS\system32\drivers\aswHwid.sys
20:54:55.0588 0x1700  aswHwid - ok
20:54:55.0598 0x1700  [ 06362BBA1347CBA0996F4B39BB1D8353, 0C6B7B085F13FB7C71E2AF481CD216C6ACB63577DC7E2793182F734378C141DA ] aswKbd          C:\WINDOWS\system32\drivers\aswKbd.sys
20:54:55.0599 0x1700  aswKbd - ok
20:54:55.0623 0x1700  [ 1BB00571CC2C78463ABD7E9C32970758, BF523468754CB1628D66F28B06FAF7C545C5724801B04888517A2FB4BF9582BF ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
20:54:55.0625 0x1700  aswMonFlt - ok
20:54:55.0643 0x1700  [ 7010B57D708DA5C9686A5923EE621776, 5A554B8941C156EC341C602F34679A7475802B19EE6A99AA29AE2628A123ECB1 ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr2.sys
20:54:55.0645 0x1700  aswRdr - ok
20:54:55.0658 0x1700  [ 937885085BFE5BD08EC1BC0245DD203B, 6DDD89245EEA3B8106C5F2EB6FA8CF525F3B42AA7032276DE78953E06FE7F4B4 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
20:54:55.0663 0x1700  aswRvrt - ok
20:54:55.0726 0x1700  [ 0B6352251C5D84130DF4252D33D266C2, C6A2E0074A7FCFB5799949431F5660B9AF6441001EA9B609F7B3900F4007EBD0 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
20:54:55.0741 0x1700  aswSnx - ok
20:54:55.0769 0x1700  [ 28213B34725B18387CC1B8C3D73858A1, D86113D89C62F090B393B68B522581248AEF3568F8FD0FF86B3625F2E6DD4DB8 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
20:54:55.0775 0x1700  aswSP - ok
20:54:55.0788 0x1700  [ 9C58B6E9663D0A76D00D83E43C765BDF, 3F474932E77318CD450A3A9C89667D2B26A7E3FAB9AA95D97FF3B1979623A7F2 ] aswStm          C:\WINDOWS\system32\drivers\aswStm.sys
20:54:55.0795 0x1700  aswStm - ok
20:54:55.0816 0x1700  [ E4ABC023E251D2BB6B98C9FCAF5CF16D, 2A94320A3EF16E641B693BF6EABABB57C891B914B00F73ACD7ADB8CA5089EC40 ] aswTap          C:\WINDOWS\System32\drivers\aswTap.sys
20:54:55.0818 0x1700  aswTap - ok
20:54:55.0859 0x1700  [ D60D9201739400F0FBDB9E36A3212D91, 01A17516AB7F4D2C72E2DC51F7B49D1C4F50F564992F78A71E73821D7F8220E7 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
20:54:55.0880 0x1700  aswVmm - ok
20:54:55.0884 0x1700  AsyncMac - ok
20:54:55.0907 0x1700  atapi - ok
20:54:55.0931 0x1700  AudioEndpointBuilder - ok
20:54:55.0960 0x1700  Audiosrv - ok
20:54:56.0018 0x1700  [ F4E0580B5789474385E7ACB189C4AF2C, DB5BE2C852AC102AB8EB186362E582E250B843BA52B3B71AF08A5FDA8A6F91AF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:54:56.0023 0x1700  avast! Antivirus - ok
20:54:56.0062 0x1700  [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
20:54:56.0066 0x1700  avgntflt - ok
20:54:56.0080 0x1700  [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
20:54:56.0084 0x1700  avipbb - ok
20:54:56.0099 0x1700  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
20:54:56.0101 0x1700  avkmgr - ok
20:54:56.0106 0x1700  AxInstSV - ok
20:54:56.0109 0x1700  b06bdrv - ok
20:54:56.0114 0x1700  BasicDisplay - ok
20:54:56.0119 0x1700  BasicRender - ok
20:54:56.0124 0x1700  bcmfn - ok
20:54:56.0127 0x1700  bcmfn2 - ok
20:54:56.0146 0x1700  BDESVC - ok
20:54:56.0148 0x1700  Beep - ok
20:54:56.0158 0x1700  BFE - ok
20:54:56.0172 0x1700  BITS - ok
20:54:56.0174 0x1700  bowser - ok
20:54:56.0182 0x1700  BrokerInfrastructure - ok
20:54:56.0184 0x1700  Browser - ok
20:54:56.0187 0x1700  BthAvrcpTg - ok
20:54:56.0189 0x1700  BthHFEnum - ok
20:54:56.0191 0x1700  bthhfhid - ok
20:54:56.0193 0x1700  BthHFSrv - ok
20:54:56.0195 0x1700  BTHMODEM - ok
20:54:56.0198 0x1700  bthserv - ok
20:54:56.0226 0x1700  buttonconverter - ok
20:54:56.0228 0x1700  CapImg - ok
20:54:56.0229 0x1700  cdfs - ok
20:54:56.0244 0x1700  CDPSvc - ok
20:54:56.0247 0x1700  CDPUserSvc - ok
20:54:56.0284 0x1700  cdrom - ok
20:54:56.0286 0x1700  CertPropSvc - ok
20:54:56.0288 0x1700  cht4iscsi - ok
20:54:56.0289 0x1700  cht4vbd - ok
20:54:56.0291 0x1700  circlass - ok
20:54:56.0293 0x1700  CLFS - ok
20:54:56.0294 0x1700  ClipSVC - ok
20:54:56.0297 0x1700  clreg - ok
20:54:56.0304 0x1700  CmBatt - ok
20:54:56.0329 0x1700  CNG - ok
20:54:56.0332 0x1700  cnghwassist - ok
20:54:56.0371 0x1700  CompositeBus - ok
20:54:56.0374 0x1700  COMSysApp - ok
20:54:56.0375 0x1700  condrv - ok
20:54:56.0398 0x1700  CoreMessagingRegistrar - ok
20:54:56.0403 0x1700  CryptSvc - ok
20:54:56.0411 0x1700  dam - ok
20:54:56.0424 0x1700  DcomLaunch - ok
20:54:56.0426 0x1700  DcpSvc - ok
20:54:56.0428 0x1700  defragsvc - ok
20:54:56.0440 0x1700  DeviceAssociationService - ok
20:54:56.0442 0x1700  DeviceInstall - ok
20:54:56.0453 0x1700  DevQueryBroker - ok
20:54:56.0462 0x1700  Dfsc - ok
20:54:56.0487 0x1700  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
20:54:56.0489 0x1700  dg_ssudbus - ok
20:54:56.0503 0x1700  Dhcp - ok
20:54:56.0552 0x1700  diagnosticshub.standardcollector.service - ok
20:54:56.0556 0x1700  DiagTrack - ok
20:54:56.0559 0x1700  disk - ok
20:54:56.0571 0x1700  DmEnrollmentSvc - ok
20:54:56.0573 0x1700  dmvsc - ok
20:54:56.0588 0x1700  dmwappushservice - ok
20:54:56.0597 0x1700  Dnscache - ok
20:54:56.0601 0x1700  dot3svc - ok
20:54:56.0604 0x1700  DPS - ok
20:54:56.0614 0x1700  drmkaud - ok
20:54:56.0628 0x1700  DsmSvc - ok
20:54:56.0629 0x1700  DsSvc - ok
20:54:56.0639 0x1700  DXGKrnl - ok
20:54:56.0656 0x1700  [ 160044DF3554871C42F25DA6EC9017F2, 2E135BB1922C033FBA389635EAEC84E698736096FE93438EF005CD5DD23F7793 ] e1dexpress      C:\WINDOWS\system32\DRIVERS\e1d65x64.sys
20:54:56.0663 0x1700  e1dexpress - ok
20:54:56.0676 0x1700  e1iexpress - ok
20:54:56.0688 0x1700  EapHost - ok
20:54:56.0690 0x1700  ebdrv - ok
20:54:56.0711 0x1700  EFS - ok
20:54:56.0713 0x1700  EhStorClass - ok
20:54:56.0740 0x1700  EhStorTcgDrv - ok
20:54:56.0743 0x1700  embeddedmode - ok
20:54:56.0745 0x1700  EntAppSvc - ok
20:54:56.0747 0x1700  ErrDev - ok
20:54:56.0752 0x1700  EventSystem - ok
20:54:56.0754 0x1700  exfat - ok
20:54:56.0756 0x1700  fastfat - ok
20:54:56.0778 0x1700  Fax - ok
20:54:56.0779 0x1700  fdc - ok
20:54:56.0781 0x1700  fdPHost - ok
20:54:56.0784 0x1700  FDResPub - ok
20:54:56.0796 0x1700  fhsvc - ok
20:54:56.0797 0x1700  FileCrypt - ok
20:54:56.0800 0x1700  FileInfo - ok
20:54:56.0802 0x1700  Filetrace - ok
20:54:56.0804 0x1700  flpydisk - ok
20:54:56.0806 0x1700  FltMgr - ok
20:54:56.0822 0x1700  FontCache - ok
20:54:56.0860 0x1700  FontCache3.0.0.0 - ok
20:54:56.0863 0x1700  FrameServer - ok
20:54:56.0867 0x1700  FsDepends - ok
20:54:56.0870 0x1700  Fs_Rec - ok
20:54:56.0874 0x1700  fvevol - ok
20:54:56.0878 0x1700  gencounter - ok
20:54:56.0881 0x1700  genericusbfn - ok
20:54:56.0993 0x1700  [ F78BC07DCED5EDDD6D477E923620F8EA, ABE28155100A38A5E1B58FFC8099EF416145278B440A67B8DAFD7715FE412624 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
20:54:57.0045 0x1700  GfExperienceService - ok
20:54:57.0051 0x1700  GPIOClx0101 - ok
20:54:57.0064 0x1700  gpsvc - ok
20:54:57.0067 0x1700  GpuEnergyDrv - ok
20:54:57.0139 0x1700  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:54:57.0146 0x1700  gupdate - ok
20:54:57.0160 0x1700  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:54:57.0163 0x1700  gupdatem - ok
20:54:57.0169 0x1700  HDAudBus - ok
20:54:57.0173 0x1700  HidBatt - ok
20:54:57.0178 0x1700  HidBth - ok
20:54:57.0182 0x1700  hidi2c - ok
20:54:57.0187 0x1700  hidinterrupt - ok
20:54:57.0190 0x1700  HidIr - ok
20:54:57.0193 0x1700  hidserv - ok
20:54:57.0209 0x1700  HidUsb - ok
20:54:57.0211 0x1700  HomeGroupListener - ok
20:54:57.0226 0x1700  HomeGroupProvider - ok
20:54:57.0228 0x1700  HpSAMD - ok
20:54:57.0238 0x1700  HTTP - ok
20:54:57.0258 0x1700  [ 5004E766075BADA25608489A7C649698, 685D6F5B99C06EF091BB126CA3FEADCA3ED3C05DD78B6709AF04A1DD0A030BAE ] huawei_cdcacm   C:\WINDOWS\system32\DRIVERS\ew_jucdcacm.sys
20:54:57.0261 0x1700  huawei_cdcacm - ok
20:54:57.0281 0x1700  [ D49D4E7B70AD6B1D04771AC1F7DB79C7, 093D8343CF769FC805308ED357EEF30E3D78569B817A20FE9884863A1FDBC028 ] huawei_enumerator C:\WINDOWS\System32\drivers\ew_jubusenum.sys
20:54:57.0283 0x1700  huawei_enumerator - ok
20:54:57.0302 0x1700  [ 25002C5DF71CF206569A408B3E0E523C, 49E0938FAFBA828D70DA183B96D2F52A2330A0E59510FC282821C3AD2A42EE46 ] huawei_wwanecm  C:\WINDOWS\system32\DRIVERS\ew_juwwanecm.sys
20:54:57.0306 0x1700  huawei_wwanecm - ok
20:54:57.0309 0x1700  HvHost - ok
20:54:57.0334 0x1700  hvservice - ok
20:54:57.0381 0x1700  [ C08814014290BF3AD581C0E9C5919269, 9C16822AC6B8977AAEFDB54C2B4295546461DD888060B62223EF20151790C934 ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
20:54:57.0387 0x1700  HWDeviceService64.exe - ok
20:54:57.0452 0x1700  [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32        C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS
20:54:57.0453 0x1700  HWiNFO32 - ok
20:54:57.0456 0x1700  hwpolicy - ok
20:54:57.0458 0x1700  hyperkbd - ok
20:54:57.0470 0x1700  i8042prt - ok
20:54:57.0473 0x1700  iagpio - ok
20:54:57.0475 0x1700  iai2c - ok
20:54:57.0477 0x1700  iaLPSS2i_GPIO2 - ok
20:54:57.0480 0x1700  iaLPSS2i_I2C - ok
20:54:57.0482 0x1700  iaLPSSi_GPIO - ok
20:54:57.0487 0x1700  iaLPSSi_I2C - ok
20:54:57.0539 0x1700  [ 0609694A9C4D6C71319732FA82C6E5C5, 5507D20AB9C86B11564C953C6F535976A0D201295C642EA0CABF435DAD908251 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
20:54:57.0557 0x1700  iaStorA - ok
20:54:57.0561 0x1700  iaStorAV - ok
20:54:57.0612 0x1700  [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:54:57.0612 0x1700  IAStorDataMgrSvc - ok
20:54:57.0615 0x1700  iaStorV - ok
20:54:57.0617 0x1700  ibbus - ok
20:54:57.0628 0x1700  icssvc - ok
20:54:57.0630 0x1700  IKEEXT - ok
20:54:57.0632 0x1700  IndirectKmd - ok
20:54:57.0753 0x1700  [ C90987B09CF3873F6444D577050D19EB, 44E2C63C57581A0F71A32E0F65E820E8E67879C375DB5B8E91CFF0ED51877DED ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
20:54:57.0811 0x1700  IntcAzAudAddService - ok
20:54:57.0861 0x1700  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
20:54:57.0879 0x1700  Intel(R) Capability Licensing Service Interface - ok
20:54:57.0906 0x1700  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
20:54:57.0923 0x1700  Intel(R) Capability Licensing Service TCP IP Interface - ok
20:54:57.0938 0x1700  [ CBF7341E55A8348C7AB01A9870C7D948, A5084DF3C6321788C88A9E6B5F43FE5BCFDBB579BDE3A4D5F55558C6D13035A5 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
20:54:57.0944 0x1700  Intel(R) PROSet Monitoring Service - ok
20:54:57.0952 0x1700  intelide - ok
20:54:57.0954 0x1700  intelpep - ok
20:54:57.0956 0x1700  intelppm - ok
20:54:58.0025 0x1700  [ 477BE2027FB0E5F50A6CD424BFDB3BAA, B9311F9F9685D13FA83B1E168EB6D3555ABAA8C402B4C47EB2629BA6F11444E8 ] Internet Manager. RunOuc C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe
20:54:58.0032 0x1700  Internet Manager. RunOuc - ok
20:54:58.0036 0x1700  iorate - ok
20:54:58.0038 0x1700  IpFilterDriver - ok
20:54:58.0069 0x1700  iphlpsvc - ok
20:54:58.0071 0x1700  IPMIDRV - ok
20:54:58.0072 0x1700  IPNAT - ok
20:54:58.0074 0x1700  irda - ok
20:54:58.0076 0x1700  IRENUM - ok
20:54:58.0078 0x1700  irmon - ok
20:54:58.0080 0x1700  isapnp - ok
20:54:58.0082 0x1700  iScsiPrt - ok
20:54:58.0102 0x1700  kbdclass - ok
20:54:58.0111 0x1700  kbdhid - ok
20:54:58.0127 0x1700  kdnic - ok
20:54:58.0154 0x1700  KeyIso - ok
20:54:58.0167 0x1700  KSecDD - ok
20:54:58.0176 0x1700  KSecPkg - ok
20:54:58.0178 0x1700  ksthunk - ok
20:54:58.0193 0x1700  KtmRm - ok
20:54:58.0199 0x1700  LanmanServer - ok
20:54:58.0201 0x1700  LanmanWorkstation - ok
20:54:58.0204 0x1700  lfsvc - ok
20:54:58.0206 0x1700  LicenseManager - ok
20:54:58.0208 0x1700  lltdio - ok
20:54:58.0210 0x1700  lltdsvc - ok
20:54:58.0213 0x1700  lmhosts - ok
20:54:58.0216 0x1700  LSI_SAS - ok
20:54:58.0219 0x1700  LSI_SAS2i - ok
20:54:58.0222 0x1700  LSI_SAS3i - ok
20:54:58.0250 0x1700  LSI_SSS - ok
20:54:58.0261 0x1700  LSM - ok
20:54:58.0263 0x1700  luafv - ok
20:54:58.0279 0x1700  MapsBroker - ok
20:54:58.0281 0x1700  megasas - ok
20:54:58.0301 0x1700  megasas2i - ok
20:54:58.0303 0x1700  megasr - ok
20:54:58.0324 0x1700  [ 1039E2C190060B1A51289B47493DA456, 96B67CD5341F6118063F1C318DDAC86089966E274FEB4EC46F934BBE98C01032 ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
20:54:58.0327 0x1700  MEIx64 - ok
20:54:58.0347 0x1700  [ 1595FECFFBE9EA2417E06D5FD0BFA4C4, 96006C7F19FDC1700EEBA870F96433D3260DEA06AD7215EAD8F1D74C953E1B50 ] MEMSWEEP2       C:\Windows\system32\2284.tmp
20:54:58.0348 0x1700  MEMSWEEP2 - ok
20:54:58.0351 0x1700  MessagingService - ok
20:54:58.0354 0x1700  mlx4_bus - ok
20:54:58.0355 0x1700  MMCSS - ok
20:54:58.0357 0x1700  Modem - ok
20:54:58.0359 0x1700  monitor - ok
20:54:58.0361 0x1700  mouclass - ok
20:54:58.0363 0x1700  mouhid - ok
20:54:58.0365 0x1700  mountmgr - ok
20:54:58.0390 0x1700  [ 572BD5A99648652147A5D3C6DA946C99, FFDAD4A5682864977C926A5DDDB632CDB2A166BF025757801CC56F2828720023 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:54:58.0393 0x1700  MozillaMaintenance - ok
20:54:58.0395 0x1700  mpsdrv - ok
20:54:58.0397 0x1700  MpsSvc - ok
20:54:58.0407 0x1700  MRxDAV - ok
20:54:58.0409 0x1700  mrxsmb - ok
20:54:58.0411 0x1700  mrxsmb10 - ok
20:54:58.0419 0x1700  mrxsmb20 - ok
20:54:58.0421 0x1700  MsBridge - ok
20:54:58.0437 0x1700  MSDTC - ok
20:54:58.0441 0x1700  Msfs - ok
20:54:58.0443 0x1700  msgpiowin32 - ok
20:54:58.0445 0x1700  mshidkmdf - ok
20:54:58.0447 0x1700  mshidumdf - ok
20:54:58.0449 0x1700  msisadrv - ok
20:54:58.0471 0x1700  MSiSCSI - ok
20:54:58.0472 0x1700  msiserver - ok
20:54:58.0474 0x1700  MSKSSRV - ok
20:54:58.0476 0x1700  MsLldp - ok
20:54:58.0478 0x1700  MSPCLOCK - ok
20:54:58.0480 0x1700  MSPQM - ok
20:54:58.0482 0x1700  MsRPC - ok
20:54:58.0501 0x1700  mssmbios - ok
20:54:58.0503 0x1700  MSTEE - ok
20:54:58.0505 0x1700  MTConfig - ok
20:54:58.0506 0x1700  Mup - ok
20:54:58.0508 0x1700  mvumis - ok
20:54:58.0525 0x1700  NativeWifiP - ok
20:54:58.0526 0x1700  NcaSvc - ok
20:54:58.0538 0x1700  NcbService - ok
20:54:58.0539 0x1700  NcdAutoSetup - ok
20:54:58.0541 0x1700  ndfltr - ok
20:54:58.0552 0x1700  NDIS - ok
20:54:58.0554 0x1700  NdisCap - ok
20:54:58.0556 0x1700  NdisImPlatform - ok
20:54:58.0558 0x1700  NdisTapi - ok
20:54:58.0561 0x1700  Ndisuio - ok
20:54:58.0563 0x1700  NdisVirtualBus - ok
20:54:58.0565 0x1700  NdisWan - ok
20:54:58.0567 0x1700  ndiswanlegacy - ok
20:54:58.0570 0x1700  ndproxy - ok
20:54:58.0572 0x1700  Ndu - ok
20:54:58.0574 0x1700  NetAdapterCx - ok
20:54:58.0576 0x1700  NetBIOS - ok
20:54:58.0579 0x1700  NetBT - ok
20:54:58.0581 0x1700  Netlogon - ok
20:54:58.0585 0x1700  Netman - ok
20:54:58.0588 0x1700  netprofm - ok
20:54:58.0590 0x1700  NetSetupSvc - ok
20:54:58.0632 0x1700  NetTcpPortSharing - ok
20:54:58.0636 0x1700  NgcCtnrSvc - ok
20:54:58.0648 0x1700  NgcSvc - ok
20:54:58.0651 0x1700  NlaSvc - ok
20:54:58.0654 0x1700  Npfs - ok
20:54:58.0656 0x1700  npsvctrig - ok
20:54:58.0659 0x1700  nsi - ok
20:54:58.0661 0x1700  nsiproxy - ok
20:54:58.0676 0x1700  NTFS - ok
20:54:58.0679 0x1700  Null - ok
20:54:58.0704 0x1700  [ 417F5789073BE7B3DE45C308F3C527DF, 5137D7451D8D58BF5D7FFDF83F8C72CAAB05AFE237318FC4E1AE06F4FFE5CBFD ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
20:54:58.0708 0x1700  NVHDA - ok
20:54:59.0007 0x1700  [ DB3FFDB8FB4D08E834B54B858D50DDBE, 3D6437E72FF96BACE0EC1C19C227800E3A6A89239630D71E1D46E0B3AA6CE40C ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d3851cb7c8216f9e\nvlddmkm.sys
20:54:59.0173 0x1700  nvlddmkm - ok
20:54:59.0274 0x1700  [ 020F45E362D3B57CCC5735582BB1A6EC, E2D953CEF208528382153D06FED8394BEB52657C547E4D2D2954E537C9A382DC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
20:54:59.0321 0x1700  NvNetworkService - ok
20:54:59.0325 0x1700  nvraid - ok
20:54:59.0327 0x1700  nvstor - ok
20:54:59.0371 0x1700  [ F82BCEB9F57B2959F6AAE2A3DDA892A8, 5B02C74BAF0E12B84F239B1449DAA955B28BD5BA7D35D315DB57F45E042E0DB3 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
20:54:59.0372 0x1700  NvStreamKms - ok
20:54:59.0448 0x1700  [ 9209D57C1AA24841EF8D5DE6A5B2AAEB, C1A53621F5361DCE9C962A9B9B586D1904901C9EC20EFCA76C40ADCD98BEDF3C ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
20:54:59.0510 0x1700  NvStreamNetworkSvc - ok
20:54:59.0591 0x1700  [ 0EDF9504CA5174075BA5902AFC1F57C8, 8E210E71BA91813D3BB6B59E5F6AD0889711336AD12B1B1C67CCC882A6ED3E53 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
20:54:59.0647 0x1700  NvStreamSvc - ok
20:54:59.0691 0x1700  [ 403522070F1C1020B9EB862ED989CD87, 01A63D0DA8B47DDE9D2FCF5923529FCA5ABF4154CFFA6D0E10087E3CA5477436 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
20:54:59.0738 0x1700  nvsvc - ok
20:54:59.0765 0x1700  [ 38175904276F86EA4704EC13B77FB4B0, 4965BCF17E3D9EE4CE2E4DC158C5E7179C3ABBAE9D640FBCFFBCA973F21DDDF6 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
20:54:59.0767 0x1700  nvvad_WaveExtensible - ok
20:54:59.0789 0x1700  OneSyncSvc - ok
20:54:59.0800 0x1700  p2pimsvc - ok
20:54:59.0802 0x1700  p2psvc - ok
20:54:59.0804 0x1700  Parport - ok
20:54:59.0819 0x1700  partmgr - ok
20:54:59.0822 0x1700  PcaSvc - ok
20:54:59.0843 0x1700  [ D723D2C98598B0DF5832427740B2825D, C2B26A1F4FA2B43D842954403F134908D77892FF4BF7F320D692E685846D5C97 ] pci             C:\WINDOWS\system32\drivers\pci.sys
20:54:59.0848 0x1700  pci - ok
20:54:59.0864 0x1700  pciide - ok
20:54:59.0867 0x1700  pcmcia - ok
20:54:59.0869 0x1700  pcw - ok
20:54:59.0882 0x1700  pdc - ok
20:54:59.0901 0x1700  PEAUTH - ok
20:54:59.0904 0x1700  percsas2i - ok
20:54:59.0906 0x1700  percsas3i - ok
20:54:59.0963 0x1700  PerfHost - ok
20:54:59.0991 0x1700  PhoneSvc - ok
20:55:00.0016 0x1700  PimIndexMaintenanceSvc - ok
20:55:00.0019 0x1700  pla - ok
20:55:00.0025 0x1700  PlugPlay - ok
20:55:00.0027 0x1700  PNRPAutoReg - ok
20:55:00.0029 0x1700  PNRPsvc - ok
20:55:00.0035 0x1700  PolicyAgent - ok
20:55:00.0038 0x1700  Power - ok
20:55:00.0040 0x1700  PptpMiniport - ok
20:55:00.0132 0x1700  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
20:55:00.0309 0x1700  PrintNotify - ok
20:55:00.0315 0x1700  Processor - ok
20:55:00.0328 0x1700  ProfSvc - ok
20:55:00.0343 0x1700  Psched - ok
20:55:00.0345 0x1700  QWAVE - ok
20:55:00.0347 0x1700  QWAVEdrv - ok
20:55:00.0349 0x1700  RasAcd - ok
20:55:00.0352 0x1700  RasAgileVpn - ok
20:55:00.0355 0x1700  RasAuto - ok
20:55:00.0357 0x1700  Rasl2tp - ok
20:55:00.0379 0x1700  RasMan - ok
20:55:00.0380 0x1700  RasPppoe - ok
20:55:00.0382 0x1700  RasSstp - ok
20:55:00.0393 0x1700  rdbss - ok
20:55:00.0397 0x1700  rdpbus - ok
20:55:00.0399 0x1700  RDPDR - ok
20:55:00.0445 0x1700  RdpVideoMiniport - ok
20:55:00.0447 0x1700  rdyboost - ok
20:55:00.0452 0x1700  ReFSv1 - ok
20:55:00.0469 0x1700  RemoteAccess - ok
20:55:00.0472 0x1700  RemoteRegistry - ok
20:55:00.0479 0x1700  RetailDemo - ok
20:55:00.0481 0x1700  RmSvc - ok
20:55:00.0483 0x1700  RpcEptMapper - ok
20:55:00.0496 0x1700  RpcLocator - ok
20:55:00.0499 0x1700  RpcSs - ok
20:55:00.0500 0x1700  rspndr - ok
20:55:00.0504 0x1700  s3cap - ok
20:55:00.0537 0x1700  SamSs - ok
20:55:00.0555 0x1700  [ 6D6E490C65D2E222BF51B02D45C1C26A, 2780D239823C14BC42965E8E0034E98F300AEF222B09F02BC00DDA527A86E666 ] Samsung Network Fax Server C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxServer64.exe
20:55:00.0563 0x1700  Samsung Network Fax Server - ok
20:55:00.0566 0x1700  Samsung Printer Dianostics Service - ok
20:55:00.0589 0x1700  [ CCFCF96CB350DA48AFDCB221CA999ADA, 7E5490652E367D1EA0400ED95788AFB4E067373E5F8BF73165B7F7FDE20D1B27 ] SamsungUPDUtilSvc C:\WINDOWS\SysWoW64\SecUPDUtilSvc.exe
20:55:00.0597 0x1700  SamsungUPDUtilSvc - ok
20:55:00.0600 0x1700  sbp2port - ok
20:55:00.0603 0x1700  SCardSvr - ok
20:55:00.0629 0x1700  ScDeviceEnum - ok
20:55:00.0631 0x1700  scfilter - ok
20:55:00.0633 0x1700  Schedule - ok
20:55:00.0636 0x1700  scmbus - ok
20:55:00.0639 0x1700  scmdisk0101 - ok
20:55:00.0650 0x1700  SCPolicySvc - ok
20:55:00.0661 0x1700  sdbus - ok
20:55:00.0663 0x1700  SDRSVC - ok
20:55:00.0665 0x1700  sdstor - ok
20:55:00.0667 0x1700  seclogon - ok
20:55:00.0684 0x1700  [ 07F83829E7429E60298440CD1E601A6A, 9F1229CD8DD9092C27A01F5D56E3C0D59C2BB9F0139ABF042E56F343637FDA33 ] semav6msr64     C:\WINDOWS\system32\drivers\semav6msr64.sys
20:55:00.0686 0x1700  semav6msr64 - ok
20:55:00.0689 0x1700  SENS - ok
20:55:00.0697 0x1700  SensorDataService - ok
20:55:00.0714 0x1700  SensorService - ok
20:55:00.0716 0x1700  SensrSvc - ok
20:55:00.0718 0x1700  SerCx - ok
20:55:00.0721 0x1700  SerCx2 - ok
20:55:00.0723 0x1700  Serenum - ok
20:55:00.0725 0x1700  Serial - ok
20:55:00.0727 0x1700  sermouse - ok
20:55:00.0734 0x1700  SessionEnv - ok
20:55:00.0737 0x1700  sfloppy - ok
20:55:00.0760 0x1700  SharedAccess - ok
20:55:00.0764 0x1700  ShellHWDetection - ok
20:55:00.0775 0x1700  shpamsvc - ok
20:55:00.0777 0x1700  SiSRaid2 - ok
20:55:00.0780 0x1700  SiSRaid4 - ok
20:55:00.0805 0x1700  [ 4C51055DA5FF23500EA6FE587EBE26E6, AD2B90FBE4B7989E7715BC566DDE012DE65C1173392232E039A4AAD368AF5075 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
20:55:00.0806 0x1700  SmbDrvI - ok
20:55:00.0828 0x1700  smphost - ok
20:55:00.0830 0x1700  SmsRouter - ok
20:55:00.0840 0x1700  SNMPTRAP - ok
20:55:00.0909 0x1700  [ 43AC4C5CC233BCE9D7C46DA0E7EC0676, DC41B118A43A5B8401FA4848DD113976077A32147944FD948AA61AFDF6639E5B ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
20:55:00.0916 0x1700  spaceport - ok
20:55:00.0921 0x1700  SpbCx - ok
20:55:00.0923 0x1700  Spooler - ok
20:55:00.0926 0x1700  sppsvc - ok
20:55:00.0937 0x1700  srv - ok
20:55:00.0948 0x1700  srv2 - ok
20:55:00.0954 0x1700  srvnet - ok
20:55:00.0963 0x1700  SSDPSRV - ok
20:55:00.0978 0x1700  [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
20:55:00.0979 0x1700  SSPORT - ok
20:55:00.0982 0x1700  SstpSvc - ok
20:55:01.0001 0x1700  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
20:55:01.0005 0x1700  ssudmdm - ok
20:55:01.0020 0x1700  StateRepository - ok
20:55:01.0087 0x1700  [ 8AD39F3C6C0ACD29D875905C5F20E6DA, 414053EFA8F4730F5ABB25C5ECA10695A04087471754A22F6B25EED9955A3B09 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
20:55:01.0098 0x1700  Stereo Service - ok
20:55:01.0104 0x1700  stexstor - ok
20:55:01.0110 0x1700  stisvc - ok
20:55:01.0132 0x1700  [ 53EB8CE34B55A1EE63424C8DB7388BFC, 5AB59117BA8A2844EB8693CCC19B217AE039B28C87519F96E1C845FE9BF456C2 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
20:55:01.0136 0x1700  storahci - ok
20:55:01.0139 0x1700  storflt - ok
20:55:01.0150 0x1700  [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
20:55:01.0152 0x1700  stornvme - ok
20:55:01.0155 0x1700  storqosflt - ok
20:55:01.0170 0x1700  StorSvc - ok
20:55:01.0173 0x1700  storufs - ok
20:55:01.0176 0x1700  storvsc - ok
20:55:01.0179 0x1700  svsvc - ok
20:55:01.0182 0x1700  swenum - ok
20:55:01.0186 0x1700  swprv - ok
20:55:01.0209 0x1700  Synth3dVsc - ok
20:55:01.0212 0x1700  SysMain - ok
20:55:01.0217 0x1700  SystemEventsBroker - ok
20:55:01.0266 0x1700  [ 2BE3A44B764D6C43CBF4650E862CB807, 78920DA47F3A0C26503FB62EF159455A860E57A9A39C72AEE23A9324168EC1D2 ] SystemUsageReportSvc_WILLAMETTE C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
20:55:01.0268 0x1700  SystemUsageReportSvc_WILLAMETTE - ok
20:55:01.0284 0x1700  TabletInputService - ok
20:55:01.0287 0x1700  TapiSrv - ok
20:55:01.0293 0x1700  Tcpip - ok
20:55:01.0295 0x1700  Tcpip6 - ok
20:55:01.0310 0x1700  tcpipreg - ok
20:55:01.0314 0x1700  tdx - ok
20:55:01.0317 0x1700  terminpt - ok
20:55:01.0321 0x1700  TermService - ok
20:55:01.0324 0x1700  Themes - ok
20:55:01.0342 0x1700  TieringEngineService - ok
20:55:01.0344 0x1700  tiledatamodelsvc - ok
20:55:01.0347 0x1700  TimeBrokerSvc - ok
20:55:01.0378 0x1700  [ 3D04046C468AD2868A093925B5E2AA0A, 44696259BEF49AC200DEE146DE0E4375B0CD09F9356CCFA22BD7AD8B53E48658 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
20:55:01.0383 0x1700  TPM - ok
20:55:01.0387 0x1700  TrkWks - ok
20:55:01.0399 0x1700  TrustedInstaller - ok
20:55:01.0403 0x1700  tsusbflt - ok
20:55:01.0407 0x1700  TsUsbGD - ok
20:55:01.0410 0x1700  tunnel - ok
20:55:01.0434 0x1700  tzautoupdate - ok
20:55:01.0437 0x1700  UASPStor - ok
20:55:01.0440 0x1700  UcmCx0101 - ok
20:55:01.0463 0x1700  UcmTcpciCx0101 - ok
20:55:01.0466 0x1700  UcmUcsi - ok
20:55:01.0469 0x1700  Ucx01000 - ok
20:55:01.0472 0x1700  UdeCx - ok
20:55:01.0475 0x1700  udfs - ok
20:55:01.0480 0x1700  UEFI - ok
20:55:01.0482 0x1700  Ufx01000 - ok
20:55:01.0485 0x1700  UfxChipidea - ok
20:55:01.0489 0x1700  ufxsynopsys - ok
20:55:01.0496 0x1700  UI0Detect - ok
20:55:01.0499 0x1700  umbus - ok
20:55:01.0502 0x1700  UmPass - ok
20:55:01.0506 0x1700  UmRdpService - ok
20:55:01.0509 0x1700  UnistoreSvc - ok
20:55:01.0530 0x1700  upnphost - ok
20:55:01.0532 0x1700  UrsChipidea - ok
20:55:01.0534 0x1700  UrsCx01000 - ok
20:55:01.0537 0x1700  UrsSynopsys - ok
20:55:01.0543 0x1700  usbaudio - ok
20:55:01.0546 0x1700  usbccgp - ok
20:55:01.0548 0x1700  usbcir - ok
20:55:01.0551 0x1700  usbehci - ok
20:55:01.0553 0x1700  usbhub - ok
20:55:01.0556 0x1700  USBHUB3 - ok
20:55:01.0559 0x1700  usbohci - ok
20:55:01.0562 0x1700  usbprint - ok
20:55:01.0584 0x1700  [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:55:01.0586 0x1700  usbscan - ok
20:55:01.0589 0x1700  usbser - ok
20:55:01.0603 0x1700  USBSTOR - ok
20:55:01.0605 0x1700  usbuhci - ok
20:55:01.0608 0x1700  USBXHCI - ok
20:55:01.0610 0x1700  UserDataSvc - ok
20:55:01.0637 0x1700  UserManager - ok
20:55:01.0701 0x1700  [ F4D8F67474DDA4FEF3935393AAA0173F, 5EB1700895E33972816DE4C2B920769CCE5580B83CAB8B2D7A8A6264F3A42B80 ] USER_ESRV_SVC_WILLAMETTE C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
20:55:01.0707 0x1700  USER_ESRV_SVC_WILLAMETTE - ok
20:55:01.0726 0x1700  UsoSvc - ok
20:55:01.0745 0x1700  VaultSvc - ok
20:55:01.0784 0x1700  [ 0EB68D00C7D3825EBCB8C47018FE2A93, 6A5E675A76AA86ED3C21247D54D4B767BA44D6785DE83FB7946EAD893A9FD5DF ] VBoxDrv         C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
20:55:01.0795 0x1700  VBoxDrv - ok
20:55:01.0823 0x1700  [ 82902F80FADDC9BE4AFDAE63430827EE, DEED31F02F68B3E3A9414147F71373F73B195205FAEC3606B5540AE29762A3D1 ] VBoxUSBMon      C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
20:55:01.0826 0x1700  VBoxUSBMon - ok
20:55:01.0829 0x1700  vdrvroot - ok
20:55:01.0831 0x1700  vds - ok
20:55:01.0834 0x1700  VerifierExt - ok
20:55:01.0836 0x1700  vhdmp - ok
20:55:01.0839 0x1700  vhf - ok
20:55:01.0841 0x1700  vmbus - ok
20:55:01.0843 0x1700  VMBusHID - ok
20:55:01.0846 0x1700  vmgid - ok
20:55:01.0849 0x1700  vmicguestinterface - ok
20:55:01.0851 0x1700  vmicheartbeat - ok
20:55:01.0854 0x1700  vmickvpexchange - ok
20:55:01.0876 0x1700  vmicrdv - ok
20:55:01.0878 0x1700  vmicshutdown - ok
20:55:01.0881 0x1700  vmictimesync - ok
20:55:01.0883 0x1700  vmicvmsession - ok
20:55:01.0885 0x1700  vmicvss - ok
20:55:01.0889 0x1700  volmgr - ok
20:55:01.0891 0x1700  volmgrx - ok
20:55:01.0894 0x1700  volsnap - ok
20:55:01.0896 0x1700  volume - ok
20:55:01.0909 0x1700  [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
20:55:01.0911 0x1700  vpci - ok
20:55:01.0914 0x1700  vsmraid - ok
20:55:01.0916 0x1700  VSS - ok
20:55:01.0918 0x1700  VSTXRAID - ok
20:55:01.0922 0x1700  vwifibus - ok
20:55:01.0925 0x1700  vwififlt - ok
20:55:01.0927 0x1700  W32Time - ok
20:55:01.0930 0x1700  WacomPen - ok
20:55:01.0938 0x1700  WalletService - ok
20:55:01.0942 0x1700  wanarp - ok
20:55:01.0945 0x1700  wanarpv6 - ok
20:55:01.0949 0x1700  wbengine - ok
20:55:02.0033 0x1700  WbioSrvc - ok
20:55:02.0044 0x1700  wcifs - ok
20:55:02.0069 0x1700  Wcmsvc - ok
20:55:02.0079 0x1700  wcncsvc - ok
20:55:02.0081 0x1700  wcnfs - ok
20:55:02.0084 0x1700  WdBoot - ok
20:55:02.0109 0x1700  Wdf01000 - ok
20:55:02.0114 0x1700  WdFilter - ok
20:55:02.0118 0x1700  WdiServiceHost - ok
20:55:02.0121 0x1700  WdiSystemHost - ok
20:55:02.0201 0x1700  wdiwifi - ok
20:55:02.0204 0x1700  WdNisDrv - ok
20:55:02.0218 0x1700  WdNisSvc - ok
20:55:02.0262 0x1700  WebClient - ok
20:55:02.0270 0x1700  Wecsvc - ok
20:55:02.0273 0x1700  WEPHOSTSVC - ok
20:55:02.0279 0x1700  wercplsupport - ok
20:55:02.0282 0x1700  WerSvc - ok
20:55:02.0284 0x1700  WFPLWFS - ok
20:55:02.0287 0x1700  WiaRpc - ok
20:55:02.0289 0x1700  WIMMount - ok
20:55:02.0291 0x1700  WinDefend - ok
20:55:02.0297 0x1700  WindowsTrustedRT - ok
20:55:02.0299 0x1700  WindowsTrustedRTProxy - ok
20:55:02.0302 0x1700  WinHttpAutoProxySvc - ok
20:55:02.0306 0x1700  WinMad - ok
20:55:02.0331 0x1700  Winmgmt - ok
20:55:02.0338 0x1700  WinRM - ok
20:55:02.0343 0x1700  WINUSB - ok
20:55:02.0345 0x1700  WinVerbs - ok
20:55:02.0351 0x1700  wisvc - ok
20:55:02.0353 0x1700  WlanSvc - ok
20:55:02.0356 0x1700  wlidsvc - ok
20:55:02.0358 0x1700  WmiAcpi - ok
20:55:02.0362 0x1700  wmiApSrv - ok
20:55:02.0382 0x1700  Wof - ok
20:55:02.0387 0x1700  workfolderssvc - ok
20:55:02.0390 0x1700  WPDBusEnum - ok
20:55:02.0392 0x1700  WpdUpFltr - ok
20:55:02.0395 0x1700  WpnService - ok
20:55:02.0397 0x1700  WpnUserService - ok
20:55:02.0402 0x1700  ws2ifsl - ok
20:55:02.0405 0x1700  wscsvc - ok
20:55:02.0407 0x1700  WSearch - ok
20:55:02.0427 0x1700  wuauserv - ok
20:55:02.0429 0x1700  WudfPf - ok
20:55:02.0432 0x1700  WUDFRd - ok
20:55:02.0435 0x1700  wudfsvc - ok
20:55:02.0438 0x1700  WUDFWpdFs - ok
20:55:02.0441 0x1700  WUDFWpdMtp - ok
20:55:02.0445 0x1700  WwanSvc - ok
20:55:02.0475 0x1700  XblAuthManager - ok
20:55:02.0497 0x1700  XblGameSave - ok
20:55:02.0500 0x1700  xboxgip - ok
20:55:02.0503 0x1700  XboxNetApiSvc - ok
20:55:02.0518 0x1700  xinputhid - ok
20:55:02.0520 0x1700  ================ Scan global ===============================
20:55:02.0551 0x1700  [ Global ] - ok
20:55:02.0551 0x1700  ================ Scan MBR ==================================
20:55:02.0682 0x1700  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
20:55:02.0701 0x1700  \Device\Harddisk0\DR0 - ok
20:55:02.0704 0x1700  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
20:55:04.0258 0x1700  \Device\Harddisk1\DR1 - ok
20:55:04.0259 0x1700  ================ Scan VBR ==================================
20:55:04.0260 0x1700  [ 587AF438E07D18A66A9D67581F1981EB ] \Device\Harddisk0\DR0\Partition1
20:55:04.0261 0x1700  \Device\Harddisk0\DR0\Partition1 - ok
20:55:04.0273 0x1700  [ F0A90E9E1E864AEFDA1825C06612C4D3 ] \Device\Harddisk0\DR0\Partition2
20:55:04.0273 0x1700  \Device\Harddisk0\DR0\Partition2 - ok
20:55:04.0278 0x1700  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
20:55:04.0278 0x1700  \Device\Harddisk0\DR0\Partition3 - ok
20:55:04.0287 0x1700  [ A7CF1CA9CA68F8942F604E2D195C4202 ] \Device\Harddisk0\DR0\Partition4
20:55:04.0288 0x1700  \Device\Harddisk0\DR0\Partition4 - ok
20:55:04.0302 0x1700  [ EBA3075488927C8178708E4E210BFE37 ] \Device\Harddisk0\DR0\Partition5
20:55:04.0303 0x1700  \Device\Harddisk0\DR0\Partition5 - ok
20:55:04.0330 0x1700  [ F7E3ECACEDF1938DFBA4EBBA4AED0F37 ] \Device\Harddisk0\DR0\Partition6
20:55:04.0331 0x1700  \Device\Harddisk0\DR0\Partition6 - ok
20:55:04.0332 0x1700  [ DC05028BBC79DC633D20D6BDA346CAA2 ] \Device\Harddisk1\DR1\Partition1
20:55:04.0333 0x1700  \Device\Harddisk1\DR1\Partition1 - ok
20:55:04.0333 0x1700  ================ Scan generic autorun ======================
20:55:04.0561 0x1700  [ 7F6A71A4E0C8D99679C780F4AF2AE8CD, ADB754096A0C74632BA8FF1014CCB6C5CE69CD60F1C8B7256F29900D51D2766F ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
20:55:04.0656 0x1700  RTHDVCPL - ok
20:55:04.0701 0x1700  [ BE1D49B34D9B43F2EAA62D861160E7A8, F8F7FFBC2EB37442DA528A128F989A5F440822F363CAFC6AFEAD1492B7FB83C5 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
20:55:04.0717 0x1700  RtHDVBg - ok
20:55:04.0757 0x1700  [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
20:55:04.0758 0x1700  IAStorIcon - ok
20:55:04.0826 0x1700  [ 94A8196066774252DF015EEDF02CCA44, AD2DFDA427E3CCB5C8404F0AFAFE71C64B862D2E26A67E1BFC2B40738FD0B873 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
20:55:04.0852 0x1700  NvBackend - ok
20:55:04.0869 0x1700  ShadowPlay - ok
20:55:04.0905 0x1700  [ 8CC5E4DB25E4C22A308E2820E69D4950, A53BBE06FF226DA7E37C3ADA881AF4F856E439553DFA7D10DDECB07196545B39 ] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
20:55:04.0910 0x1700  CDAServer - ok
20:55:04.0986 0x1700  [ FE18DDEA98D90DBF850AFCA0158ABEC8, 8EC0099B560CC23DA6D26A71A202667D1A7C4BC37CE0F9F3458EA40440541D06 ] C:\Program Files\Everything\Everything.exe
20:55:05.0030 0x1700  Everything - ok
20:55:05.0267 0x1700  [ CC84336ECBD7A97CEE502360AF5CE915, 6B87ACFC8E7628A422F3089BACFB1BA90C1A1F7C883986CFFD1E8DC1BB5A0FCA ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
20:55:05.0365 0x1700  AvastUI.exe - ok
20:55:05.0419 0x1700  [ 5153C06FC9D4D094D1A785545928B134, 0037C935722663F9EF028F841DE222FC6418E9D60939AB60C965807E67A458DC ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
20:55:05.0443 0x1700  SunJavaUpdateSched - ok
20:55:05.0486 0x1700  [ 38D4D7458D381954C24F648A608AA820, 14AFA13E50CE9A29EF4B9F3E316605346F9251C0DAEBF735B7F8A64EC1CE59C6 ] C:\Program Files\AVAST Software\Avast\aswRunDll.exe
20:55:05.0504 0x1700  20161024 - ok
20:55:05.0564 0x1700  OneDriveSetup - ok
20:55:05.0565 0x1700  OneDriveSetup - ok
20:55:05.0727 0x1700  [ A70E699E0B0DD9C2B3B35E9A8167F903, 6CC7AFFEED646AA9C46C709C8B36751CA9EBCDDC70438ECE1D1328E6C1A02421 ] C:\Program Files\CCleaner\CCleaner64.exe
20:55:05.0831 0x1700  CCleaner Monitoring - ok
20:55:05.0946 0x1700  [ 1D7DD340E13DF9585EABB849CFC3E11B, 31CCD9753402DC030C641214B4ECB48A757BCD9F427A143A88745C62EFF87766 ] C:\Users\hannibla34\AppData\Local\Microsoft\OneDrive\OneDrive.exe
20:55:05.0971 0x1700  OneDrive - ok
20:55:06.0024 0x1700  [ DC3DB64A7F934F7941484FEB19380226, 8C00CAC91099B69ACE0F44894D8705CE8C3F0B4362E844A92566FD8902978333 ] C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe
20:55:06.0031 0x1700  STUISpeedLauncher - ok
20:55:06.0043 0x1700  Uninstall C:\Users\hannibla34\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64 - ok
20:55:06.0043 0x1700  Waiting for KSN requests completion. In queue: 51
20:55:07.0064 0x1700  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
20:55:07.0065 0x1700  AV detected via SS2: Avast Antivirus, C:\Program Files\AVAST Software\Avast\wsc_proxy.exe ( 12.3.3154.0 ), 0x41000 ( enabled : updated )
20:55:07.0071 0x1700  Win FW state via NFP2: enabled ( trusted )
20:55:07.0235 0x1700  ============================================================
20:55:07.0235 0x1700  Scan finished
20:55:07.0235 0x1700  ============================================================
20:55:07.0244 0x20dc  Detected object count: 0
20:55:07.0244 0x20dc  Actual detected object count: 0
20:59:48.0786 0x2184  Deinitialize success

deeprybka · 30.10.2016, 18:10

Der Scan wurde zudem nicht nach Anleitung durchgeführt. Bitte wiederholen.

krautsand · 30.10.2016, 18:29

Code:

ATTFilter

18:20:35.0658 0x0344  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
18:20:35.0658 0x0344  UEFI system
18:20:39.0752 0x0344  ============================================================
18:20:39.0752 0x0344  Current date / time: 2016/10/30 18:20:39.0752
18:20:39.0752 0x0344  SystemInfo:
18:20:39.0752 0x0344  
18:20:39.0752 0x0344  OS Version: 10.0.14393 ServicePack: 0.0
18:20:39.0752 0x0344  Product type: Workstation
18:20:39.0752 0x0344  ComputerName: WO
18:20:39.0752 0x0344  UserName: hannibla34
18:20:39.0752 0x0344  Windows directory: C:\WINDOWS
18:20:39.0752 0x0344  System windows directory: C:\WINDOWS
18:20:39.0752 0x0344  Running under WOW64
18:20:39.0752 0x0344  Processor architecture: Intel x64
18:20:39.0752 0x0344  Number of processors: 8
18:20:39.0752 0x0344  Page size: 0x1000
18:20:39.0752 0x0344  Boot type: Normal boot
18:20:39.0752 0x0344  CodeIntegrityOptions = 0x00000001
18:20:39.0752 0x0344  ============================================================
18:20:40.0174 0x0344  KLMD registered as C:\WINDOWS\system32\drivers\42561351.sys
18:20:40.0174 0x0344  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.351, osProperties = 0x19
18:20:40.0518 0x0344  System UUID: {3F8E22D3-6932-8A58-EF4E-56EC65BDDB2D}
18:20:41.0112 0x0344  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:20:41.0127 0x0344  Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:20:46.0284 0x0344  ============================================================
18:20:46.0284 0x0344  \Device\Harddisk0\DR0:
18:20:46.0284 0x0344  GPT partitions:
18:20:46.0315 0x0344  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A87557AB-C51B-4C81-A8FC-3238F1BE4911}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x190000
18:20:46.0315 0x0344  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {442E0D00-58E8-4B54-BEC3-3295F0F195A3}, Name: EFI system partition, StartLBA 0x190800, BlocksNum 0x82000
18:20:46.0315 0x0344  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {4B05466C-2242-4D97-AAC9-A12E5E0953B1}, Name: Microsoft reserved partition, StartLBA 0x212800, BlocksNum 0x40000
18:20:46.0315 0x0344  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {854EB602-EB6C-4F29-8747-355D62CA0D02}, Name: Basic data partition, StartLBA 0x252800, BlocksNum 0x12C00000
18:20:46.0315 0x0344  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3E25A1E3-9C34-4CFB-866B-31769D6D5425}, Name: Basic data partition, StartLBA 0x12E52800, BlocksNum 0x5F96D800
18:20:46.0315 0x0344  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {6A62A54D-E3A4-441B-8B72-187100569643}, Name: Basic data partition, StartLBA 0x727C0000, BlocksNum 0x1F46800
18:20:46.0315 0x0344  MBR partitions:
18:20:46.0315 0x0344  \Device\Harddisk1\DR1:
18:20:46.0315 0x0344  MBR partitions:
18:20:46.0315 0x0344  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x40, BlocksNum 0x4A856E81
18:20:46.0315 0x0344  ============================================================
18:20:46.0330 0x0344  C: <-> \Device\Harddisk0\DR0\Partition4
18:20:46.0346 0x0344  D: <-> \Device\Harddisk0\DR0\Partition5
18:20:46.0346 0x0344  M: <-> \Device\Harddisk1\DR1\Partition1
18:20:46.0346 0x0344  ============================================================
18:20:46.0346 0x0344  Initialize success
18:20:46.0346 0x0344  ============================================================
18:24:20.0739 0x23d8  ============================================================
18:24:20.0739 0x23d8  Scan started
18:24:20.0739 0x23d8  Mode: Manual; SigCheck; TDLFS; 
18:24:20.0739 0x23d8  ============================================================
18:24:20.0739 0x23d8  KSN ping started
18:24:20.0864 0x23d8  KSN ping finished: true
18:24:22.0739 0x23d8  ================ Scan system memory ========================
18:24:22.0739 0x23d8  System memory - ok
18:24:22.0739 0x23d8  ================ Scan services =============================
18:24:22.0864 0x23d8  1394ohci - ok
18:24:22.0880 0x23d8  3ware - ok
18:24:22.0895 0x23d8  ACPI - ok
18:24:22.0911 0x23d8  AcpiDev - ok
18:24:22.0911 0x23d8  acpiex - ok
18:24:22.0927 0x23d8  acpipagr - ok
18:24:22.0958 0x23d8  AcpiPmi - ok
18:24:22.0958 0x23d8  acpitime - ok
18:24:23.0005 0x23d8  [ DC00FD73505DAEDD99CAF4533B0C05BD, 2863D1F0587B79254FBE093C191C73892768CF2AC59BEF97745EE66CEE3473AF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:24:23.0067 0x23d8  AdobeARMservice - ok
18:24:23.0161 0x23d8  [ 16D11D2CA3F2078F553E0C3A70A4F050, 51EEA7EFBE122D3FEB2F8487F5A45166A0C4963314B28840C3C404479B4E1849 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:24:23.0208 0x23d8  AdobeFlashPlayerUpdateSvc - ok
18:24:23.0208 0x23d8  ADP80XX - ok
18:24:23.0208 0x23d8  AFD - ok
18:24:23.0223 0x23d8  ahcache - ok
18:24:23.0255 0x23d8  [ 2C37AD878725987DF1A31B3899CB7FD7, B9161DCD5374FA546C4E1D5FBD69788028BC60BA84E67DE7F49B0B7CDD12B097 ] AiChargerDT     C:\WINDOWS\syswow64\drivers\AiChargerDT.sys
18:24:23.0302 0x23d8  AiChargerDT - ok
18:24:23.0317 0x23d8  AJRouter - ok
18:24:23.0333 0x23d8  ALG - ok
18:24:23.0333 0x23d8  AmdK8 - ok
18:24:23.0348 0x23d8  AmdPPM - ok
18:24:23.0348 0x23d8  amdsata - ok
18:24:23.0348 0x23d8  amdsbs - ok
18:24:23.0348 0x23d8  amdxata - ok
18:24:23.0380 0x23d8  [ 809D92855656EFC1D71C980582F7FF8B, 01B551CEC0CFD50CA88EB49AA3F68EEEAE34DFE31E6CA37DA106B3C49CF7FA81 ] AmUStor         C:\WINDOWS\system32\drivers\AmUStor.SYS
18:24:23.0442 0x23d8  AmUStor - ok
18:24:23.0458 0x23d8  AppID - ok
18:24:23.0458 0x23d8  AppIDSvc - ok
18:24:23.0473 0x23d8  Appinfo - ok
18:24:23.0505 0x23d8  applockerfltr - ok
18:24:23.0520 0x23d8  AppReadiness - ok
18:24:23.0536 0x23d8  AppXSvc - ok
18:24:23.0552 0x23d8  arcsas - ok
18:24:23.0552 0x23d8  [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO            C:\WINDOWS\syswow64\drivers\AsIO.sys
18:24:23.0598 0x23d8  AsIO - ok
18:24:23.0630 0x23d8  [ 1392B92179B07B672720763D9B1028A5, B4D47EA790920A4531E3DF5A4B4B0721B7FEA6B49A35679F0652F1E590422602 ] AsUpIO          C:\WINDOWS\syswow64\drivers\AsUpIO.sys
18:24:23.0661 0x23d8  AsUpIO - ok
18:24:23.0692 0x23d8  [ 9B480B472D6826E7257C90E2D0EE2954, C52C198602D180011A9345AE6F108EC4B1FD91234AF2E6296B2E39C1888B0D4D ] aswHwid         C:\WINDOWS\system32\drivers\aswHwid.sys
18:24:23.0755 0x23d8  aswHwid - ok
18:24:23.0770 0x23d8  [ 06362BBA1347CBA0996F4B39BB1D8353, 0C6B7B085F13FB7C71E2AF481CD216C6ACB63577DC7E2793182F734378C141DA ] aswKbd          C:\WINDOWS\system32\drivers\aswKbd.sys
18:24:23.0802 0x23d8  aswKbd - ok
18:24:23.0817 0x23d8  [ 1BB00571CC2C78463ABD7E9C32970758, BF523468754CB1628D66F28B06FAF7C545C5724801B04888517A2FB4BF9582BF ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
18:24:23.0864 0x23d8  aswMonFlt - ok
18:24:23.0880 0x23d8  [ 7010B57D708DA5C9686A5923EE621776, 5A554B8941C156EC341C602F34679A7475802B19EE6A99AA29AE2628A123ECB1 ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr2.sys
18:24:23.0942 0x23d8  aswRdr - ok
18:24:23.0958 0x23d8  [ 937885085BFE5BD08EC1BC0245DD203B, 6DDD89245EEA3B8106C5F2EB6FA8CF525F3B42AA7032276DE78953E06FE7F4B4 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
18:24:24.0005 0x23d8  aswRvrt - ok
18:24:24.0067 0x23d8  [ 0B6352251C5D84130DF4252D33D266C2, C6A2E0074A7FCFB5799949431F5660B9AF6441001EA9B609F7B3900F4007EBD0 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
18:24:24.0161 0x23d8  aswSnx - ok
18:24:24.0208 0x23d8  [ 28213B34725B18387CC1B8C3D73858A1, D86113D89C62F090B393B68B522581248AEF3568F8FD0FF86B3625F2E6DD4DB8 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
18:24:24.0255 0x23d8  aswSP - ok
18:24:24.0302 0x23d8  [ 9C58B6E9663D0A76D00D83E43C765BDF, 3F474932E77318CD450A3A9C89667D2B26A7E3FAB9AA95D97FF3B1979623A7F2 ] aswStm          C:\WINDOWS\system32\drivers\aswStm.sys
18:24:24.0333 0x23d8  aswStm - ok
18:24:24.0364 0x23d8  [ E4ABC023E251D2BB6B98C9FCAF5CF16D, 2A94320A3EF16E641B693BF6EABABB57C891B914B00F73ACD7ADB8CA5089EC40 ] aswTap          C:\WINDOWS\System32\drivers\aswTap.sys
18:24:24.0395 0x23d8  aswTap - ok
18:24:24.0442 0x23d8  [ D60D9201739400F0FBDB9E36A3212D91, 01A17516AB7F4D2C72E2DC51F7B49D1C4F50F564992F78A71E73821D7F8220E7 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
18:24:24.0505 0x23d8  aswVmm - ok
18:24:24.0520 0x23d8  AsyncMac - ok
18:24:24.0520 0x23d8  atapi - ok
18:24:24.0536 0x23d8  AudioEndpointBuilder - ok
18:24:24.0552 0x23d8  Audiosrv - ok
18:24:24.0630 0x23d8  [ F4E0580B5789474385E7ACB189C4AF2C, DB5BE2C852AC102AB8EB186362E582E250B843BA52B3B71AF08A5FDA8A6F91AF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:24:24.0661 0x23d8  avast! Antivirus - ok
18:24:24.0692 0x23d8  [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
18:24:24.0739 0x23d8  avgntflt - ok
18:24:24.0755 0x23d8  [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
18:24:24.0786 0x23d8  avipbb - ok
18:24:24.0786 0x23d8  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
18:24:24.0802 0x23d8  avkmgr - ok
18:24:24.0802 0x23d8  AxInstSV - ok
18:24:24.0817 0x23d8  b06bdrv - ok
18:24:24.0817 0x23d8  BasicDisplay - ok
18:24:24.0817 0x23d8  BasicRender - ok
18:24:24.0833 0x23d8  bcmfn - ok
18:24:24.0833 0x23d8  bcmfn2 - ok
18:24:24.0833 0x23d8  BDESVC - ok
18:24:24.0848 0x23d8  Beep - ok
18:24:24.0848 0x23d8  BFE - ok
18:24:24.0864 0x23d8  BITS - ok
18:24:24.0864 0x23d8  bowser - ok
18:24:24.0880 0x23d8  BrokerInfrastructure - ok
18:24:24.0880 0x23d8  Browser - ok
18:24:24.0895 0x23d8  BthAvrcpTg - ok
18:24:24.0895 0x23d8  BthHFEnum - ok
18:24:24.0895 0x23d8  bthhfhid - ok
18:24:24.0911 0x23d8  BthHFSrv - ok
18:24:24.0911 0x23d8  BTHMODEM - ok
18:24:24.0911 0x23d8  bthserv - ok
18:24:24.0911 0x23d8  buttonconverter - ok
18:24:24.0927 0x23d8  [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
18:24:25.0083 0x23d8  CapImg - ok
18:24:25.0083 0x23d8  cdfs - ok
18:24:25.0083 0x23d8  CDPSvc - ok
18:24:25.0099 0x23d8  CDPUserSvc - ok
18:24:25.0145 0x23d8  cdrom - ok
18:24:25.0145 0x23d8  CertPropSvc - ok
18:24:25.0161 0x23d8  cht4iscsi - ok
18:24:25.0161 0x23d8  cht4vbd - ok
18:24:25.0177 0x23d8  circlass - ok
18:24:25.0177 0x23d8  CLFS - ok
18:24:25.0177 0x23d8  ClipSVC - ok
18:24:25.0177 0x23d8  clreg - ok
18:24:25.0192 0x23d8  CmBatt - ok
18:24:25.0192 0x23d8  CNG - ok
18:24:25.0192 0x23d8  cnghwassist - ok
18:24:25.0224 0x23d8  CompositeBus - ok
18:24:25.0224 0x23d8  COMSysApp - ok
18:24:25.0224 0x23d8  condrv - ok
18:24:25.0255 0x23d8  CoreMessagingRegistrar - ok
18:24:25.0255 0x23d8  CryptSvc - ok
18:24:25.0255 0x23d8  dam - ok
18:24:25.0270 0x23d8  DcomLaunch - ok
18:24:25.0286 0x23d8  DcpSvc - ok
18:24:25.0286 0x23d8  defragsvc - ok
18:24:25.0302 0x23d8  DeviceAssociationService - ok
18:24:25.0302 0x23d8  DeviceInstall - ok
18:24:25.0302 0x23d8  DevQueryBroker - ok
18:24:25.0317 0x23d8  Dfsc - ok
18:24:25.0333 0x23d8  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
18:24:25.0380 0x23d8  dg_ssudbus - ok
18:24:25.0411 0x23d8  Dhcp - ok
18:24:25.0442 0x23d8  diagnosticshub.standardcollector.service - ok
18:24:25.0458 0x23d8  DiagTrack - ok
18:24:25.0474 0x23d8  disk - ok
18:24:25.0489 0x23d8  DmEnrollmentSvc - ok
18:24:25.0505 0x23d8  dmvsc - ok
18:24:25.0520 0x23d8  dmwappushservice - ok
18:24:25.0520 0x23d8  Dnscache - ok
18:24:25.0536 0x23d8  dot3svc - ok
18:24:25.0536 0x23d8  DPS - ok
18:24:25.0552 0x23d8  drmkaud - ok
18:24:25.0567 0x23d8  DsmSvc - ok
18:24:25.0567 0x23d8  DsSvc - ok
18:24:25.0583 0x23d8  DXGKrnl - ok
18:24:25.0614 0x23d8  [ 160044DF3554871C42F25DA6EC9017F2, 2E135BB1922C033FBA389635EAEC84E698736096FE93438EF005CD5DD23F7793 ] e1dexpress      C:\WINDOWS\system32\DRIVERS\e1d65x64.sys
18:24:25.0708 0x23d8  e1dexpress - ok
18:24:25.0724 0x23d8  e1iexpress - ok
18:24:25.0739 0x23d8  EapHost - ok
18:24:25.0739 0x23d8  ebdrv - ok
18:24:25.0770 0x23d8  EFS - ok
18:24:25.0770 0x23d8  EhStorClass - ok
18:24:25.0786 0x23d8  EhStorTcgDrv - ok
18:24:25.0786 0x23d8  embeddedmode - ok
18:24:25.0802 0x23d8  EntAppSvc - ok
18:24:25.0802 0x23d8  ErrDev - ok
18:24:25.0817 0x23d8  EventSystem - ok
18:24:25.0817 0x23d8  exfat - ok
18:24:25.0817 0x23d8  fastfat - ok
18:24:25.0833 0x23d8  Fax - ok
18:24:25.0833 0x23d8  fdc - ok
18:24:25.0833 0x23d8  fdPHost - ok
18:24:25.0833 0x23d8  FDResPub - ok
18:24:25.0849 0x23d8  fhsvc - ok
18:24:25.0849 0x23d8  FileCrypt - ok
18:24:25.0864 0x23d8  FileInfo - ok
18:24:25.0864 0x23d8  Filetrace - ok
18:24:25.0864 0x23d8  flpydisk - ok
18:24:25.0864 0x23d8  FltMgr - ok
18:24:25.0880 0x23d8  FontCache - ok
18:24:25.0942 0x23d8  FontCache3.0.0.0 - ok
18:24:26.0083 0x23d8  FrameServer - ok
18:24:26.0099 0x23d8  FsDepends - ok
18:24:26.0114 0x23d8  Fs_Rec - ok
18:24:26.0130 0x23d8  fvevol - ok
18:24:26.0145 0x23d8  gencounter - ok
18:24:26.0145 0x23d8  genericusbfn - ok
18:24:26.0255 0x23d8  [ F78BC07DCED5EDDD6D477E923620F8EA, ABE28155100A38A5E1B58FFC8099EF416145278B440A67B8DAFD7715FE412624 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
18:24:26.0302 0x23d8  GfExperienceService - ok
18:24:26.0317 0x23d8  GPIOClx0101 - ok
18:24:26.0317 0x23d8  gpsvc - ok
18:24:26.0333 0x23d8  GpuEnergyDrv - ok
18:24:26.0395 0x23d8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:24:26.0427 0x23d8  gupdate - ok
18:24:26.0427 0x23d8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:24:26.0442 0x23d8  gupdatem - ok
18:24:26.0442 0x23d8  HDAudBus - ok
18:24:26.0458 0x23d8  HidBatt - ok
18:24:26.0458 0x23d8  HidBth - ok
18:24:26.0458 0x23d8  hidi2c - ok
18:24:26.0458 0x23d8  hidinterrupt - ok
18:24:26.0458 0x23d8  HidIr - ok
18:24:26.0474 0x23d8  hidserv - ok
18:24:26.0505 0x23d8  HidUsb - ok
18:24:26.0520 0x23d8  HomeGroupListener - ok
18:24:26.0520 0x23d8  HomeGroupProvider - ok
18:24:26.0536 0x23d8  HpSAMD - ok
18:24:26.0552 0x23d8  HTTP - ok
18:24:26.0567 0x23d8  [ 5004E766075BADA25608489A7C649698, 685D6F5B99C06EF091BB126CA3FEADCA3ED3C05DD78B6709AF04A1DD0A030BAE ] huawei_cdcacm   C:\WINDOWS\system32\DRIVERS\ew_jucdcacm.sys
18:24:26.0724 0x23d8  huawei_cdcacm - ok
18:24:26.0755 0x23d8  [ D49D4E7B70AD6B1D04771AC1F7DB79C7, 093D8343CF769FC805308ED357EEF30E3D78569B817A20FE9884863A1FDBC028 ] huawei_enumerator C:\WINDOWS\System32\drivers\ew_jubusenum.sys
18:24:26.0833 0x23d8  huawei_enumerator - ok
18:24:26.0864 0x23d8  [ 25002C5DF71CF206569A408B3E0E523C, 49E0938FAFBA828D70DA183B96D2F52A2330A0E59510FC282821C3AD2A42EE46 ] huawei_wwanecm  C:\WINDOWS\system32\DRIVERS\ew_juwwanecm.sys
18:24:26.0942 0x23d8  huawei_wwanecm - ok
18:24:26.0958 0x23d8  HvHost - ok
18:24:26.0958 0x23d8  hvservice - ok
18:24:27.0020 0x23d8  [ C08814014290BF3AD581C0E9C5919269, 9C16822AC6B8977AAEFDB54C2B4295546461DD888060B62223EF20151790C934 ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
18:24:27.0083 0x23d8  HWDeviceService64.exe - ok
18:24:27.0161 0x23d8  [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32        C:\WINDOWS\SysWoW64\drivers\HWiNFO64A.SYS
18:24:27.0192 0x23d8  HWiNFO32 - ok
18:24:27.0208 0x23d8  hwpolicy - ok
18:24:27.0208 0x23d8  hyperkbd - ok
18:24:27.0224 0x23d8  i8042prt - ok
18:24:27.0224 0x23d8  iagpio - ok
18:24:27.0224 0x23d8  iai2c - ok
18:24:27.0224 0x23d8  iaLPSS2i_GPIO2 - ok
18:24:27.0239 0x23d8  iaLPSS2i_I2C - ok
18:24:27.0239 0x23d8  iaLPSSi_GPIO - ok
18:24:27.0239 0x23d8  iaLPSSi_I2C - ok
18:24:27.0317 0x23d8  [ 0609694A9C4D6C71319732FA82C6E5C5, 5507D20AB9C86B11564C953C6F535976A0D201295C642EA0CABF435DAD908251 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
18:24:27.0364 0x23d8  iaStorA - ok
18:24:27.0364 0x23d8  iaStorAV - ok
18:24:27.0411 0x23d8  [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:24:27.0427 0x23d8  IAStorDataMgrSvc - ok
18:24:27.0427 0x23d8  iaStorV - ok
18:24:27.0442 0x23d8  ibbus - ok
18:24:27.0458 0x23d8  icssvc - ok
18:24:27.0458 0x23d8  IKEEXT - ok
18:24:27.0458 0x23d8  IndirectKmd - ok
18:24:27.0614 0x23d8  [ 3691A0F19490641A5250919420BF88E9, 70CCE10AB4CEF700292D0F85029FCD2C5D1B0E9010A4CF318F40D763BF3BF36A ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
18:24:27.0770 0x23d8  IntcAzAudAddService - ok
18:24:27.0849 0x23d8  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:24:27.0927 0x23d8  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
18:24:28.0052 0x23d8  Detect skipped due to KSN trusted
18:24:28.0052 0x23d8  Intel(R) Capability Licensing Service Interface - ok
18:24:28.0114 0x23d8  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
18:24:28.0145 0x23d8  Intel(R) Capability Licensing Service TCP IP Interface - ok
18:24:28.0161 0x23d8  [ CBF7341E55A8348C7AB01A9870C7D948, A5084DF3C6321788C88A9E6B5F43FE5BCFDBB579BDE3A4D5F55558C6D13035A5 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
18:24:28.0677 0x23d8  Intel(R) PROSet Monitoring Service - ok
18:24:28.0708 0x23d8  intelide - ok
18:24:28.0708 0x23d8  intelpep - ok
18:24:28.0708 0x23d8  intelppm - ok
18:24:28.0802 0x23d8  [ 477BE2027FB0E5F50A6CD424BFDB3BAA, B9311F9F9685D13FA83B1E168EB6D3555ABAA8C402B4C47EB2629BA6F11444E8 ] Internet Manager. RunOuc C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe
18:24:28.0849 0x23d8  Internet Manager. RunOuc - ok
18:24:28.0849 0x23d8  iorate - ok
18:24:28.0864 0x23d8  IpFilterDriver - ok
18:24:28.0880 0x23d8  iphlpsvc - ok
18:24:28.0880 0x23d8  IPMIDRV - ok
18:24:28.0880 0x23d8  IPNAT - ok
18:24:28.0880 0x23d8  irda - ok
18:24:28.0880 0x23d8  IRENUM - ok
18:24:28.0880 0x23d8  irmon - ok
18:24:28.0880 0x23d8  isapnp - ok
18:24:28.0895 0x23d8  iScsiPrt - ok
18:24:28.0895 0x23d8  kbdclass - ok
18:24:28.0895 0x23d8  kbdhid - ok
18:24:28.0895 0x23d8  kdnic - ok
18:24:28.0927 0x23d8  KeyIso - ok
18:24:28.0942 0x23d8  KSecDD - ok
18:24:28.0942 0x23d8  KSecPkg - ok
18:24:28.0942 0x23d8  ksthunk - ok
18:24:28.0942 0x23d8  KtmRm - ok
18:24:28.0958 0x23d8  LanmanServer - ok
18:24:28.0958 0x23d8  LanmanWorkstation - ok
18:24:28.0958 0x23d8  lfsvc - ok
18:24:28.0958 0x23d8  LicenseManager - ok
18:24:28.0974 0x23d8  lltdio - ok
18:24:28.0974 0x23d8  lltdsvc - ok
18:24:28.0974 0x23d8  lmhosts - ok
18:24:28.0974 0x23d8  LSI_SAS - ok
18:24:28.0989 0x23d8  LSI_SAS2i - ok
18:24:28.0989 0x23d8  LSI_SAS3i - ok
18:24:29.0005 0x23d8  LSI_SSS - ok
18:24:29.0005 0x23d8  LSM - ok
18:24:29.0005 0x23d8  luafv - ok
18:24:29.0021 0x23d8  MapsBroker - ok
18:24:29.0021 0x23d8  megasas - ok
18:24:29.0036 0x23d8  megasas2i - ok
18:24:29.0036 0x23d8  megasr - ok
18:24:29.0052 0x23d8  [ 1039E2C190060B1A51289B47493DA456, 96B67CD5341F6118063F1C318DDAC86089966E274FEB4EC46F934BBE98C01032 ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
18:24:29.0067 0x23d8  MEIx64 - ok
18:24:29.0083 0x23d8  [ 1595FECFFBE9EA2417E06D5FD0BFA4C4, 96006C7F19FDC1700EEBA870F96433D3260DEA06AD7215EAD8F1D74C953E1B50 ] MEMSWEEP2       C:\Windows\system32\2284.tmp
18:24:29.0114 0x23d8  MEMSWEEP2 - detected UnsignedFile.Multi.Generic ( 1 )
18:24:29.0239 0x23d8  Detect skipped due to KSN trusted
18:24:29.0239 0x23d8  MEMSWEEP2 - ok
18:24:29.0255 0x23d8  MessagingService - ok
18:24:29.0286 0x23d8  mlx4_bus - ok
18:24:29.0286 0x23d8  MMCSS - ok
18:24:29.0302 0x23d8  Modem - ok
18:24:29.0317 0x23d8  monitor - ok
18:24:29.0317 0x23d8  mouclass - ok
18:24:29.0317 0x23d8  mouhid - ok
18:24:29.0317 0x23d8  mountmgr - ok
18:24:29.0333 0x23d8  [ 572BD5A99648652147A5D3C6DA946C99, FFDAD4A5682864977C926A5DDDB632CDB2A166BF025757801CC56F2828720023 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:24:29.0349 0x23d8  MozillaMaintenance - ok
18:24:29.0349 0x23d8  mpsdrv - ok
18:24:29.0349 0x23d8  MpsSvc - ok
18:24:29.0364 0x23d8  MRxDAV - ok
18:24:29.0364 0x23d8  mrxsmb - ok
18:24:29.0380 0x23d8  mrxsmb10 - ok
18:24:29.0380 0x23d8  mrxsmb20 - ok
18:24:29.0396 0x23d8  MsBridge - ok
18:24:29.0411 0x23d8  MSDTC - ok
18:24:29.0427 0x23d8  Msfs - ok
18:24:29.0427 0x23d8  msgpiowin32 - ok
18:24:29.0427 0x23d8  mshidkmdf - ok
18:24:29.0427 0x23d8  mshidumdf - ok
18:24:29.0427 0x23d8  msisadrv - ok
18:24:29.0442 0x23d8  MSiSCSI - ok
18:24:29.0442 0x23d8  msiserver - ok
18:24:29.0458 0x23d8  MSKSSRV - ok
18:24:29.0458 0x23d8  MsLldp - ok
18:24:29.0458 0x23d8  MSPCLOCK - ok
18:24:29.0458 0x23d8  MSPQM - ok
18:24:29.0458 0x23d8  MsRPC - ok
18:24:29.0474 0x23d8  mssmbios - ok
18:24:29.0474 0x23d8  MSTEE - ok
18:24:29.0474 0x23d8  MTConfig - ok
18:24:29.0489 0x23d8  Mup - ok
18:24:29.0489 0x23d8  mvumis - ok
18:24:29.0489 0x23d8  NativeWifiP - ok
18:24:29.0489 0x23d8  NcaSvc - ok
18:24:29.0489 0x23d8  NcbService - ok
18:24:29.0489 0x23d8  NcdAutoSetup - ok
18:24:29.0489 0x23d8  ndfltr - ok
18:24:29.0505 0x23d8  NDIS - ok
18:24:29.0521 0x23d8  NdisCap - ok
18:24:29.0521 0x23d8  NdisImPlatform - ok
18:24:29.0521 0x23d8  NdisTapi - ok
18:24:29.0521 0x23d8  Ndisuio - ok
18:24:29.0521 0x23d8  NdisVirtualBus - ok
18:24:29.0521 0x23d8  NdisWan - ok
18:24:29.0521 0x23d8  ndiswanlegacy - ok
18:24:29.0521 0x23d8  ndproxy - ok
18:24:29.0536 0x23d8  Ndu - ok
18:24:29.0536 0x23d8  NetAdapterCx - ok
18:24:29.0536 0x23d8  NetBIOS - ok
18:24:29.0536 0x23d8  NetBT - ok
18:24:29.0536 0x23d8  Netlogon - ok
18:24:29.0536 0x23d8  Netman - ok
18:24:29.0552 0x23d8  netprofm - ok
18:24:29.0552 0x23d8  NetSetupSvc - ok
18:24:29.0599 0x23d8  NetTcpPortSharing - ok
18:24:29.0614 0x23d8  NgcCtnrSvc - ok
18:24:29.0630 0x23d8  NgcSvc - ok
18:24:29.0646 0x23d8  NlaSvc - ok
18:24:29.0646 0x23d8  Npfs - ok
18:24:29.0646 0x23d8  npsvctrig - ok
18:24:29.0661 0x23d8  nsi - ok
18:24:29.0661 0x23d8  nsiproxy - ok
18:24:29.0661 0x23d8  NTFS - ok
18:24:29.0677 0x23d8  Null - ok
18:24:29.0692 0x23d8  [ 417F5789073BE7B3DE45C308F3C527DF, 5137D7451D8D58BF5D7FFDF83F8C72CAAB05AFE237318FC4E1AE06F4FFE5CBFD ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
18:24:29.0708 0x23d8  NVHDA - ok
18:24:30.0083 0x23d8  [ DB3FFDB8FB4D08E834B54B858D50DDBE, 3D6437E72FF96BACE0EC1C19C227800E3A6A89239630D71E1D46E0B3AA6CE40C ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d3851cb7c8216f9e\nvlddmkm.sys
18:24:30.0380 0x23d8  nvlddmkm - ok
18:24:30.0505 0x23d8  [ 020F45E362D3B57CCC5735582BB1A6EC, E2D953CEF208528382153D06FED8394BEB52657C547E4D2D2954E537C9A382DC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:24:30.0599 0x23d8  NvNetworkService - ok
18:24:30.0599 0x23d8  nvraid - ok
18:24:30.0599 0x23d8  nvstor - ok
18:24:30.0661 0x23d8  [ F82BCEB9F57B2959F6AAE2A3DDA892A8, 5B02C74BAF0E12B84F239B1449DAA955B28BD5BA7D35D315DB57F45E042E0DB3 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
18:24:30.0708 0x23d8  NvStreamKms - ok
18:24:30.0849 0x23d8  [ 9209D57C1AA24841EF8D5DE6A5B2AAEB, C1A53621F5361DCE9C962A9B9B586D1904901C9EC20EFCA76C40ADCD98BEDF3C ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
18:24:30.0927 0x23d8  NvStreamNetworkSvc - ok
18:24:31.0005 0x23d8  [ 0EDF9504CA5174075BA5902AFC1F57C8, 8E210E71BA91813D3BB6B59E5F6AD0889711336AD12B1B1C67CCC882A6ED3E53 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
18:24:31.0083 0x23d8  NvStreamSvc - ok
18:24:31.0114 0x23d8  [ 403522070F1C1020B9EB862ED989CD87, 01A63D0DA8B47DDE9D2FCF5923529FCA5ABF4154CFFA6D0E10087E3CA5477436 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
18:24:31.0442 0x23d8  nvsvc - ok
18:24:31.0474 0x23d8  [ 38175904276F86EA4704EC13B77FB4B0, 4965BCF17E3D9EE4CE2E4DC158C5E7179C3ABBAE9D640FBCFFBCA973F21DDDF6 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
18:24:31.0521 0x23d8  nvvad_WaveExtensible - ok
18:24:31.0536 0x23d8  OneSyncSvc - ok
18:24:31.0567 0x23d8  p2pimsvc - ok
18:24:31.0583 0x23d8  p2psvc - ok
18:24:31.0583 0x23d8  Parport - ok
18:24:31.0599 0x23d8  partmgr - ok
18:24:31.0614 0x23d8  PcaSvc - ok
18:24:31.0661 0x23d8  [ 101CC1FD8D48ED1EF71F0840158D0E6D, A944D70DE230E3FBD8B371EF3BED1FCD12AAFD56945A8F5C44994AF13283FCCD ] pci             C:\WINDOWS\system32\drivers\pci.sys
18:24:31.0739 0x23d8  pci - ok
18:24:31.0755 0x23d8  pciide - ok
18:24:31.0771 0x23d8  pcmcia - ok
18:24:31.0771 0x23d8  pcw - ok
18:24:31.0786 0x23d8  pdc - ok
18:24:31.0786 0x23d8  PEAUTH - ok
18:24:31.0786 0x23d8  percsas2i - ok
18:24:31.0802 0x23d8  percsas3i - ok
18:24:31.0833 0x23d8  PerfHost - ok
18:24:31.0864 0x23d8  PhoneSvc - ok
18:24:31.0880 0x23d8  PimIndexMaintenanceSvc - ok
18:24:31.0911 0x23d8  pla - ok
18:24:31.0911 0x23d8  PlugPlay - ok
18:24:31.0911 0x23d8  PNRPAutoReg - ok
18:24:31.0911 0x23d8  PNRPsvc - ok
18:24:31.0927 0x23d8  PolicyAgent - ok
18:24:31.0927 0x23d8  Power - ok
18:24:31.0927 0x23d8  PptpMiniport - ok
18:24:32.0052 0x23d8  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
18:24:32.0317 0x23d8  PrintNotify - ok
18:24:32.0317 0x23d8  Processor - ok
18:24:32.0333 0x23d8  ProfSvc - ok
18:24:32.0333 0x23d8  Psched - ok
18:24:32.0349 0x23d8  QWAVE - ok
18:24:32.0349 0x23d8  QWAVEdrv - ok
18:24:32.0364 0x23d8  RasAcd - ok
18:24:32.0364 0x23d8  RasAgileVpn - ok
18:24:32.0364 0x23d8  RasAuto - ok
18:24:32.0364 0x23d8  Rasl2tp - ok
18:24:32.0364 0x23d8  RasMan - ok
18:24:32.0380 0x23d8  RasPppoe - ok
18:24:32.0380 0x23d8  RasSstp - ok
18:24:32.0380 0x23d8  rdbss - ok
18:24:32.0396 0x23d8  rdpbus - ok
18:24:32.0396 0x23d8  RDPDR - ok
18:24:32.0411 0x23d8  RdpVideoMiniport - ok
18:24:32.0411 0x23d8  rdyboost - ok
18:24:32.0411 0x23d8  ReFSv1 - ok
18:24:32.0427 0x23d8  RemoteAccess - ok
18:24:32.0427 0x23d8  RemoteRegistry - ok
18:24:32.0442 0x23d8  RetailDemo - ok
18:24:32.0442 0x23d8  RmSvc - ok
18:24:32.0442 0x23d8  RpcEptMapper - ok
18:24:32.0442 0x23d8  RpcLocator - ok
18:24:32.0442 0x23d8  RpcSs - ok
18:24:32.0442 0x23d8  rspndr - ok
18:24:32.0458 0x23d8  s3cap - ok
18:24:32.0474 0x23d8  SamSs - ok
18:24:32.0536 0x23d8  [ 6D6E490C65D2E222BF51B02D45C1C26A, 2780D239823C14BC42965E8E0034E98F300AEF222B09F02BC00DDA527A86E666 ] Samsung Network Fax Server C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxServer64.exe
18:24:32.0599 0x23d8  Samsung Network Fax Server - ok
18:24:32.0599 0x23d8  Samsung Printer Dianostics Service - ok
18:24:32.0614 0x23d8  [ CCFCF96CB350DA48AFDCB221CA999ADA, 7E5490652E367D1EA0400ED95788AFB4E067373E5F8BF73165B7F7FDE20D1B27 ] SamsungUPDUtilSvc C:\WINDOWS\SysWoW64\SecUPDUtilSvc.exe
18:24:33.0333 0x23d8  SamsungUPDUtilSvc - ok
18:24:33.0364 0x23d8  sbp2port - ok
18:24:33.0380 0x23d8  SCardSvr - ok
18:24:33.0396 0x23d8  ScDeviceEnum - ok
18:24:33.0411 0x23d8  scfilter - ok
18:24:33.0411 0x23d8  Schedule - ok
18:24:33.0427 0x23d8  scmbus - ok
18:24:33.0427 0x23d8  scmdisk0101 - ok
18:24:33.0442 0x23d8  SCPolicySvc - ok
18:24:33.0458 0x23d8  sdbus - ok
18:24:33.0458 0x23d8  SDRSVC - ok
18:24:33.0458 0x23d8  sdstor - ok
18:24:33.0458 0x23d8  seclogon - ok
18:24:33.0489 0x23d8  [ 07F83829E7429E60298440CD1E601A6A, 9F1229CD8DD9092C27A01F5D56E3C0D59C2BB9F0139ABF042E56F343637FDA33 ] semav6msr64     C:\WINDOWS\system32\drivers\semav6msr64.sys
18:24:33.0521 0x23d8  semav6msr64 - ok
18:24:33.0521 0x23d8  SENS - ok
18:24:33.0552 0x23d8  SensorDataService - ok
18:24:33.0567 0x23d8  SensorService - ok
18:24:33.0583 0x23d8  SensrSvc - ok
18:24:33.0583 0x23d8  SerCx - ok
18:24:33.0583 0x23d8  SerCx2 - ok
18:24:33.0599 0x23d8  Serenum - ok
18:24:33.0599 0x23d8  Serial - ok
18:24:33.0614 0x23d8  sermouse - ok
18:24:33.0614 0x23d8  SessionEnv - ok
18:24:33.0630 0x23d8  sfloppy - ok
18:24:33.0630 0x23d8  SharedAccess - ok
18:24:33.0646 0x23d8  ShellHWDetection - ok
18:24:33.0646 0x23d8  shpamsvc - ok
18:24:33.0661 0x23d8  SiSRaid2 - ok
18:24:33.0661 0x23d8  SiSRaid4 - ok
18:24:33.0677 0x23d8  [ 4C51055DA5FF23500EA6FE587EBE26E6, AD2B90FBE4B7989E7715BC566DDE012DE65C1173392232E039A4AAD368AF5075 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
18:24:33.0708 0x23d8  SmbDrvI - ok
18:24:33.0739 0x23d8  smphost - ok
18:24:33.0739 0x23d8  SmsRouter - ok
18:24:33.0771 0x23d8  SNMPTRAP - ok
18:24:33.0802 0x23d8  [ C994DF90427103CCB80F893FFD2B1CE8, 7E4B08095C77E68D337A3425EEA38F8FEC4D103CA7661E34FD96BF518DFB4BCB ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
18:24:33.0880 0x23d8  spaceport - ok
18:24:33.0880 0x23d8  SpbCx - ok
18:24:33.0927 0x23d8  Spooler - ok
18:24:33.0942 0x23d8  sppsvc - ok
18:24:33.0958 0x23d8  srv - ok
18:24:33.0974 0x23d8  srv2 - ok
18:24:33.0974 0x23d8  srvnet - ok
18:24:33.0989 0x23d8  SSDPSRV - ok
18:24:34.0021 0x23d8  [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
18:24:34.0067 0x23d8  SSPORT - ok
18:24:34.0083 0x23d8  SstpSvc - ok
18:24:34.0099 0x23d8  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
18:24:34.0161 0x23d8  ssudmdm - ok
18:24:34.0192 0x23d8  StateRepository - ok
18:24:34.0286 0x23d8  [ 8AD39F3C6C0ACD29D875905C5F20E6DA, 414053EFA8F4730F5ABB25C5ECA10695A04087471754A22F6B25EED9955A3B09 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
18:24:34.0333 0x23d8  Stereo Service - ok
18:24:34.0333 0x23d8  stexstor - ok
18:24:34.0333 0x23d8  stisvc - ok
18:24:34.0364 0x23d8  [ 53EB8CE34B55A1EE63424C8DB7388BFC, 5AB59117BA8A2844EB8693CCC19B217AE039B28C87519F96E1C845FE9BF456C2 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
18:24:34.0411 0x23d8  storahci - ok
18:24:34.0427 0x23d8  storflt - ok
18:24:34.0442 0x23d8  [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
18:24:34.0489 0x23d8  stornvme - ok
18:24:34.0489 0x23d8  storqosflt - ok
18:24:34.0521 0x23d8  StorSvc - ok
18:24:34.0521 0x23d8  storufs - ok
18:24:34.0521 0x23d8  storvsc - ok
18:24:34.0521 0x23d8  svsvc - ok
18:24:34.0536 0x23d8  swenum - ok
18:24:34.0536 0x23d8  swprv - ok
18:24:34.0552 0x23d8  Synth3dVsc - ok
18:24:34.0567 0x23d8  SysMain - ok
18:24:34.0583 0x23d8  SystemEventsBroker - ok
18:24:34.0599 0x23d8  [ 2BE3A44B764D6C43CBF4650E862CB807, 78920DA47F3A0C26503FB62EF159455A860E57A9A39C72AEE23A9324168EC1D2 ] SystemUsageReportSvc_WILLAMETTE C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
18:24:34.0614 0x23d8  SystemUsageReportSvc_WILLAMETTE - ok
18:24:34.0614 0x23d8  TabletInputService - ok
18:24:34.0630 0x23d8  TapiSrv - ok
18:24:34.0630 0x23d8  Tcpip - ok
18:24:34.0630 0x23d8  Tcpip6 - ok
18:24:34.0646 0x23d8  tcpipreg - ok
18:24:34.0661 0x23d8  tdx - ok
18:24:34.0661 0x23d8  terminpt - ok
18:24:34.0661 0x23d8  TermService - ok
18:24:34.0661 0x23d8  Themes - ok
18:24:34.0677 0x23d8  TieringEngineService - ok
18:24:34.0677 0x23d8  tiledatamodelsvc - ok
18:24:34.0677 0x23d8  TimeBrokerSvc - ok
18:24:34.0708 0x23d8  [ 3D04046C468AD2868A093925B5E2AA0A, 44696259BEF49AC200DEE146DE0E4375B0CD09F9356CCFA22BD7AD8B53E48658 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
18:24:34.0771 0x23d8  TPM - ok
18:24:34.0771 0x23d8  TrkWks - ok
18:24:34.0786 0x23d8  TrustedInstaller - ok
18:24:34.0786 0x23d8  tsusbflt - ok
18:24:34.0802 0x23d8  TsUsbGD - ok
18:24:34.0802 0x23d8  tunnel - ok
18:24:34.0833 0x23d8  tzautoupdate - ok
18:24:34.0833 0x23d8  UASPStor - ok
18:24:34.0833 0x23d8  UcmCx0101 - ok
18:24:34.0833 0x23d8  UcmTcpciCx0101 - ok
18:24:34.0833 0x23d8  UcmUcsi - ok
18:24:34.0849 0x23d8  Ucx01000 - ok
18:24:34.0849 0x23d8  UdeCx - ok
18:24:34.0849 0x23d8  udfs - ok
18:24:34.0849 0x23d8  UEFI - ok
18:24:34.0849 0x23d8  Ufx01000 - ok
18:24:34.0864 0x23d8  UfxChipidea - ok
18:24:34.0864 0x23d8  ufxsynopsys - ok
18:24:34.0864 0x23d8  UI0Detect - ok
18:24:34.0864 0x23d8  umbus - ok
18:24:34.0864 0x23d8  UmPass - ok
18:24:34.0880 0x23d8  UmRdpService - ok
18:24:34.0880 0x23d8  UnistoreSvc - ok
18:24:34.0880 0x23d8  upnphost - ok
18:24:34.0880 0x23d8  UrsChipidea - ok
18:24:34.0880 0x23d8  UrsCx01000 - ok
18:24:34.0896 0x23d8  UrsSynopsys - ok
18:24:34.0896 0x23d8  usbaudio - ok
18:24:34.0911 0x23d8  usbccgp - ok
18:24:34.0911 0x23d8  usbcir - ok
18:24:34.0911 0x23d8  usbehci - ok
18:24:34.0911 0x23d8  usbhub - ok
18:24:34.0911 0x23d8  USBHUB3 - ok
18:24:34.0911 0x23d8  usbohci - ok
18:24:34.0927 0x23d8  usbprint - ok
18:24:34.0927 0x23d8  [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:24:34.0958 0x23d8  usbscan - ok
18:24:34.0958 0x23d8  usbser - ok
18:24:34.0974 0x23d8  USBSTOR - ok
18:24:34.0974 0x23d8  usbuhci - ok
18:24:34.0974 0x23d8  USBXHCI - ok
18:24:34.0989 0x23d8  UserDataSvc - ok
18:24:35.0021 0x23d8  UserManager - ok
18:24:35.0114 0x23d8  [ F4D8F67474DDA4FEF3935393AAA0173F, 5EB1700895E33972816DE4C2B920769CCE5580B83CAB8B2D7A8A6264F3A42B80 ] USER_ESRV_SVC_WILLAMETTE C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
18:24:35.0161 0x23d8  USER_ESRV_SVC_WILLAMETTE - ok
18:24:35.0161 0x23d8  UsoSvc - ok
18:24:35.0192 0x23d8  VaultSvc - ok
18:24:35.0239 0x23d8  [ 0EB68D00C7D3825EBCB8C47018FE2A93, 6A5E675A76AA86ED3C21247D54D4B767BA44D6785DE83FB7946EAD893A9FD5DF ] VBoxDrv         C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
18:24:35.0333 0x23d8  VBoxDrv - ok
18:24:35.0364 0x23d8  [ 82902F80FADDC9BE4AFDAE63430827EE, DEED31F02F68B3E3A9414147F71373F73B195205FAEC3606B5540AE29762A3D1 ] VBoxUSBMon      C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
18:24:35.0411 0x23d8  VBoxUSBMon - ok
18:24:35.0411 0x23d8  vdrvroot - ok
18:24:35.0427 0x23d8  vds - ok
18:24:35.0442 0x23d8  VerifierExt - ok
18:24:35.0442 0x23d8  vhdmp - ok
18:24:35.0442 0x23d8  vhf - ok
18:24:35.0442 0x23d8  vmbus - ok
18:24:35.0458 0x23d8  VMBusHID - ok
18:24:35.0458 0x23d8  vmgid - ok
18:24:35.0474 0x23d8  vmicguestinterface - ok
18:24:35.0474 0x23d8  vmicheartbeat - ok
18:24:35.0474 0x23d8  vmickvpexchange - ok
18:24:35.0505 0x23d8  vmicrdv - ok
18:24:35.0505 0x23d8  vmicshutdown - ok
18:24:35.0505 0x23d8  vmictimesync - ok
18:24:35.0505 0x23d8  vmicvmsession - ok
18:24:35.0505 0x23d8  vmicvss - ok
18:24:35.0521 0x23d8  volmgr - ok
18:24:35.0521 0x23d8  volmgrx - ok
18:24:35.0521 0x23d8  volsnap - ok
18:24:35.0521 0x23d8  volume - ok
18:24:35.0536 0x23d8  [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
18:24:35.0567 0x23d8  vpci - ok
18:24:35.0567 0x23d8  vsmraid - ok
18:24:35.0583 0x23d8  VSS - ok
18:24:35.0583 0x23d8  VSTXRAID - ok
18:24:35.0583 0x23d8  vwifibus - ok
18:24:35.0599 0x23d8  vwififlt - ok
18:24:35.0599 0x23d8  W32Time - ok
18:24:35.0614 0x23d8  WacomPen - ok
18:24:35.0630 0x23d8  WalletService - ok
18:24:35.0630 0x23d8  wanarp - ok
18:24:35.0630 0x23d8  wanarpv6 - ok
18:24:35.0630 0x23d8  wbengine - ok
18:24:35.0661 0x23d8  WbioSrvc - ok
18:24:35.0661 0x23d8  wcifs - ok
18:24:35.0661 0x23d8  Wcmsvc - ok
18:24:35.0661 0x23d8  wcncsvc - ok
18:24:35.0677 0x23d8  wcnfs - ok
18:24:35.0677 0x23d8  WdBoot - ok
18:24:35.0677 0x23d8  Wdf01000 - ok
18:24:35.0677 0x23d8  WdFilter - ok
18:24:35.0677 0x23d8  WdiServiceHost - ok
18:24:35.0677 0x23d8  WdiSystemHost - ok
18:24:35.0692 0x23d8  wdiwifi - ok
18:24:35.0692 0x23d8  WdNisDrv - ok
18:24:35.0708 0x23d8  WdNisSvc - ok
18:24:35.0708 0x23d8  WebClient - ok
18:24:35.0724 0x23d8  Wecsvc - ok
18:24:35.0724 0x23d8  WEPHOSTSVC - ok
18:24:35.0724 0x23d8  wercplsupport - ok
18:24:35.0724 0x23d8  WerSvc - ok
18:24:35.0724 0x23d8  WFPLWFS - ok
18:24:35.0724 0x23d8  WiaRpc - ok
18:24:35.0739 0x23d8  WIMMount - ok
18:24:35.0739 0x23d8  WinDefend - ok
18:24:35.0739 0x23d8  WindowsTrustedRT - ok
18:24:35.0739 0x23d8  WindowsTrustedRTProxy - ok
18:24:35.0739 0x23d8  WinHttpAutoProxySvc - ok
18:24:35.0755 0x23d8  WinMad - ok
18:24:35.0771 0x23d8  Winmgmt - ok
18:24:35.0771 0x23d8  WinRM - ok
18:24:35.0771 0x23d8  WINUSB - ok
18:24:35.0771 0x23d8  WinVerbs - ok
18:24:35.0786 0x23d8  wisvc - ok
18:24:35.0786 0x23d8  WlanSvc - ok
18:24:35.0802 0x23d8  wlidsvc - ok
18:24:35.0802 0x23d8  WmiAcpi - ok
18:24:35.0802 0x23d8  wmiApSrv - ok
18:24:35.0817 0x23d8  Wof - ok
18:24:35.0817 0x23d8  workfolderssvc - ok
18:24:35.0817 0x23d8  WPDBusEnum - ok
18:24:35.0833 0x23d8  WpdUpFltr - ok
18:24:35.0833 0x23d8  WpnService - ok
18:24:35.0833 0x23d8  WpnUserService - ok
18:24:35.0833 0x23d8  ws2ifsl - ok
18:24:35.0849 0x23d8  wscsvc - ok
18:24:35.0849 0x23d8  WSearch - ok
18:24:35.0849 0x23d8  wuauserv - ok
18:24:35.0849 0x23d8  WudfPf - ok
18:24:35.0849 0x23d8  WUDFRd - ok
18:24:35.0864 0x23d8  wudfsvc - ok
18:24:35.0864 0x23d8  WUDFWpdFs - ok
18:24:35.0864 0x23d8  WUDFWpdMtp - ok
18:24:35.0880 0x23d8  WwanSvc - ok
18:24:35.0896 0x23d8  XblAuthManager - ok
18:24:35.0911 0x23d8  XblGameSave - ok
18:24:35.0927 0x23d8  [ C1E85B4FB08B4CCF16841B165910148B, AB33A6630BFC0E230BA464F721DD4ABB7DF79DF2D81C9C7366CC0BA2251F09F3 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
18:24:35.0989 0x23d8  xboxgip - ok
18:24:35.0989 0x23d8  XboxNetApiSvc - ok
18:24:36.0005 0x23d8  xinputhid - ok
18:24:36.0005 0x23d8  ================ Scan global ===============================
18:24:36.0052 0x23d8  [ Global ] - ok
18:24:36.0052 0x23d8  ================ Scan MBR ==================================
18:24:36.0083 0x23d8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
18:24:36.0177 0x23d8  \Device\Harddisk0\DR0 - ok
18:24:36.0193 0x23d8  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
18:24:37.0724 0x23d8  \Device\Harddisk1\DR1 - ok
18:24:37.0724 0x23d8  ================ Scan VBR ==================================
18:24:37.0724 0x23d8  [ 587AF438E07D18A66A9D67581F1981EB ] \Device\Harddisk0\DR0\Partition1
18:24:37.0724 0x23d8  \Device\Harddisk0\DR0\Partition1 - ok
18:24:37.0739 0x23d8  [ F0A90E9E1E864AEFDA1825C06612C4D3 ] \Device\Harddisk0\DR0\Partition2
18:24:37.0739 0x23d8  \Device\Harddisk0\DR0\Partition2 - ok
18:24:37.0755 0x23d8  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
18:24:37.0755 0x23d8  \Device\Harddisk0\DR0\Partition3 - ok
18:24:37.0771 0x23d8  [ A7CF1CA9CA68F8942F604E2D195C4202 ] \Device\Harddisk0\DR0\Partition4
18:24:37.0771 0x23d8  \Device\Harddisk0\DR0\Partition4 - ok
18:24:37.0771 0x23d8  [ EBA3075488927C8178708E4E210BFE37 ] \Device\Harddisk0\DR0\Partition5
18:24:37.0786 0x23d8  \Device\Harddisk0\DR0\Partition5 - ok
18:24:37.0802 0x23d8  [ F7E3ECACEDF1938DFBA4EBBA4AED0F37 ] \Device\Harddisk0\DR0\Partition6
18:24:37.0802 0x23d8  \Device\Harddisk0\DR0\Partition6 - ok
18:24:37.0818 0x23d8  [ E9E358FBB58B9D989CD4A842C6C95109 ] \Device\Harddisk1\DR1\Partition1
18:24:37.0818 0x23d8  \Device\Harddisk1\DR1\Partition1 - ok
18:24:37.0818 0x23d8  ================ Scan generic autorun ======================
18:24:38.0068 0x23d8  [ 4DA10F5BB9CBB4BDC4B757BB89E4EBC3, 2E41F18658576E4F62E203BD782EDB99C145B8716874AEDA95807389F59BBFFA ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
18:24:38.0286 0x23d8  RTHDVCPL - ok
18:24:38.0333 0x23d8  [ DD07D37B9A811764313FADE6C87F731F, 0D6CC5A0B0895528170C5FE9C2DA648D97A35C485D8F1FD98042058EA51CE440 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
18:24:38.0396 0x23d8  RtHDVBg - ok
18:24:38.0458 0x23d8  [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
18:24:38.0489 0x23d8  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
18:24:38.0614 0x23d8  Detect skipped due to KSN trusted
18:24:38.0614 0x23d8  IAStorIcon - ok
18:24:38.0724 0x23d8  [ 94A8196066774252DF015EEDF02CCA44, AD2DFDA427E3CCB5C8404F0AFAFE71C64B862D2E26A67E1BFC2B40738FD0B873 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:24:38.0771 0x23d8  NvBackend - ok
18:24:38.0771 0x23d8  ShadowPlay - ok
18:24:38.0833 0x23d8  [ 8CC5E4DB25E4C22A308E2820E69D4950, A53BBE06FF226DA7E37C3ADA881AF4F856E439553DFA7D10DDECB07196545B39 ] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
18:24:38.0864 0x23d8  CDAServer - ok
18:24:38.0927 0x23d8  [ FE18DDEA98D90DBF850AFCA0158ABEC8, 8EC0099B560CC23DA6D26A71A202667D1A7C4BC37CE0F9F3458EA40440541D06 ] C:\Program Files\Everything\Everything.exe
18:24:39.0021 0x23d8  Everything - detected UnsignedFile.Multi.Generic ( 1 )
18:24:39.0130 0x23d8  Detect skipped due to KSN trusted
18:24:39.0130 0x23d8  Everything - ok
18:24:39.0380 0x23d8  [ 56CD0FF9F67B8A3CE0C0FD53B1FC5FC1, D169B7A80117CEC4EA245F8EA9F3B6A280A50AAFE7E9AC4EB8DA285F79821256 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
18:24:39.0521 0x23d8  AvastUI.exe - ok
18:24:39.0568 0x23d8  [ 5153C06FC9D4D094D1A785545928B134, 0037C935722663F9EF028F841DE222FC6418E9D60939AB60C965807E67A458DC ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
18:24:39.0568 0x23d8  SunJavaUpdateSched - ok
18:24:39.0614 0x23d8  OneDriveSetup - ok
18:24:39.0614 0x23d8  OneDriveSetup - ok
18:24:39.0818 0x23d8  [ A70E699E0B0DD9C2B3B35E9A8167F903, 6CC7AFFEED646AA9C46C709C8B36751CA9EBCDDC70438ECE1D1328E6C1A02421 ] C:\Program Files\CCleaner\CCleaner64.exe
18:24:39.0943 0x23d8  CCleaner Monitoring - ok
18:24:40.0052 0x23d8  [ 1D7DD340E13DF9585EABB849CFC3E11B, 31CCD9753402DC030C641214B4ECB48A757BCD9F427A143A88745C62EFF87766 ] C:\Users\hannibla34\AppData\Local\Microsoft\OneDrive\OneDrive.exe
18:24:40.0099 0x23d8  OneDrive - ok
18:24:40.0146 0x23d8  [ DC3DB64A7F934F7941484FEB19380226, 8C00CAC91099B69ACE0F44894D8705CE8C3F0B4362E844A92566FD8902978333 ] C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe
18:24:40.0177 0x23d8  STUISpeedLauncher - detected UnsignedFile.Multi.Generic ( 1 )
18:24:40.0302 0x23d8  Detect skipped due to KSN trusted
18:24:40.0302 0x23d8  STUISpeedLauncher - ok
18:24:40.0318 0x23d8  Uninstall C:\Users\hannibla34\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64 - ok
18:24:40.0318 0x23d8  Waiting for KSN requests completion. In queue: 47
18:24:40.0443 0x1884  Object required for P2P: [ 56CD0FF9F67B8A3CE0C0FD53B1FC5FC1 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
18:24:40.0677 0x1884  Object send P2P result: true
18:24:41.0364 0x23d8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
18:24:41.0364 0x23d8  AV detected via SS2: Avast Antivirus, C:\Program Files\AVAST Software\Avast\wsc_proxy.exe ( 12.3.3154.0 ), 0x41000 ( enabled : updated )
18:24:41.0396 0x23d8  Win FW state via NFP2: enabled ( trusted )
18:24:41.0521 0x23d8  ============================================================
18:24:41.0521 0x23d8  Scan finished
18:24:41.0521 0x23d8  ============================================================
18:24:41.0536 0x2034  Detected object count: 0
18:24:41.0536 0x2034  Actual detected object count: 0

deeprybka · 30.10.2016, 18:31

Bitte folgende Scans ebenfalls durchführen: Tools ggf. neu auf den Desktop laden:

Schritt 1

Downloade Dir bitte

AdwCleaner auf Deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere Dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- Internet Explorer Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit Deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Download und Anleitung
Starte Malwarebytes' Anti-Malware (MBAM).
Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass Deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Jetzt bitte Suchscan durchführen:

Schritt 3

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

29.10.2016, 15:31	#8
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Virenbefall? Bitte das Log posten wie beschrieben. Das gilt auch für alle weiteren Schritte und Logs. __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

30.10.2016, 13:29	#11
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Virenbefall? TDSS-Killer Log? __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

30.10.2016, 18:10	#13
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Virenbefall? Der Scan wurde zudem nicht nach Anleitung durchgeführt. Bitte wiederholen. __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Virenbefall?

Plagegeister aller Art und deren Bekämpfung: Virenbefall?

Virenbefall?

Virenbefall?

Virenbefall?

Virenbefall?

Virenbefall?

Virenbefall?

Virenbefall?

Virenbefall?

Virenbefall?

Virenbefall?

Virenbefall?

Virenbefall?

Virenbefall?

Virenbefall?

Virenbefall?

Ähnliche Themen: Virenbefall?

28.10.2016, 19:58	#7
krautsand	Virenbefall? Hallo Jürgen, Es wurden keine infizierten Objekte gefunden. Grüße krautsand