| |
| |||||||
Log-Analyse und Auswertung: WEB.de E-Mail-Account: Mail delivery failed Nachrichten, obwohl ich selber keine E-Mails geschrieben habeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
05.05.2017, 18:01
| #1 |
 |  WEB.de E-Mail-Account: Mail delivery failed Nachrichten, obwohl ich selber keine E-Mails geschrieben habe Hallo, ich bekomme seit einigen Tagen von Web.de E-Mails mit folgenden Titel: "WEB.DE Mailer Daemon" und dem Inhalt "Mail delivery failed...", obwohl ich selbst keine E-Mails verschickt habe. Zudem bekomme ich seitdem auch überdurchschnittlich viele Spam Mails. Ich würde nun gerne wissen, ob das bedeutet, dass mein E-Mail Account gehacked wurde und dass jemand über meinen Account Spam-Nachrichten verschickt und wie ich dagegen vorgehen kann. Und ob ich jetzt gegebenenfalls einen Virus auf meinem Computer habe. Ich habe bereits mein E-Mail Passwort geändert, das hat allerdings nicht geholfen. Über Hilfe würde ich mich sehr freuen. Vielen Dank im Voraus! Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-05-2017 02
durchgeführt von Selvi (Administrator) auf SELVI-PC (05-05-2017 18:33:15)
Gestartet von C:\Users\Selvi\Desktop
Geladene Profile: Selvi (Verfügbare Profile: Selvi)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManager64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Windows\System32\igfxTray.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenBroker64.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17032.10341.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-10-19] (Realtek semiconductor)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [401896 2016-11-05] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2015-01-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2015-01-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [164112 2015-05-16] (IvoSoft)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1487552 2017-04-23] (COMODO)
HKLM\...\Run: [FileOpenBroker] => C:\Program Files\FileOpen\Services\FileOpenBroker64.exe [1566200 2016-03-01] (FileOpen Systems Inc.)
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2045440 2016-07-07] (Eastman Kodak Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-09-09] (Synaptics Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-03-28] (Microsoft Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28432392 2017-05-01] (Dropbox, Inc.)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3386576 2017-03-31] (COMODO)
HKLM-x32\...\Run: [EKIJ5000StatusMonitor] => C:\WINDOWS\System32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2045440 2016-07-07] (Eastman Kodak Company)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2015-01-26]
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 128.176.0.28 128.176.0.30
Tcpip\..\Interfaces\{daa1c4ef-0097-428d-8227-ae1d84ec2e63}: [DhcpNameServer] 128.176.0.28 128.176.0.30
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-453909624-3209935802-3352585122-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.netflix.de/
HKU\S-1-5-21-453909624-3209935802-3352585122-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-453909624-3209935802-3352585122-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-453909624-3209935802-3352585122-1001 -> {0AA24E16-07B3-4694-8357-3C21ACC5F516} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=comodo&hsimp=yhs-com_chrome&type=7291_33220005005_4.29.402047.207_u_ds_sp&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-04-02] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-04-02] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-04-02] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-04-02] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-02] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: vwrlke5b.default
FF ProfilePath: C:\Users\Selvi\AppData\Roaming\Mozilla\Firefox\Profiles\vwrlke5b.default [2017-05-05]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\vwrlke5b.default -> Ecosia
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\vwrlke5b.default -> Web Search
FF Homepage: Mozilla\Firefox\Profiles\vwrlke5b.default -> hxxps://www.ecosia.org/
FF Extension: (Ecosia — The search engine that plants trees!) - C:\Users\Selvi\AppData\Roaming\Mozilla\Firefox\Profiles\vwrlke5b.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2016-10-14]
FF Extension: (Adblock Plus) - C:\Users\Selvi\AppData\Roaming\Mozilla\Firefox\Profiles\vwrlke5b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-29]
FF Extension: (Shield Recipe Client) - C:\Users\Selvi\AppData\Roaming\Mozilla\Firefox\Profiles\vwrlke5b.default\features\{d08a8d2b-d70c-47c1-869d-3f9a2c4c550c}\shield-recipe-client@mozilla.org.xpi [2017-05-03]
FF SearchPlugin: C:\Users\Selvi\AppData\Roaming\Mozilla\Firefox\Profiles\vwrlke5b.default\searchplugins\AdTrustMediaGeekbuddy.xml [2016-10-29]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-11-02] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-11-02] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-04-02] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-04-02] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-12] (Nitro PDF)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ChromodoUpdater; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [2304184 2016-04-11] (Comodo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3294920 2017-04-03] (Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10512032 2017-04-23] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-04-23] (COMODO)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-17] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-17] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [48944 2017-05-01] (Dropbox, Inc.)
R2 FileOpenManager; C:\Program Files\FileOpen\Services\FileOpenManager64.exe [380920 2016-03-01] (FileOpen Systems Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-05] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [118480 2017-03-31] (COMODO)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-01-26] (Lenovo(beijing) Limited)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872808 2015-12-03] (Maxthon)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-12] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-12] (Nitro PDF Software)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [161072 2013-08-07] (PointGrab LTD)
S4 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [345408 2013-08-07] (PointGrab LTD)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-25] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-09-09] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 CFRMD; C:\WINDOWS\System32\DRIVERS\CFRMD.sys [40224 2015-08-07] (Windows (R) Win 7 DDK provider)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [40960 2017-03-31] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [831504 2017-03-31] (COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-03-31] (COMODO)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-06-08] (Samsung Electronics Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230656 2017-02-02] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 INETMON; C:\WINDOWS\System32\Drivers\INETMON.sys [29088 2013-08-13] ()
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [129200 2017-03-31] (COMODO)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)
R0 mfedisk; C:\WINDOWS\System32\DRIVERS\mfedisk.sys [101872 2015-04-08] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8876248 2013-10-19] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-06-08] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-05 18:33 - 2017-05-05 18:34 - 00026477 _____ C:\Users\Selvi\Desktop\FRST.txt
2017-05-05 18:32 - 2017-05-05 18:33 - 00000000 ____D C:\FRST
2017-05-05 18:32 - 2017-05-05 18:32 - 02429440 _____ (Farbar) C:\Users\Selvi\Desktop\FRST64.exe
2017-05-04 15:47 - 2017-05-04 15:47 - 00008167 _____ C:\Users\Selvi\Desktop\Klageerwiderung Anwaltsklausur VerwR.pdf
2017-05-04 15:46 - 2017-05-04 15:46 - 00106130 _____ C:\Users\Selvi\Desktop\RA Schriftsatz Beigeladener.pdf
2017-05-04 11:12 - 2017-05-04 11:12 - 00027574 _____ C:\Users\Selvi\Desktop\Mail Luther CleverFit.pdf
2017-05-03 15:42 - 2017-05-03 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-05-01 16:49 - 2017-05-01 16:49 - 00048944 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-05-01 15:20 - 2017-05-01 15:20 - 00143388 _____ C:\Users\Selvi\Desktop\JA 2012, 769 - beck-online.pdf
2017-04-25 17:37 - 2017-04-26 22:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-21 11:22 - 2017-04-21 11:22 - 00057144 _____ C:\Users\Selvi\Desktop\BGH JuS 2015, 363.pdf
2017-04-20 15:18 - 2017-04-20 15:18 - 00142895 _____ C:\Users\Selvi\Desktop\JA 2011, 49 - beck-online.pdf
2017-04-12 17:18 - 2017-03-28 08:05 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-12 17:18 - 2017-03-28 08:04 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-04-12 17:18 - 2017-03-28 08:04 - 02262776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-04-12 17:18 - 2017-03-28 07:59 - 06667520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-12 17:18 - 2017-03-28 07:58 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-04-12 17:18 - 2017-03-28 07:58 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-04-12 17:18 - 2017-03-28 07:58 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-04-12 17:18 - 2017-03-28 07:58 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-04-12 17:18 - 2017-03-28 07:58 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-04-12 17:18 - 2017-03-28 07:58 - 00961192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-12 17:18 - 2017-03-28 07:53 - 01414728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-04-12 17:18 - 2017-03-28 07:24 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-04-12 17:18 - 2017-03-28 07:20 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-04-12 17:18 - 2017-03-28 07:17 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-04-12 17:18 - 2017-03-28 07:11 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-04-12 17:18 - 2017-03-28 07:11 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-04-12 17:17 - 2017-03-28 09:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-04-12 17:17 - 2017-03-28 09:10 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-12 17:17 - 2017-03-28 08:32 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-04-12 17:17 - 2017-03-28 08:29 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-04-12 17:17 - 2017-03-28 08:28 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-04-12 17:17 - 2017-03-28 08:26 - 00218520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2017-04-12 17:17 - 2017-03-28 08:21 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-04-12 17:17 - 2017-03-28 08:20 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-04-12 17:17 - 2017-03-28 08:19 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-04-12 17:17 - 2017-03-28 08:18 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-04-12 17:17 - 2017-03-28 08:15 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-04-12 17:17 - 2017-03-28 08:11 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-04-12 17:17 - 2017-03-28 08:11 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-04-12 17:17 - 2017-03-28 08:10 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-04-12 17:17 - 2017-03-28 08:10 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-04-12 17:17 - 2017-03-28 08:09 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-04-12 17:17 - 2017-03-28 08:07 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-04-12 17:17 - 2017-03-28 08:06 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 22221368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 08168512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-04-12 17:17 - 2017-03-28 08:04 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-04-12 17:17 - 2017-03-28 08:04 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-04-12 17:17 - 2017-03-28 08:04 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-04-12 17:17 - 2017-03-28 08:04 - 00277344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-04-12 17:17 - 2017-03-28 08:04 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-04-12 17:17 - 2017-03-28 08:04 - 00116568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-04-12 17:17 - 2017-03-28 08:02 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-04-12 17:17 - 2017-03-28 08:02 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-04-12 17:17 - 2017-03-28 08:02 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-04-12 17:17 - 2017-03-28 07:59 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-04-12 17:17 - 2017-03-28 07:59 - 02533728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-04-12 17:17 - 2017-03-28 07:58 - 01851688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-04-12 17:17 - 2017-03-28 07:58 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-04-12 17:17 - 2017-03-28 07:58 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-04-12 17:17 - 2017-03-28 07:53 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-04-12 17:17 - 2017-03-28 07:52 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-04-12 17:17 - 2017-03-28 07:48 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-04-12 17:17 - 2017-03-28 07:42 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-04-12 17:17 - 2017-03-28 07:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-04-12 17:17 - 2017-03-28 07:41 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-04-12 17:17 - 2017-03-28 07:40 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-04-12 17:17 - 2017-03-28 07:40 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2017-04-12 17:17 - 2017-03-28 07:40 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-12 17:17 - 2017-03-28 07:39 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-04-12 17:17 - 2017-03-28 07:39 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-04-12 17:17 - 2017-03-28 07:38 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-04-12 17:17 - 2017-03-28 07:38 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-12 17:17 - 2017-03-28 07:38 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-04-12 17:17 - 2017-03-28 07:37 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apds.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-12 17:17 - 2017-03-28 07:36 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsecsnp.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys
2017-04-12 17:17 - 2017-03-28 07:35 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-04-12 17:17 - 2017-03-28 07:35 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-04-12 17:17 - 2017-03-28 07:35 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-04-12 17:17 - 2017-03-28 07:35 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-04-12 17:17 - 2017-03-28 07:35 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-12 17:17 - 2017-03-28 07:34 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-04-12 17:17 - 2017-03-28 07:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-04-12 17:17 - 2017-03-28 07:34 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-04-12 17:17 - 2017-03-28 07:34 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsmsnap.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-04-12 17:17 - 2017-03-28 07:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-04-12 17:17 - 2017-03-28 07:31 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-04-12 17:17 - 2017-03-28 07:31 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-04-12 17:17 - 2017-03-28 07:31 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-04-12 17:17 - 2017-03-28 07:31 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-04-12 17:17 - 2017-03-28 07:31 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-04-12 17:17 - 2017-03-28 07:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-04-12 17:17 - 2017-03-28 07:27 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-04-12 17:17 - 2017-03-28 07:27 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2017-04-12 17:17 - 2017-03-28 07:27 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-04-12 17:17 - 2017-03-28 07:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-04-12 17:17 - 2017-03-28 07:26 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-04-12 17:17 - 2017-03-28 07:26 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-04-12 17:17 - 2017-03-28 07:26 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-04-12 17:17 - 2017-03-28 07:26 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-04-12 17:17 - 2017-03-28 07:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-04-12 17:17 - 2017-03-28 07:26 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-04-12 17:17 - 2017-03-28 07:25 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-04-12 17:17 - 2017-03-28 07:25 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-04-12 17:17 - 2017-03-28 07:25 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-04-12 17:17 - 2017-03-28 07:25 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-04-12 17:17 - 2017-03-28 07:24 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-04-12 17:17 - 2017-03-28 07:24 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-04-12 17:17 - 2017-03-28 07:24 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-04-12 17:17 - 2017-03-28 07:24 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-04-12 17:17 - 2017-03-28 07:23 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-04-12 17:17 - 2017-03-28 07:23 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-04-12 17:17 - 2017-03-28 07:23 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-04-12 17:17 - 2017-03-28 07:23 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-04-12 17:17 - 2017-03-28 07:22 - 00516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2017-04-12 17:17 - 2017-03-28 07:22 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-04-12 17:17 - 2017-03-28 07:22 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-04-12 17:17 - 2017-03-28 07:22 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2017-04-12 17:17 - 2017-03-28 07:21 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-04-12 17:17 - 2017-03-28 07:21 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-04-12 17:17 - 2017-03-28 07:21 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-04-12 17:17 - 2017-03-28 07:21 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-04-12 17:17 - 2017-03-28 07:20 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-04-12 17:17 - 2017-03-28 07:20 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 07655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-04-12 17:17 - 2017-03-28 07:18 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-04-12 17:17 - 2017-03-28 07:18 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-04-12 17:17 - 2017-03-28 07:17 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-04-12 17:17 - 2017-03-28 07:17 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-04-12 17:17 - 2017-03-28 07:17 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-04-12 17:17 - 2017-03-28 07:16 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-04-12 17:17 - 2017-03-28 07:16 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-04-12 17:17 - 2017-03-28 07:16 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-04-12 17:17 - 2017-03-28 07:16 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-04-12 17:17 - 2017-03-28 07:15 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-04-12 17:17 - 2017-03-28 07:15 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-04-12 17:17 - 2017-03-28 07:14 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-04-12 17:17 - 2017-03-28 07:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-04-12 17:17 - 2017-03-28 07:11 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-04-12 17:17 - 2017-03-28 07:11 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-04-12 17:17 - 2017-03-28 07:11 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-04-12 17:17 - 2017-03-28 07:11 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-04-12 17:17 - 2017-03-28 07:11 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-04-12 17:17 - 2017-03-28 07:11 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-04-12 17:17 - 2017-03-28 07:10 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-04-12 17:17 - 2017-03-28 07:10 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-04-12 17:17 - 2017-03-28 07:10 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-04-12 17:17 - 2017-03-28 07:10 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-04-12 17:17 - 2017-03-28 07:10 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-04-12 17:17 - 2017-03-28 07:10 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-04-12 17:17 - 2017-03-28 07:09 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-04-12 17:17 - 2017-03-28 07:09 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-04-12 17:17 - 2017-03-28 07:09 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-04-12 17:17 - 2017-03-28 07:08 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-12 17:17 - 2017-03-28 07:08 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-04-12 17:17 - 2017-03-28 07:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-04-12 17:17 - 2017-03-28 07:06 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-04-12 17:17 - 2017-03-28 06:48 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-04-12 17:17 - 2017-03-16 06:38 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-04-12 17:16 - 2017-03-28 08:28 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-04-12 17:16 - 2017-03-28 08:26 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-04-12 17:16 - 2017-03-28 08:22 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-12 17:16 - 2017-03-28 08:12 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-04-12 17:16 - 2017-03-28 08:11 - 02187616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-12 17:16 - 2017-03-28 08:11 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-12 17:16 - 2017-03-28 08:11 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-12 17:16 - 2017-03-28 08:10 - 02758648 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-12 17:16 - 2017-03-28 08:10 - 01157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-04-12 17:16 - 2017-03-28 08:04 - 01276760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-12 17:16 - 2017-03-28 08:04 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-04-12 17:16 - 2017-03-28 08:04 - 00160088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-04-12 17:16 - 2017-03-28 08:00 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-04-12 17:16 - 2017-03-28 08:00 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-12 17:16 - 2017-03-28 07:41 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-04-12 17:16 - 2017-03-28 07:38 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-04-12 17:16 - 2017-03-28 07:37 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-12 17:16 - 2017-03-28 07:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2017-04-12 17:16 - 2017-03-28 07:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-04-12 17:16 - 2017-03-28 07:36 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-04-12 17:16 - 2017-03-28 07:35 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-04-12 17:16 - 2017-03-28 07:35 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-04-12 17:16 - 2017-03-28 07:34 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-04-12 17:16 - 2017-03-28 07:34 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-12 17:16 - 2017-03-28 07:33 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-04-12 17:16 - 2017-03-28 07:33 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-04-12 17:16 - 2017-03-28 07:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-04-12 17:16 - 2017-03-28 07:32 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-04-12 17:16 - 2017-03-28 07:31 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-04-12 17:16 - 2017-03-28 07:31 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-04-12 17:16 - 2017-03-28 07:30 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-04-12 17:16 - 2017-03-28 07:30 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-04-12 17:16 - 2017-03-28 07:30 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-04-12 17:16 - 2017-03-28 07:30 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-04-12 17:16 - 2017-03-28 07:30 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2017-04-12 17:16 - 2017-03-28 07:29 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-04-12 17:16 - 2017-03-28 07:29 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-12 17:16 - 2017-03-28 07:29 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-04-12 17:16 - 2017-03-28 07:29 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-04-12 17:16 - 2017-03-28 07:29 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-04-12 17:16 - 2017-03-28 07:29 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-04-12 17:16 - 2017-03-28 07:28 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-04-12 17:16 - 2017-03-28 07:28 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-04-12 17:16 - 2017-03-28 07:28 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-04-12 17:16 - 2017-03-28 07:28 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-04-12 17:16 - 2017-03-28 07:28 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-04-12 17:16 - 2017-03-28 07:27 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-04-12 17:16 - 2017-03-28 07:27 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-04-12 17:16 - 2017-03-28 07:27 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-04-12 17:16 - 2017-03-28 07:26 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-04-12 17:16 - 2017-03-28 07:26 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-04-12 17:16 - 2017-03-28 07:25 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-04-12 17:16 - 2017-03-28 07:25 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-04-12 17:16 - 2017-03-28 07:25 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-12 17:16 - 2017-03-28 07:24 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-12 17:16 - 2017-03-28 07:24 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-04-12 17:16 - 2017-03-28 07:23 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-04-12 17:16 - 2017-03-28 07:23 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-04-12 17:16 - 2017-03-28 07:21 - 23681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-12 17:16 - 2017-03-28 07:21 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-04-12 17:16 - 2017-03-28 07:21 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2017-04-12 17:16 - 2017-03-28 07:20 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-04-12 17:16 - 2017-03-28 07:20 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-12 17:16 - 2017-03-28 07:19 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-04-12 17:16 - 2017-03-28 07:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2017-04-12 17:16 - 2017-03-28 07:18 - 12181504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-12 17:16 - 2017-03-28 07:18 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-12 17:16 - 2017-03-28 07:18 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-04-12 17:16 - 2017-03-28 07:17 - 13087232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-12 17:16 - 2017-03-28 07:17 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-04-12 17:16 - 2017-03-28 07:15 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-04-12 17:16 - 2017-03-28 07:15 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-12 17:16 - 2017-03-28 07:15 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-04-12 17:16 - 2017-03-28 07:15 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-04-12 17:16 - 2017-03-28 07:15 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-04-12 17:16 - 2017-03-28 07:15 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-04-12 17:16 - 2017-03-28 07:14 - 08126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-12 17:16 - 2017-03-28 07:14 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-04-12 17:16 - 2017-03-28 07:14 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-04-12 17:16 - 2017-03-28 07:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-04-12 17:16 - 2017-03-28 07:14 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-12 17:16 - 2017-03-28 07:13 - 06045184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-04-12 17:16 - 2017-03-28 07:13 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-12 17:16 - 2017-03-28 07:13 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-12 17:16 - 2017-03-28 07:13 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-04-12 17:16 - 2017-03-28 07:13 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-04-12 17:16 - 2017-03-28 07:13 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-12 17:16 - 2017-03-28 07:13 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-04-12 17:16 - 2017-03-28 07:12 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-04-12 17:16 - 2017-03-28 07:12 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-04-12 17:16 - 2017-03-28 07:12 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-04-12 17:16 - 2017-03-28 07:12 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-04-12 17:16 - 2017-03-28 07:11 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-04-12 17:16 - 2017-03-28 07:10 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-12 17:16 - 2017-03-28 07:10 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-12 17:16 - 2017-03-28 07:10 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-12 17:16 - 2017-03-28 07:10 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-04-12 17:16 - 2017-03-28 07:10 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-04-12 17:16 - 2017-03-28 07:10 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-04-12 17:16 - 2017-03-28 07:09 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-04-12 17:16 - 2017-03-28 07:09 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-04-12 17:16 - 2017-03-28 07:09 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-04-12 17:16 - 2017-03-28 07:08 - 03612672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-12 17:16 - 2017-03-28 07:08 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-04-12 17:16 - 2017-03-28 07:08 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-12 17:16 - 2017-03-28 07:07 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-04-12 17:16 - 2017-03-28 07:07 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-04-12 17:16 - 2017-03-28 07:07 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2017-04-12 17:16 - 2017-03-28 07:06 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-04-12 17:16 - 2017-03-28 07:06 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-04-12 17:16 - 2017-03-28 07:05 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-12 17:16 - 2017-03-18 18:35 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-04-12 17:15 - 2017-03-28 08:36 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-04-12 17:15 - 2017-03-28 08:36 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-04-12 17:15 - 2017-03-28 08:36 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-04-12 17:15 - 2017-03-28 08:36 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-04-12 17:15 - 2017-03-28 08:36 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-04-12 17:15 - 2017-03-28 08:35 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-12 17:15 - 2017-03-28 08:20 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-04-12 17:15 - 2017-03-28 08:10 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-04-12 17:15 - 2017-03-28 08:10 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-04-12 17:15 - 2017-03-28 08:09 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-04-12 17:15 - 2017-03-28 08:09 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-04-12 17:15 - 2017-03-28 08:09 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-04-12 17:15 - 2017-03-28 08:08 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-04-12 17:15 - 2017-03-28 08:08 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-04-12 17:15 - 2017-03-28 08:08 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-04-12 17:15 - 2017-03-28 08:04 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-04-12 17:15 - 2017-03-28 07:58 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-04-12 17:15 - 2017-03-28 07:44 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-04-12 17:15 - 2017-03-28 07:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-04-12 17:15 - 2017-03-28 07:37 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2017-04-12 17:15 - 2017-03-28 07:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-04-12 17:15 - 2017-03-28 07:36 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-12 17:15 - 2017-03-28 07:35 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-04-12 17:15 - 2017-03-28 07:35 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-04-12 17:15 - 2017-03-28 07:34 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-04-12 17:15 - 2017-03-28 07:34 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-04-12 17:15 - 2017-03-28 07:34 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-04-12 17:15 - 2017-03-28 07:34 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-04-12 17:15 - 2017-03-28 07:33 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-04-12 17:15 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-04-12 17:15 - 2017-03-28 07:33 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-04-12 17:15 - 2017-03-28 07:33 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-04-12 17:15 - 2017-03-28 07:33 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-04-12 17:15 - 2017-03-28 07:32 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-04-12 17:15 - 2017-03-28 07:32 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-04-12 17:15 - 2017-03-28 07:31 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-04-12 17:15 - 2017-03-28 07:31 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-04-12 17:15 - 2017-03-28 07:31 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-04-12 17:15 - 2017-03-28 07:30 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-04-12 17:15 - 2017-03-28 07:30 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-04-12 17:15 - 2017-03-28 07:30 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-04-12 17:15 - 2017-03-28 07:28 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-04-12 17:15 - 2017-03-28 07:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-04-12 17:15 - 2017-03-28 07:27 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-04-12 17:15 - 2017-03-28 07:27 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2017-04-12 17:15 - 2017-03-28 07:27 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-04-12 17:15 - 2017-03-28 07:26 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-04-12 17:15 - 2017-03-28 07:25 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-04-12 17:15 - 2017-03-28 07:25 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-04-12 17:15 - 2017-03-28 07:25 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-04-12 17:15 - 2017-03-28 07:24 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-04-12 17:15 - 2017-03-28 07:23 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-04-12 17:15 - 2017-03-28 07:23 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-04-12 17:15 - 2017-03-28 07:19 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-04-12 17:15 - 2017-03-28 07:17 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-04-12 17:15 - 2017-03-28 07:17 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-04-12 17:15 - 2017-03-28 07:16 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-04-12 17:15 - 2017-03-28 07:16 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-04-12 17:15 - 2017-03-28 07:15 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-04-12 17:15 - 2017-03-28 07:14 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-04-12 17:15 - 2017-03-28 07:14 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-04-12 17:15 - 2017-03-28 07:14 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-04-12 17:15 - 2017-03-28 07:13 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-04-12 17:15 - 2017-03-28 07:12 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-04-12 17:15 - 2017-03-28 07:11 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-04-12 17:15 - 2017-03-28 07:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-04-12 17:15 - 2017-03-28 07:09 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-04-12 17:15 - 2017-03-28 07:09 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-04-12 17:15 - 2017-03-28 07:08 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-04-12 17:15 - 2017-03-18 18:50 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-04-12 17:15 - 2017-03-16 06:47 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-04-12 16:59 - 2017-04-12 16:59 - 00101716 _____ C:\Users\Selvi\Desktop\Entscheidung-des-Monats-04-2017.pdf
2017-04-12 11:52 - 2017-04-25 17:35 - 00002256 _____ C:\Users\Public\Desktop\COMODO Firewall 10.lnk
2017-04-12 08:31 - 2017-04-23 00:28 - 00230592 _____ (COMODO) C:\WINDOWS\system32\cmdshim64.dll
2017-04-12 08:31 - 2017-04-23 00:26 - 00194752 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdshim32.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-05 18:05 - 2016-11-04 19:32 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-05 17:27 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-05 17:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-05 17:22 - 2015-06-06 20:28 - 00000000 ____D C:\Users\Selvi\AppData\Local\Packages
2017-05-05 17:19 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-05 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-05 17:18 - 2016-12-02 19:05 - 00000000 ____D C:\Users\Selvi\AppData\LocalLow\Mozilla
2017-05-05 17:15 - 2015-06-17 21:52 - 00000000 ____D C:\ProgramData\Kodak
2017-05-05 17:13 - 2016-11-04 19:37 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-05 17:13 - 2015-09-09 23:33 - 00000000 __SHD C:\Users\Selvi\IntelGraphicsProfiles
2017-05-04 15:58 - 2017-03-01 17:08 - 00011387 _____ C:\Users\Selvi\Desktop\Lernplan.xlsx
2017-05-04 15:58 - 2015-11-05 23:37 - 00000000 ____D C:\Users\Selvi\Documents\Outlook-Dateien
2017-05-04 15:47 - 2015-07-20 17:31 - 00000000 ____D C:\Users\Selvi\AppData\Roaming\Nitro PDF
2017-05-04 12:11 - 2017-03-28 08:48 - 00000000 ____D C:\Users\Selvi\Desktop\Unterlagen Daniel
2017-05-04 12:06 - 2015-08-14 22:22 - 00000000 ____D C:\Users\Selvi\AppData\Local\Spotify
2017-05-04 12:06 - 2015-08-14 22:21 - 00000000 ____D C:\Users\Selvi\AppData\Roaming\Spotify
2017-05-03 15:42 - 2015-06-11 11:05 - 00000000 ___RD C:\Users\Selvi\Dropbox
2017-05-03 15:42 - 2015-06-11 11:02 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-04-28 17:30 - 2016-07-17 00:51 - 01390030 _____ C:\WINDOWS\system32\perfh007.dat
2017-04-28 17:30 - 2016-07-17 00:51 - 00356602 _____ C:\WINDOWS\system32\perfc007.dat
2017-04-28 17:30 - 2015-09-09 21:12 - 02948740 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-28 17:27 - 2016-11-04 20:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-28 17:26 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-04-26 22:05 - 2015-06-07 11:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-26 22:04 - 2015-08-10 15:27 - 00007926 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2017-04-23 00:31 - 2015-04-01 18:48 - 00051808 _____ (COMODO) C:\WINDOWS\system32\cmdcsr.dll
2017-04-23 00:30 - 2015-04-01 18:48 - 00942792 _____ (COMODO) C:\WINDOWS\system32\guard64.dll
2017-04-23 00:30 - 2015-04-01 18:48 - 00733456 _____ (COMODO) C:\WINDOWS\SysWOW64\guard32.dll
2017-04-23 00:28 - 2015-04-01 18:47 - 00457408 _____ (COMODO) C:\WINDOWS\system32\cmdvrt64.dll
2017-04-23 00:26 - 2015-04-01 18:45 - 00363200 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdvrt32.dll
2017-04-22 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2017-04-21 18:12 - 2015-08-18 12:22 - 00000000 ____D C:\Users\Selvi\Desktop\Ref
2017-04-19 11:16 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-04-19 09:03 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-19 09:01 - 2015-01-26 03:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-04-18 10:40 - 2016-12-18 19:35 - 00003276 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-18 10:39 - 2015-09-09 23:36 - 00002433 _____ C:\Users\Selvi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-18 10:39 - 2015-06-06 20:34 - 00000000 __RDO C:\Users\Selvi\OneDrive
2017-04-13 22:12 - 2015-06-17 11:02 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-04-13 22:11 - 2016-11-04 20:07 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-04-13 09:18 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-04-13 09:16 - 2015-06-07 03:21 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-13 09:15 - 2016-11-04 19:41 - 00000000 ____D C:\Users\Selvi
2017-04-13 09:00 - 2016-11-04 19:31 - 00355608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-13 08:56 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-04-12 23:16 - 2015-06-08 00:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-12 23:11 - 2015-06-08 00:05 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-12 08:36 - 2016-11-04 20:07 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2017-04-12 08:34 - 2015-06-06 21:29 - 00000000 ____D C:\Users\Selvi\AppData\Local\ClassicShell
2017-04-12 08:31 - 2016-11-04 20:08 - 00003140 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2017-04-08 10:11 - 2015-08-06 21:14 - 00532136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-09-18 19:45 - 2016-10-13 15:55 - 0285510 _____ () C:\Program Files (x86)\lizenzvertrag.pdf
2016-04-14 10:33 - 2016-04-14 10:34 - 0016084 _____ () C:\Users\Selvi\AppData\Local\clear.log
2016-04-14 11:41 - 2016-04-14 11:41 - 0000236 _____ () C:\Users\Selvi\AppData\Local\LaunchHomeCenter.log
2015-12-18 19:58 - 2015-12-18 19:58 - 0000000 _____ () C:\Users\Selvi\AppData\Local\{A0359E3F-99E8-48D5-A237-82810DA8B900}
2015-12-18 20:04 - 2015-12-18 20:04 - 0000000 _____ () C:\Users\Selvi\AppData\Local\{BB34A00B-2C5B-4C00-9298-0DE81EC8170A}
2015-12-21 18:49 - 2015-12-21 18:49 - 0000000 _____ () C:\Users\Selvi\AppData\Local\{EF70DC41-1585-486E-BFB5-C6A6B2553D3B}
2016-11-04 19:36 - 2016-11-04 19:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
2017-03-31 16:42 - 2017-03-31 16:42 - 3866608 _____ (COMODO) C:\Users\Selvi\AppData\Local\Temp\ise_installer.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-04 14:08
==================== Ende von FRST.txt ============================
Geändert von Lisa.Ivles (05.05.2017 um 18:06 Uhr) |
|
05.05.2017, 19:46
| #2 |
| /// TB-Ausbilder   | WEB.de E-Mail-Account: Mail delivery failed Nachrichten, obwohl ich selber keine E-Mails geschrieben habe Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
05.05.2017, 21:59
| #3 |
| | WEB.de E-Mail-Account: Mail delivery failed Nachrichten, obwohl ich selber keine E-Mails geschrieben habe Logdatei von TDSS-Killer Teil 1
__________________Code:
ATTFilter 22:54:03.0575 0x22d8 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
22:54:03.0575 0x22d8 UEFI system
22:54:11.0232 0x22d8 ============================================================
22:54:11.0232 0x22d8 Current date / time: 2017/05/05 22:54:11.0232
22:54:11.0232 0x22d8 SystemInfo:
22:54:11.0232 0x22d8
22:54:11.0233 0x22d8 OS Version: 10.0.14393 ServicePack: 0.0
22:54:11.0233 0x22d8 Product type: Workstation
22:54:11.0233 0x22d8 ComputerName: SELVI-PC
22:54:11.0233 0x22d8 UserName: Selvi
22:54:11.0233 0x22d8 Windows directory: C:\WINDOWS
22:54:11.0233 0x22d8 System windows directory: C:\WINDOWS
22:54:11.0233 0x22d8 Running under WOW64
22:54:11.0233 0x22d8 Processor architecture: Intel x64
22:54:11.0233 0x22d8 Number of processors: 4
22:54:11.0233 0x22d8 Page size: 0x1000
22:54:11.0233 0x22d8 Boot type: Normal boot
22:54:11.0233 0x22d8 CodeIntegrityOptions = 0x00000001
22:54:11.0233 0x22d8 ============================================================
22:54:11.0394 0x22d8 KLMD registered as C:\WINDOWS\system32\drivers\95193588.sys
22:54:11.0394 0x22d8 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1066, osProperties = 0x19
22:54:12.0241 0x22d8 System UUID: {C90A3188-992D-44C3-33EA-9942AD590CD1}
22:54:12.0964 0x22d8 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:54:12.0975 0x22d8 ============================================================
22:54:12.0975 0x22d8 \Device\Harddisk0\DR0:
22:54:12.0975 0x22d8 GPT partitions:
22:54:12.0976 0x22d8 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {FDEFB2D2-28D0-422B-BFE8-13D0F83A8C0A}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
22:54:12.0976 0x22d8 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {58F44C02-73C3-4126-BCEC-0D8E610B0277}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
22:54:12.0977 0x22d8 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {64879852-16F6-4CFA-AE5B-F2E6ED1A0B9F}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
22:54:12.0977 0x22d8 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {C8D9784D-B1AA-4AC6-84BB-0605F6E93D13}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
22:54:12.0977 0x22d8 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {309B2710-BA7D-4969-8C00-47BD4C7E8A03}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x35082000
22:54:12.0977 0x22d8 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {169A9C30-7DD1-411D-9C15-50FEC5572A18}, Name: Basic data partition, StartLBA 0x3552C800, BlocksNum 0x3200000
22:54:12.0977 0x22d8 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {EDC4F622-2BC6-4E28-8C42-1B3883C54335}, Name: Basic data partition, StartLBA 0x3872C800, BlocksNum 0x1C59800
22:54:12.0977 0x22d8 MBR partitions:
22:54:12.0977 0x22d8 ============================================================
22:54:12.0979 0x22d8 C: <-> \Device\Harddisk0\DR0\Partition5
22:54:12.0980 0x22d8 D: <-> \Device\Harddisk0\DR0\Partition6
22:54:12.0980 0x22d8 ============================================================
22:54:12.0980 0x22d8 Initialize success
22:54:12.0980 0x22d8 ============================================================
22:54:39.0532 0x31e4 ============================================================
22:54:39.0532 0x31e4 Scan started
22:54:39.0532 0x31e4 Mode: Manual;
22:54:39.0532 0x31e4 ============================================================
22:54:39.0532 0x31e4 KSN ping started
22:54:39.0748 0x31e4 KSN ping finished: true
22:54:41.0109 0x31e4 ================ Scan system memory ========================
22:54:41.0109 0x31e4 System memory - ok
22:54:41.0109 0x31e4 ================ Scan services =============================
22:54:41.0225 0x31e4 [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
22:54:41.0240 0x31e4 1394ohci - ok
22:54:41.0240 0x31e4 [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
22:54:41.0256 0x31e4 3ware - ok
22:54:41.0277 0x31e4 [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
22:54:41.0293 0x31e4 ACPI - ok
22:54:41.0309 0x31e4 [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
22:54:41.0309 0x31e4 AcpiDev - ok
22:54:41.0309 0x31e4 [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
22:54:41.0309 0x31e4 acpiex - ok
22:54:41.0324 0x31e4 [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
22:54:41.0324 0x31e4 acpipagr - ok
22:54:41.0324 0x31e4 [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
22:54:41.0324 0x31e4 AcpiPmi - ok
22:54:41.0340 0x31e4 [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
22:54:41.0340 0x31e4 acpitime - ok
22:54:41.0356 0x31e4 [ AF7A18603B0B82DFA5B420456FAF2201, 64AD831433778BB0B0B1615EEA7682960ED5815A091A9EFEE95A862EFBDE6D69 ] ACPIVPC C:\WINDOWS\System32\drivers\AcpiVpc.sys
22:54:41.0356 0x31e4 ACPIVPC - ok
22:54:41.0378 0x31e4 [ 671133C0AC2D8B40B7574F69059653E9, A36CC49A0C829A5C4D6CF273791071213F5FFB57DC7022D523CFB731374FF63C ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:54:41.0378 0x31e4 AdobeARMservice - ok
22:54:41.0473 0x31e4 [ 16D11D2CA3F2078F553E0C3A70A4F050, 51EEA7EFBE122D3FEB2F8487F5A45166A0C4963314B28840C3C404479B4E1849 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:54:41.0541 0x31e4 AdobeFlashPlayerUpdateSvc - ok
22:54:41.0578 0x31e4 [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
22:54:41.0594 0x31e4 ADP80XX - ok
22:54:41.0625 0x31e4 [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD C:\WINDOWS\system32\drivers\afd.sys
22:54:41.0641 0x31e4 AFD - ok
22:54:41.0656 0x31e4 [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
22:54:41.0656 0x31e4 ahcache - ok
22:54:41.0674 0x31e4 [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter C:\WINDOWS\System32\AJRouter.dll
22:54:41.0676 0x31e4 AJRouter - ok
22:54:41.0678 0x31e4 [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG C:\WINDOWS\System32\alg.exe
22:54:41.0678 0x31e4 ALG - ok
22:54:41.0678 0x31e4 [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
22:54:41.0694 0x31e4 AmdK8 - ok
22:54:41.0694 0x31e4 [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
22:54:41.0694 0x31e4 AmdPPM - ok
22:54:41.0709 0x31e4 [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
22:54:41.0709 0x31e4 amdsata - ok
22:54:41.0709 0x31e4 [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
22:54:41.0725 0x31e4 amdsbs - ok
22:54:41.0725 0x31e4 [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
22:54:41.0725 0x31e4 amdxata - ok
22:54:41.0741 0x31e4 [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID C:\WINDOWS\system32\drivers\appid.sys
22:54:41.0741 0x31e4 AppID - ok
22:54:41.0741 0x31e4 [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
22:54:41.0756 0x31e4 AppIDSvc - ok
22:54:41.0756 0x31e4 [ 79A87DD43331290A276C02DC396BF530, D0781DC027EE60C94831A2C9C3DD741F8F2100A253CD847E7FCFA59919014278 ] Appinfo C:\WINDOWS\System32\appinfo.dll
22:54:41.0756 0x31e4 Appinfo - ok
22:54:41.0756 0x31e4 [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
22:54:41.0773 0x31e4 applockerfltr - ok
22:54:41.0787 0x31e4 [ 32155E028491267CF2DB6085A0B7E359, 562831841293E4849CD01992DECE39B9B3C0835DCD352994CA2E2FE1C76A7CB3 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
22:54:41.0802 0x31e4 AppReadiness - ok
22:54:41.0878 0x31e4 [ 95415C7C5C43882F7163CA07D956ADA2, 5A082F36A39BE9ABC47AE8A72972554BA577EB04D8018EC862615EA2130FA0E3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
22:54:41.0925 0x31e4 AppXSvc - ok
22:54:41.0925 0x31e4 [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
22:54:41.0941 0x31e4 arcsas - ok
22:54:41.0941 0x31e4 [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
22:54:41.0941 0x31e4 AsyncMac - ok
22:54:41.0941 0x31e4 [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
22:54:41.0956 0x31e4 atapi - ok
22:54:41.0956 0x31e4 [ 2DC3D53FFA0D10EB8C911AE2DB7BF4CF, 8E0A4B5D610D487A216E70396A99ACC1BEA12C46A6681B1A39CD0FD01EDD406A ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
22:54:41.0976 0x31e4 AudioEndpointBuilder - ok
22:54:41.0994 0x31e4 [ 7B993290E7691C446C16A56A431669BA, 004551934E27E9FC1A939C9BD1DEB850A216CBED9B18CB3317920F5656D9F6BF ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
22:54:42.0010 0x31e4 Audiosrv - ok
22:54:42.0025 0x31e4 [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
22:54:42.0025 0x31e4 AxInstSV - ok
22:54:42.0041 0x31e4 [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
22:54:42.0057 0x31e4 b06bdrv - ok
22:54:42.0057 0x31e4 [ 94D6B95485BFA35D81524B0EBA0F7569, 14A32CD501B1D816526A75A9EB3782E6C4FF78831628F257050AD2BA73733F57 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
22:54:42.0057 0x31e4 BasicDisplay - ok
22:54:42.0057 0x31e4 [ 2E78B31C90766FD086D2B766528E9AEA, D0D9ED8AD90E3D400DA4231AB313B4B2869930DADC3034D6FCDEA000E424F843 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
22:54:42.0057 0x31e4 BasicRender - ok
22:54:42.0077 0x31e4 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys
22:54:42.0078 0x31e4 bcmfn - ok
22:54:42.0078 0x31e4 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
22:54:42.0078 0x31e4 bcmfn2 - ok
22:54:42.0094 0x31e4 [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
22:54:42.0110 0x31e4 BDESVC - ok
22:54:42.0110 0x31e4 [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep C:\WINDOWS\system32\drivers\Beep.sys
22:54:42.0110 0x31e4 Beep - ok
22:54:42.0141 0x31e4 [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE C:\WINDOWS\System32\bfe.dll
22:54:42.0141 0x31e4 BFE - ok
22:54:42.0179 0x31e4 [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS C:\WINDOWS\System32\qmgr.dll
22:54:42.0210 0x31e4 BITS - ok
22:54:42.0225 0x31e4 [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
22:54:42.0225 0x31e4 bowser - ok
22:54:42.0241 0x31e4 [ 6A15C5140B6F7D9479A32276AC2BA108, 0A8C6DB88148C6DB61226DD2FF816BDF3FED9E7A60EF17CCA17FA7D9EEC01C71 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
22:54:42.0257 0x31e4 BrokerInfrastructure - ok
22:54:42.0278 0x31e4 [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser C:\WINDOWS\System32\browser.dll
22:54:42.0278 0x31e4 Browser - ok
22:54:42.0294 0x31e4 [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
22:54:42.0294 0x31e4 BthAvrcpTg - ok
22:54:42.0294 0x31e4 [ 77630A51FAF6A07922FEE835F4DED8F6, E096A9DC12885FD19575346A9693A66D0DDFF96C3155AD2040F2BF4249D1D609 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
22:54:42.0341 0x31e4 BthEnum - ok
22:54:42.0341 0x31e4 [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
22:54:42.0356 0x31e4 BthHFEnum - ok
22:54:42.0356 0x31e4 [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
22:54:42.0356 0x31e4 bthhfhid - ok
22:54:42.0378 0x31e4 [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
22:54:42.0394 0x31e4 BthHFSrv - ok
22:54:42.0410 0x31e4 [ 0AB691736D4D4029444AF62DE59CFD37, C1C22EFBF67331B87AB261BBF9813009257437BA02F728EC2DFA1A49ECC5FABF ] BthLEEnum C:\WINDOWS\System32\drivers\BthLEEnum.sys
22:54:42.0425 0x31e4 BthLEEnum - ok
22:54:42.0425 0x31e4 [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
22:54:42.0425 0x31e4 BTHMODEM - ok
22:54:42.0441 0x31e4 [ 224BA1CB1F3C702F0D001D2AFC9793B1, F139F6F78C716E1167E16530AE31E4A26C2A69467BCB08A9A52A101B31DF7771 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
22:54:42.0456 0x31e4 BthPan - ok
22:54:42.0494 0x31e4 [ 851ED52AE3E62CD5374BD4BBFF7A9DAB, 381281CB7D8FC4026092330B06E24BC84EEF79EE3C97E21900D950D7D9AB2FC3 ] BTHPORT C:\WINDOWS\System32\drivers\BTHport.sys
22:54:42.0510 0x31e4 BTHPORT - ok
22:54:42.0510 0x31e4 [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv C:\WINDOWS\system32\bthserv.dll
22:54:42.0510 0x31e4 bthserv - ok
22:54:42.0525 0x31e4 [ DC5955E589C55E2313D69B64E1A183F3, 06D703246D0813DE53D62885C8B7381135783673FF4BDDD5CC38FEB54901BB76 ] BTHUSB C:\WINDOWS\System32\drivers\BTHUSB.sys
22:54:42.0541 0x31e4 BTHUSB - ok
22:54:42.0541 0x31e4 [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
22:54:42.0541 0x31e4 buttonconverter - ok
22:54:42.0541 0x31e4 [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
22:54:42.0557 0x31e4 CapImg - ok
22:54:42.0574 0x31e4 [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
22:54:42.0576 0x31e4 cdfs - ok
22:54:42.0594 0x31e4 [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
22:54:42.0610 0x31e4 CDPSvc - ok
22:54:42.0626 0x31e4 [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
22:54:42.0626 0x31e4 CDPUserSvc - ok
22:54:42.0657 0x31e4 [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
22:54:42.0657 0x31e4 cdrom - ok
22:54:42.0673 0x31e4 [ E189727B3C9909A85B33A16B290E192E, 2C273A9F44EDC5E5435904E9681973854B2F3EBB6100021BB139FF0CCCE9BF20 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
22:54:42.0678 0x31e4 CertPropSvc - ok
22:54:42.0679 0x31e4 [ 0FB3259B15FFAE378630087CC970A558, 82CF4F2126302E93FA2BBD471E14FF83068101145B09FD4D2649F92BFCCF093C ] CFRMD C:\WINDOWS\system32\DRIVERS\CFRMD.sys
22:54:42.0679 0x31e4 CFRMD - ok
22:54:42.0679 0x31e4 [ 4ECA59628D074CF45633EC7A3D7954D3, 054B4AE94920A06ECF8C65A66DC949B65665679B15733D021120159F6E2460DA ] cfwids C:\WINDOWS\system32\drivers\cfwids.sys
22:54:42.0679 0x31e4 cfwids - ok
22:54:42.0742 0x31e4 [ A8CAD660AAC84FC22FDB1C1C8CA13ED3, C0923A488F7B22AB4F62B592CECD066FC95F8AE10783959F1B46D79F86933F43 ] ChromodoUpdater C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe
22:54:42.0780 0x31e4 ChromodoUpdater - ok
22:54:42.0795 0x31e4 [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys
22:54:42.0811 0x31e4 cht4iscsi - ok
22:54:42.0880 0x31e4 [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys
22:54:42.0911 0x31e4 cht4vbd - ok
22:54:42.0927 0x31e4 [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
22:54:42.0927 0x31e4 circlass - ok
22:54:42.0943 0x31e4 [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
22:54:42.0978 0x31e4 CLFS - ok
22:54:43.0080 0x31e4 [ 6BB60E02F8017B55EF9B78E8802A0389, D854B240DB78558A8FD9F2A2D085224AB50B7C66163B03C55E0BF3EE2E16D4A1 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
22:54:43.0158 0x31e4 ClickToRunSvc - ok
22:54:43.0180 0x31e4 [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
22:54:43.0196 0x31e4 ClipSVC - ok
22:54:43.0212 0x31e4 [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg C:\WINDOWS\System32\drivers\registry.sys
22:54:43.0212 0x31e4 clreg - ok
22:54:43.0227 0x31e4 [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
22:54:43.0227 0x31e4 CmBatt - ok
22:54:43.0525 0x31e4 [ D89A5F783930C19A00716C18F01EA3DC, 81AC9EDA7827516F868B2F3855AA91DEBF0F48528EF573A2C21987829F0F9ED9 ] CmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
22:54:43.0771 0x31e4 CmdAgent - ok
22:54:43.0804 0x31e4 [ 75FAC0C7E718CB9F9E18FC67FBCEA865, A879445088A3A9E1D43B546BCFE74FB0626012CDC31ECBFCFC0C421A09342376 ] cmderd C:\WINDOWS\system32\DRIVERS\cmderd.sys
22:54:43.0806 0x31e4 cmderd - ok
22:54:43.0823 0x31e4 [ 72F02505AAC0BA64789D7C0F1E748FF2, 7ACCDDA5C43065859275B6A7BE7EBC2258FDD46DA84467EA3D1B4776024527AB ] cmdGuard C:\WINDOWS\system32\DRIVERS\cmdguard.sys
22:54:43.0839 0x31e4 cmdGuard - ok
22:54:43.0839 0x31e4 [ AB85A7942E1F156F42FFE9C173DD5408, E627AF7F7EEEFC560399C7847A843470D84161FC547767B0278A264DF5891736 ] cmdhlp C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
22:54:43.0839 0x31e4 cmdhlp - ok
22:54:43.0923 0x31e4 [ 7163FE1A6AA75B34E5E032D522D4B8F3, 18D0DFF879284490094B8E65838D59EF6FAF5EBB69F63E00AD458E8071DF5C4B ] cmdvirth C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
22:54:44.0039 0x31e4 cmdvirth - ok
22:54:44.0070 0x31e4 [ 4289C913D7E2FE963ABB096AA99CB1F7, 49D9008C5E18F62751D2312CE4F49DFBC04ACBBFDD950F0437F35AC21318041B ] CNG C:\WINDOWS\system32\Drivers\cng.sys
22:54:44.0104 0x31e4 CNG - ok
22:54:44.0108 0x31e4 [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
22:54:44.0108 0x31e4 cnghwassist - ok
22:54:44.0139 0x31e4 [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
22:54:44.0155 0x31e4 CompositeBus - ok
22:54:44.0155 0x31e4 COMSysApp - ok
22:54:44.0155 0x31e4 [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
22:54:44.0155 0x31e4 condrv - ok
22:54:44.0186 0x31e4 [ 9E3B10C490D860F3ED8F61FD0FD5B828, A21CB206A09053C7D9C94F2B71F53A40B3810D02A70C3D6AA0B48676BA5753BD ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
22:54:44.0203 0x31e4 CoreMessagingRegistrar - ok
22:54:44.0290 0x31e4 [ 75C568E62A2BD89A869C34119A66D19B, 2954F25E511947728FE50AA76ACECE0B6952D1984301027F499E2F3DAAEB65D3 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
22:54:44.0355 0x31e4 cphs - ok
22:54:44.0386 0x31e4 [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
22:54:44.0386 0x31e4 CryptSvc - ok
22:54:44.0386 0x31e4 [ 3BBD0073265DA6D3EFBA54B26E5D8236, 3C10C8BEC0D8AC41A3FBD589F41A83D6345C1FDD04B8B99063B2F5670CF10B18 ] dam C:\WINDOWS\system32\drivers\dam.sys
22:54:44.0408 0x31e4 dam - ok
22:54:44.0439 0x31e4 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
22:54:44.0439 0x31e4 dbupdate - ok
22:54:44.0455 0x31e4 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
22:54:44.0455 0x31e4 dbupdatem - ok
22:54:44.0455 0x31e4 dbx - ok
22:54:44.0471 0x31e4 [ B8F34CB79DF33C1A613709D99F4BFE77, 686E4E071EA43C122B0BE41C471220DE9BB31A3D5FEB30079C058FCA02FF3A59 ] DbxSvc C:\WINDOWS\system32\DbxSvc.exe
22:54:44.0471 0x31e4 DbxSvc - ok
22:54:44.0508 0x31e4 [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
22:54:44.0524 0x31e4 DcomLaunch - ok
22:54:44.0539 0x31e4 [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
22:54:44.0539 0x31e4 DcpSvc - ok
22:54:44.0555 0x31e4 [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
22:54:44.0571 0x31e4 defragsvc - ok
22:54:44.0604 0x31e4 [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
22:54:44.0608 0x31e4 DeviceAssociationService - ok
22:54:44.0624 0x31e4 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
22:54:44.0640 0x31e4 DeviceInstall - ok
22:54:44.0640 0x31e4 [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
22:54:44.0640 0x31e4 DevQueryBroker - ok
22:54:44.0655 0x31e4 [ 4BC21E937E9F9F408672D2C2CBE4A153, 2F27560D09D184ABB7B4415146F5B8DE56C84FF74A4042596635EF896E39CBC4 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
22:54:44.0655 0x31e4 Dfsc - ok
22:54:44.0655 0x31e4 [ D722BC26F7431A4DA9A183E56CA9FEE3, 86AB717431CB3DDAF6213A1CFE8DF3684080BAAD569731A90AA1AA198E97506D ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
22:54:44.0708 0x31e4 dg_ssudbus - ok
22:54:44.0739 0x31e4 [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
22:54:44.0755 0x31e4 Dhcp - ok
22:54:44.0755 0x31e4 [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
22:54:44.0771 0x31e4 diagnosticshub.standardcollector.service - ok
22:54:44.0824 0x31e4 [ EE32B36EA7CBD9BBA26B137C84943E23, BD5DDA2DEAF2D2CF6B24AED81C3EDBFECF6402A7B6A5D49FEDF334FF03CACB86 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
22:54:44.0856 0x31e4 DiagTrack - ok
22:54:44.0871 0x31e4 [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk C:\WINDOWS\system32\drivers\disk.sys
22:54:44.0871 0x31e4 disk - ok
22:54:44.0887 0x31e4 [ A1D7F926ABE7895D18467FF9A5EE7FC7, 2922C92D31EA50A126594967D325B21936432D1BB9C941416989B6848DF890E2 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
22:54:44.0906 0x31e4 DmEnrollmentSvc - ok
22:54:44.0909 0x31e4 [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
22:54:44.0909 0x31e4 dmvsc - ok
22:54:44.0909 0x31e4 [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
22:54:44.0909 0x31e4 dmwappushservice - ok
22:54:44.0925 0x31e4 [ 86E507EE1457D7FA463BBF05BA76EB1E, 2D2D05CED57C22F41684DC6DD00ACECDF708407493286B2D4007068154E436FF ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
22:54:44.0925 0x31e4 Dnscache - ok
22:54:44.0956 0x31e4 [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc C:\WINDOWS\System32\dot3svc.dll
22:54:44.0956 0x31e4 dot3svc - ok
22:54:44.0972 0x31e4 [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS C:\WINDOWS\system32\dps.dll
22:54:44.0972 0x31e4 DPS - ok
22:54:44.0972 0x31e4 [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud C:\WINDOWS\system32\DRIVERS\drmkaud.sys
22:54:44.0972 0x31e4 drmkaud - ok
22:54:44.0987 0x31e4 [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
22:54:44.0987 0x31e4 DsmSvc - ok
22:54:44.0987 0x31e4 [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc C:\WINDOWS\System32\DsSvc.dll
22:54:45.0007 0x31e4 DsSvc - ok
22:54:45.0071 0x31e4 [ 2DD9CF863320D5EDEA3ED9B8ED280BB0, CC35571FBA2E6E617CF93F778351ED3B3EA16F0B301C5433E94AD328E6EEA0FF ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
22:54:45.0109 0x31e4 DXGKrnl - ok
22:54:45.0125 0x31e4 [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
22:54:45.0125 0x31e4 EapHost - ok
22:54:45.0225 0x31e4 [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
22:54:45.0310 0x31e4 ebdrv - ok
22:54:45.0341 0x31e4 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS C:\WINDOWS\System32\lsass.exe
22:54:45.0341 0x31e4 EFS - ok
22:54:45.0341 0x31e4 [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
22:54:45.0341 0x31e4 EhStorClass - ok
22:54:45.0357 0x31e4 [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
22:54:45.0372 0x31e4 EhStorTcgDrv - ok
22:54:45.0388 0x31e4 [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
22:54:45.0388 0x31e4 embeddedmode - ok
22:54:45.0409 0x31e4 [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
22:54:45.0409 0x31e4 EntAppSvc - ok
22:54:45.0425 0x31e4 [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
22:54:45.0425 0x31e4 ErrDev - ok
22:54:45.0441 0x31e4 [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem C:\WINDOWS\system32\es.dll
22:54:45.0456 0x31e4 EventSystem - ok
22:54:45.0456 0x31e4 [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat C:\WINDOWS\system32\drivers\exfat.sys
22:54:45.0472 0x31e4 exfat - ok
22:54:45.0488 0x31e4 [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
22:54:45.0488 0x31e4 fastfat - ok
22:54:45.0510 0x31e4 [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax C:\WINDOWS\system32\fxssvc.exe
22:54:45.0526 0x31e4 Fax - ok
22:54:45.0526 0x31e4 [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
22:54:45.0526 0x31e4 fdc - ok
22:54:45.0541 0x31e4 [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
22:54:45.0541 0x31e4 fdPHost - ok
22:54:45.0541 0x31e4 [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub C:\WINDOWS\system32\fdrespub.dll
22:54:45.0541 0x31e4 FDResPub - ok
22:54:45.0557 0x31e4 [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
22:54:45.0557 0x31e4 fhsvc - ok
22:54:45.0557 0x31e4 [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
22:54:45.0557 0x31e4 FileCrypt - ok
22:54:45.0573 0x31e4 [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
22:54:45.0573 0x31e4 FileInfo - ok
22:54:45.0610 0x31e4 [ BD16933DCEACBE167413966EA90F3240, E74307D8E1292B0517077E2518A5DA6E5C44464CBAF71227D27B5918E9ADE03D ] FileOpenManager C:\Program Files\FileOpen\Services\FileOpenManager64.exe
22:54:45.0610 0x31e4 FileOpenManager - ok
22:54:45.0610 0x31e4 [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
22:54:45.0626 0x31e4 Filetrace - ok
22:54:45.0626 0x31e4 [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
22:54:45.0626 0x31e4 flpydisk - ok
22:54:45.0642 0x31e4 [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
22:54:45.0642 0x31e4 FltMgr - ok
22:54:45.0688 0x31e4 [ 2E193D24CE8460A9C703D0F193192BEF, CD95928BC240D556DFEA265A09A655FFE157A36D2230CD10BBAD4CA15CB98412 ] FontCache C:\WINDOWS\system32\FntCache.dll
22:54:45.0726 0x31e4 FontCache - ok
22:54:45.0741 0x31e4 [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:54:45.0741 0x31e4 FontCache3.0.0.0 - ok
22:54:45.0788 0x31e4 [ CD7CD19E72EA2F597D01FC68ECD2F28E, 4E8BAA4AEF28B043780E2FEFFEB5E4DF4E2FB3211CE617D2DBAFB6C7B7DBBDFD ] FrameServer C:\WINDOWS\system32\FrameServer.dll
22:54:45.0805 0x31e4 FrameServer - ok
22:54:45.0809 0x31e4 [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
22:54:45.0809 0x31e4 FsDepends - ok
22:54:45.0809 0x31e4 [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:54:45.0809 0x31e4 Fs_Rec - ok
22:54:45.0841 0x31e4 [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
22:54:45.0872 0x31e4 fvevol - ok
22:54:45.0872 0x31e4 [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
22:54:45.0872 0x31e4 gencounter - ok
22:54:45.0888 0x31e4 [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
22:54:45.0888 0x31e4 genericusbfn - ok
22:54:45.0910 0x31e4 [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
22:54:45.0910 0x31e4 GPIOClx0101 - ok
22:54:45.0941 0x31e4 [ 8997353398C8466ECD183942D5FCC65B, C73FD5FFD71003F7FDDC17F59812BD6860992FA35EC0ECC8DE37D935606B485B ] gpsvc C:\WINDOWS\System32\gpsvc.dll
22:54:45.0957 0x31e4 gpsvc - ok
22:54:45.0972 0x31e4 [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
22:54:45.0972 0x31e4 GpuEnergyDrv - ok
22:54:45.0972 0x31e4 [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
22:54:45.0972 0x31e4 HDAudBus - ok
22:54:45.0988 0x31e4 [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
22:54:45.0988 0x31e4 HidBatt - ok
22:54:45.0988 0x31e4 [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
22:54:45.0988 0x31e4 HidBth - ok
22:54:46.0009 0x31e4 [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
22:54:46.0009 0x31e4 hidi2c - ok
22:54:46.0009 0x31e4 [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
22:54:46.0025 0x31e4 hidinterrupt - ok
22:54:46.0025 0x31e4 [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
22:54:46.0025 0x31e4 HidIr - ok
22:54:46.0025 0x31e4 [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv C:\WINDOWS\system32\hidserv.dll
22:54:46.0041 0x31e4 hidserv - ok
22:54:46.0041 0x31e4 [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
22:54:46.0041 0x31e4 HidUsb - ok
22:54:46.0056 0x31e4 [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
22:54:46.0056 0x31e4 HomeGroupListener - ok
22:54:46.0087 0x31e4 [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
22:54:46.0104 0x31e4 HomeGroupProvider - ok
22:54:46.0125 0x31e4 [ 689BD2ED76C79F1FAE953A76DEA6FCD9, 5F739CF7668DCC3EBD607AE05BE78B11AB56778B8F3FE29543922FF6EDBE989D ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
22:54:46.0125 0x31e4 HomeNetSvc - ok
22:54:46.0140 0x31e4 [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
22:54:46.0140 0x31e4 HpSAMD - ok
22:54:46.0187 0x31e4 [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
22:54:46.0209 0x31e4 HTTP - ok
22:54:46.0209 0x31e4 [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
22:54:46.0209 0x31e4 HvHost - ok
22:54:46.0225 0x31e4 [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
22:54:46.0241 0x31e4 hvservice - ok
22:54:46.0241 0x31e4 [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
22:54:46.0241 0x31e4 hwpolicy - ok
22:54:46.0241 0x31e4 [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
22:54:46.0241 0x31e4 hyperkbd - ok
22:54:46.0256 0x31e4 [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
22:54:46.0256 0x31e4 i8042prt - ok
22:54:46.0256 0x31e4 [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys
22:54:46.0272 0x31e4 iagpio - ok
22:54:46.0272 0x31e4 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
22:54:46.0272 0x31e4 iai2c - ok
22:54:46.0288 0x31e4 [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
22:54:46.0305 0x31e4 iaLPSS2i_GPIO2 - ok
22:54:46.0309 0x31e4 [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
22:54:46.0309 0x31e4 iaLPSS2i_I2C - ok
22:54:46.0309 0x31e4 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
22:54:46.0309 0x31e4 iaLPSSi_GPIO - ok
22:54:46.0325 0x31e4 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
22:54:46.0325 0x31e4 iaLPSSi_I2C - ok
22:54:46.0341 0x31e4 [ 60F6526DB3297C7324957EF3143F88FF, F0D4AF7E66CD42793C5137B4F5E66AFCE13253C3FF8D397921EA23CD04D49763 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
22:54:46.0356 0x31e4 iaStorA - ok
22:54:46.0388 0x31e4 [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
22:54:46.0409 0x31e4 iaStorAV - ok
22:54:46.0425 0x31e4 [ 9D7AFC77C928460336642D6EFDB5BDEA, 9CF555B94A21D7A518B9228B6BE86679200FEC4219156D7D2183CDC906BA4548 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:54:46.0425 0x31e4 IAStorDataMgrSvc - ok
22:54:46.0441 0x31e4 [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
22:54:46.0441 0x31e4 iaStorV - ok
22:54:46.0472 0x31e4 [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
22:54:46.0472 0x31e4 ibbus - ok
22:54:46.0472 0x31e4 ibtsiva - ok
22:54:46.0488 0x31e4 [ F8EFFD8ABDC134455667BD430FB74864, E573654C070B824E14965E466CE57D3E60C7FD71ADEB867700803B6BED916983 ] ibtusb C:\WINDOWS\system32\DRIVERS\ibtusb.sys
22:54:46.0488 0x31e4 ibtusb - ok
22:54:46.0509 0x31e4 [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc C:\WINDOWS\System32\tetheringservice.dll
22:54:46.0525 0x31e4 icssvc - ok
22:54:46.0725 0x31e4 [ 658287D76E8D77C08AE98989F99B8948, DBA67B5772E1FE43ABDB3908A1CF86D76F2774BABC20359D2511F06A2A8CAC57 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
22:54:46.0940 0x31e4 igfx - ok
22:54:46.0956 0x31e4 [ A105AD05696D55E6E4F078ED850F6305, 8121A4226D2941EDD4809D516E7684E5C7164ADCF5AA4C8BC6620110625D3E8D ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
22:54:46.0972 0x31e4 igfxCUIService2.0.0.0 - ok
22:54:46.0987 0x31e4 [ E71AC94964ED675B3ED0727059B7F97B, 5468B5E9B75B10EA0BFBD81827FFC9CABFC69A4065CC5A5792DBC289D4DA27EE ] ikbevent C:\WINDOWS\system32\DRIVERS\ikbevent.sys
22:54:46.0987 0x31e4 ikbevent - ok
22:54:47.0031 0x31e4 [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT C:\WINDOWS\System32\ikeext.dll
22:54:47.0047 0x31e4 IKEEXT - ok
22:54:47.0047 0x31e4 [ 2FDB67F5B9F4E96B40FDC9D1AA0B686F, B556328D54F886792A89588F3FEFE38F7129E3D7A417CDC012778FA4EF37A8C1 ] imsevent C:\WINDOWS\system32\DRIVERS\imsevent.sys
22:54:47.0047 0x31e4 imsevent - ok
22:54:47.0062 0x31e4 [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
22:54:47.0062 0x31e4 IndirectKmd - ok
22:54:47.0062 0x31e4 [ 3F2BB021CB280880F8C1B7A6FEF9B447, CEC0BF9D6C9CF6E6A9F9B4E656BD47208AC977EDDC11C1C3BCD07EB50BABC017 ] INETMON C:\WINDOWS\System32\Drivers\INETMON.sys
22:54:47.0062 0x31e4 INETMON - ok
22:54:47.0078 0x31e4 [ 1718AED1119A3837AF8183BFDB69B694, D675757B85AC2C51FC22342CF5EDC585A8C081EF8BCEEA1413EC21CAFEC74302 ] inspect C:\WINDOWS\system32\DRIVERS\inspect.sys
22:54:47.0078 0x31e4 inspect - ok
22:54:47.0078 0x31e4 [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
22:54:47.0078 0x31e4 intaud_WaveExtensible - ok
22:54:47.0178 0x31e4 [ 0FDF65E874E5AA5FB188E16E38F88B6A, 0AF931285906269B45C8362EB93D3B5AD2D39DEA99C1E33A1E0DCF212CADBD65 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
22:54:47.0278 0x31e4 IntcAzAudAddService - ok
22:54:47.0293 0x31e4 [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
22:54:47.0331 0x31e4 IntcDAud - ok
22:54:47.0347 0x31e4 [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
22:54:47.0362 0x31e4 Intel(R) Capability Licensing Service Interface - ok
22:54:47.0378 0x31e4 [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
22:54:47.0794 0x31e4 Intel(R) Capability Licensing Service TCP IP Interface - ok
22:54:47.0816 0x31e4 [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
22:54:47.0816 0x31e4 Intel(R) ME Service - ok
22:54:47.0832 0x31e4 [ 441D5FAF24CC2EC115B654A55C52F0AF, 5BF5299DAD9A7076C43D68C70E02AEC8DBFD89C1AFDF7CD6AB95550EE25EEB36 ] Intel(R) Wireless Bluetooth(R) 4.0 Radio Management C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
22:54:47.0832 0x31e4 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - ok
22:54:47.0832 0x31e4 [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide C:\WINDOWS\system32\drivers\intelide.sys
22:54:47.0832 0x31e4 intelide - ok
22:54:47.0863 0x31e4 [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
22:54:47.0863 0x31e4 intelpep - ok
22:54:47.0863 0x31e4 [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
22:54:47.0863 0x31e4 intelppm - ok
22:54:47.0879 0x31e4 [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate C:\WINDOWS\system32\drivers\iorate.sys
22:54:47.0894 0x31e4 iorate - ok
22:54:47.0894 0x31e4 [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:54:47.0894 0x31e4 IpFilterDriver - ok
22:54:47.0916 0x31e4 [ 68C50E8E4265698BE6835156F4DD5008, 5B9CBBCE99315E5569E6733F13E91A687A36F536A68A2B670CC24C4BCC4EAFF4 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
22:54:47.0932 0x31e4 iphlpsvc - ok
22:54:47.0948 0x31e4 [ 10D01A3657AC8E8004C83D613163DE1E, F9389F1BF87A2D28899F50D270DA6F48B0912CFAF06CEE566697B041DBE92F9C ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
22:54:47.0963 0x31e4 IPMIDRV - ok
22:54:47.0979 0x31e4 [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
22:54:47.0979 0x31e4 IPNAT - ok
22:54:47.0994 0x31e4 [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda C:\WINDOWS\system32\drivers\irda.sys
22:54:47.0994 0x31e4 irda - ok
22:54:47.0994 0x31e4 [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
22:54:47.0994 0x31e4 IRENUM - ok
22:54:48.0014 0x31e4 [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon C:\WINDOWS\System32\irmon.dll
22:54:48.0016 0x31e4 irmon - ok
22:54:48.0016 0x31e4 [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
22:54:48.0016 0x31e4 isapnp - ok
22:54:48.0032 0x31e4 [ CA20F4621AB8CD3F69199DE21B5B41C4, 0AFFC66DD10D4D15139337E5ED343A2ABBB26CC8A83B3BDF6AD10C68B3931A7C ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
22:54:48.0047 0x31e4 iScsiPrt - ok
22:54:48.0063 0x31e4 [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT C:\WINDOWS\System32\drivers\ISCTD64.sys
22:54:48.0063 0x31e4 ISCT - ok
22:54:48.0094 0x31e4 [ 2A676B190889ACEDF3AA8D64C269F8AF, 7830536B86BC4233AD4EDD30B6CDEFDCA3969BD53B970BAA6ADCE9C3B88B8593 ] ISCTAgent C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
22:54:48.0094 0x31e4 ISCTAgent - ok
22:54:48.0094 0x31e4 [ D247D5C0F8747B52F6AFC7E6E0F3DCCD, 4F0D159DCC0086A64278C0E345A7D50A9F6843EDA1C6AE1F8D031692B3775344 ] isedrv C:\WINDOWS\system32\drivers\isedrv.sys
22:54:48.0094 0x31e4 isedrv - ok
22:54:48.0116 0x31e4 [ B452921B85EEF6FD43C25DE373FF5C48, 6C8F95AF23BC690D1DC43B0FC40D3B8CB48A86C3262DB6DBFEA559FBE69D16EA ] isesrv C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
22:54:48.0116 0x31e4 isesrv - ok
22:54:48.0116 0x31e4 [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
22:54:48.0116 0x31e4 iwdbus - ok
22:54:48.0132 0x31e4 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
22:54:48.0132 0x31e4 jhi_service - ok
22:54:48.0132 0x31e4 [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
22:54:48.0132 0x31e4 kbdclass - ok
22:54:48.0147 0x31e4 [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
22:54:48.0163 0x31e4 kbdhid - ok
22:54:48.0163 0x31e4 [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
22:54:48.0178 0x31e4 kdnic - ok
22:54:48.0178 0x31e4 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso C:\WINDOWS\system32\lsass.exe
22:54:48.0178 0x31e4 KeyIso - ok
22:54:48.0216 0x31e4 [ 00060003E6161944A9963FA9F24102BC, 9FB85A6542F8B17504A40798727266C5F618B09D74963747F06EAF80AE13ECDE ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
22:54:48.0216 0x31e4 Kodak AiO Network Discovery Service - ok
22:54:48.0248 0x31e4 [ 60301F8FDF519FFEC307A686209C33BE, B9A31478707B518967A6200813DCBD4DE03824FBFAB6E35D4FA4DA783FD6305A ] Kodak AiO Status Monitor Service C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
22:54:48.0263 0x31e4 Kodak AiO Status Monitor Service - ok
22:54:48.0263 0x31e4 [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
22:54:48.0279 0x31e4 KSecDD - ok
22:54:48.0294 0x31e4 [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
22:54:48.0312 0x31e4 KSecPkg - ok
22:54:48.0316 0x31e4 [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
22:54:48.0316 0x31e4 ksthunk - ok
22:54:48.0316 0x31e4 [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
22:54:48.0332 0x31e4 KtmRm - ok
22:54:48.0363 0x31e4 [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
22:54:48.0363 0x31e4 LanmanServer - ok
22:54:48.0394 0x31e4 [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
22:54:48.0394 0x31e4 LanmanWorkstation - ok
22:54:48.0423 0x31e4 [ DA297A7BAB4E3889CFF60C02AE7BFB5D, 9E533D6FE2C9777A298F1E09C6E74F4135CC32D406382655EA9C0B7B2C533F3E ] Lenovo EasyPlus Hotspot C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
22:54:48.0439 0x31e4 Lenovo EasyPlus Hotspot - ok
22:54:48.0470 0x31e4 [ 8CD7568B0F809731D931144DE376FD16, 78902FA1BED048B336DE71FB82A3614A58BBAA834483F2F2B5ABF4A70FA491F3 ] Lenovo System Agent Service C:\Program Files\Lenovo\iMController\SystemAgentService.exe
22:54:48.0486 0x31e4 Lenovo System Agent Service - ok
22:54:48.0486 0x31e4 [ 031199B929009F268A478F0283E1CE32, B7BFB848A03535C16798085D489AB294935955F2982330B39190B2074BF9122B ] LenovoWiFiHotspotSvr C:\Windows\System32\LenovoWiFiHotspotSvr.exe
22:54:48.0501 0x31e4 LenovoWiFiHotspotSvr - ok
22:54:48.0522 0x31e4 [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc C:\WINDOWS\System32\lfsvc.dll
22:54:48.0523 0x31e4 lfsvc - ok
22:54:48.0539 0x31e4 [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
22:54:48.0539 0x31e4 LicenseManager - ok
22:54:48.0554 0x31e4 [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
22:54:48.0554 0x31e4 lltdio - ok
22:54:48.0554 0x31e4 [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
22:54:48.0570 0x31e4 lltdsvc - ok
22:54:48.0586 0x31e4 [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
22:54:48.0586 0x31e4 lmhosts - ok
22:54:48.0601 0x31e4 [ 6A35B295812CE7064CFBCD9F254169CF, 561DD131FED6F90686D8C031B45B87B6D065C7E0C8804AEFCDE239725AAEE43E ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:54:48.0601 0x31e4 LMS - ok
22:54:48.0623 0x31e4 [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
22:54:48.0639 0x31e4 LSI_SAS - ok
22:54:48.0639 0x31e4 [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
22:54:48.0639 0x31e4 LSI_SAS2i - ok
22:54:48.0655 0x31e4 [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
22:54:48.0655 0x31e4 LSI_SAS3i - ok
22:54:48.0655 0x31e4 [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
22:54:48.0655 0x31e4 LSI_SSS - ok
22:54:48.0686 0x31e4 [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM C:\WINDOWS\System32\lsm.dll
22:54:48.0702 0x31e4 LSM - ok
22:54:48.0702 0x31e4 [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
22:54:48.0702 0x31e4 luafv - ok
22:54:48.0719 0x31e4 [ 9F699136FA1A8A170C2C05D7790A5FC0, 4363C527BD2FC9FD8937E9866CA200809AC87B64EA57084491BAB6DEB8ED9E87 ] MapsBroker C:\WINDOWS\System32\moshost.dll
22:54:48.0723 0x31e4 MapsBroker - ok
22:54:48.0771 0x31e4 [ 9A5728733FC3B2BD46A82D39CC49B24E, 1E12D4E539FE2885B8652A2C846FE2DF8C1B049FA54467A830AF70E860E65644 ] MaxthonUpdateSvc C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
22:54:48.0818 0x31e4 MaxthonUpdateSvc - ok
22:54:48.0824 0x31e4 [ B808C49E8456D74AE807FE3E86020D32, 50183732249FCA977CD5AE2BACDA6B2801510B0DE51D08F1BB9896C23C082AC8 ] McAWFwk C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe
22:54:48.0840 0x31e4 McAWFwk - ok
22:54:48.0840 0x31e4 [ 689BD2ED76C79F1FAE953A76DEA6FCD9, 5F739CF7668DCC3EBD607AE05BE78B11AB56778B8F3FE29543922FF6EDBE989D ] McOobeSv2 C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
22:54:48.0855 0x31e4 McOobeSv2 - ok
22:54:48.0855 0x31e4 [ 689BD2ED76C79F1FAE953A76DEA6FCD9, 5F739CF7668DCC3EBD607AE05BE78B11AB56778B8F3FE29543922FF6EDBE989D ] mcpltsvc C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
22:54:48.0871 0x31e4 mcpltsvc - ok
22:54:48.0871 0x31e4 [ 689BD2ED76C79F1FAE953A76DEA6FCD9, 5F739CF7668DCC3EBD607AE05BE78B11AB56778B8F3FE29543922FF6EDBE989D ] McProxy C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
22:54:48.0886 0x31e4 McProxy - ok
22:54:48.0886 0x31e4 [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas C:\WINDOWS\system32\drivers\megasas.sys
22:54:48.0886 0x31e4 megasas - ok
22:54:48.0902 0x31e4 [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i C:\WINDOWS\system32\drivers\MegaSas2i.sys
22:54:48.0902 0x31e4 megasas2i - ok
22:54:48.0924 0x31e4 [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr C:\WINDOWS\system32\drivers\megasr.sys
22:54:48.0940 0x31e4 megasr - ok
22:54:48.0955 0x31e4 [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
22:54:48.0955 0x31e4 MEIx64 - ok
22:54:48.0955 0x31e4 [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
22:54:48.0955 0x31e4 MessagingService - ok
22:54:48.0986 0x31e4 [ B57322E3BC44A1F0A9C97B68A9EFF495, 2C967B0E965DF834BDC92E3D12E372CB47BA88CB02B0B12FA2AE7B94C2AD80A1 ] mfeaack C:\WINDOWS\system32\drivers\mfeaack.sys
22:54:49.0002 0x31e4 mfeaack - ok
22:54:49.0002 0x31e4 [ 2BD453B97EF1B1DB5AA195A261F926F8, 47582D78B3ADD1D77F98C5D4EC89B1EC1EE7A79677691FAE543DECA2EE5ACF79 ] mfeavfk C:\WINDOWS\system32\drivers\mfeavfk.sys
22:54:49.0024 0x31e4 mfeavfk - ok
22:54:49.0024 0x31e4 [ 983CA8E34131695D6DE810990CE8FF69, C6BC27000C1EB8638AC1A8E2B8884FC71FAD667E0BB850E305C7DE77EBA5306D ] mfedisk C:\WINDOWS\system32\DRIVERS\mfedisk.sys
22:54:49.0024 0x31e4 mfedisk - ok
22:54:49.0024 0x31e4 [ D1780DF54D9DB0DF6801F8657D5F0A14, 4B695A7165BB11521E602D93E73770D4181E170AA010CE5F91F95031BF4865C9 ] mfeelamk C:\WINDOWS\system32\drivers\mfeelamk.sys
22:54:49.0040 0x31e4 mfeelamk - ok
22:54:49.0055 0x31e4 [ B58B438EE841934F0425AC91560D13F4, 3D6FAFB2E7EB3616E2A4827D713DB95795AFA0D50140F8DDF08C102838776277 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
22:54:49.0055 0x31e4 mfefire - ok
22:54:49.0102 0x31e4 [ 9F9BC4DBB610F1AD600F619416A6144D, DE957B0CEF45A4DFD5280DFF8EC4D3EDFBE00E1CB920262D2F6B86E19DDAD7C6 ] mfefirek C:\WINDOWS\system32\drivers\mfefirek.sys
22:54:49.0118 0x31e4 mfefirek - ok
22:54:49.0140 0x31e4 [ B98911F49EA2F83A9079315846BE1E53, 2335ED3F166D5B10F2DBECE330C1FE8D50E1DEE4EA7D523AB6AC79E99A26C206 ] mfehidk C:\WINDOWS\system32\drivers\mfehidk.sys
22:54:49.0156 0x31e4 mfehidk - ok
22:54:49.0171 0x31e4 [ 172F71DAFD8D139CB12D20A2A9986676, 9B2CBCE81C7EE0A150CDC4F68370D0B75E9AE57BDB82A4D1B74F4F9F09329240 ] mfemms C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
22:54:49.0171 0x31e4 mfemms - ok
22:54:49.0187 0x31e4 [ E2082E1EF67506041CAD66D905494B43, B577E1D37D16A9FDA9818317D4A8DB0FF49F1099D983F014FFDB697A3FC889F7 ] mfevtp C:\WINDOWS\system32\mfevtps.exe
22:54:49.0187 0x31e4 mfevtp - ok
22:54:49.0224 0x31e4 [ 34CA0FA858BC45FA83247AAD4976CCE7, 676ED2E7EE58D2316F2DC05AB4BD9F9CFE75570E9919D568ACC992B4F9152514 ] mfewfpk C:\WINDOWS\system32\drivers\mfewfpk.sys
22:54:49.0224 0x31e4 mfewfpk - ok
22:54:49.0256 0x31e4 [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
22:54:49.0271 0x31e4 mlx4_bus - ok
22:54:49.0287 0x31e4 [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
22:54:49.0287 0x31e4 MMCSS - ok
22:54:49.0287 0x31e4 [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem C:\WINDOWS\system32\drivers\modem.sys
22:54:49.0302 0x31e4 Modem - ok
22:54:49.0302 0x31e4 [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor C:\WINDOWS\System32\drivers\monitor.sys
22:54:49.0302 0x31e4 monitor - ok
22:54:49.0319 0x31e4 [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
22:54:49.0321 0x31e4 mouclass - ok
22:54:49.0325 0x31e4 [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
22:54:49.0325 0x31e4 mouhid - ok
22:54:49.0325 0x31e4 [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
22:54:49.0340 0x31e4 mountmgr - ok
22:54:49.0356 0x31e4 [ 4235B16E8C2E277EECB9BFD4579C428E, BCACE6E4D61E5C8A3BA417A361121A5B2F2B3D6E103B005C3F5738D4915B5FF4 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:54:49.0403 0x31e4 MozillaMaintenance - ok
22:54:49.0421 0x31e4 [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
22:54:49.0423 0x31e4 mpsdrv - ok
22:54:49.0441 0x31e4 [ A231E1861F7AA9CCC24B97176BBA838D, CDAB9A25CC55B71E8A83E50504B12E948D7A88F035918E4F94E3624E4AA0A28D ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
22:54:49.0472 0x31e4 MpsSvc - ok
22:54:49.0472 0x31e4 [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
22:54:49.0487 0x31e4 MRxDAV - ok
22:54:49.0503 0x31e4 [ D559FF28B1AD9B1E15A4186E785E61F6, 4B22A740E86CA10B1B43E36CBE9A50B53D1E5504C25694C8FF3A514DF699E99C ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:54:49.0525 0x31e4 mrxsmb - ok
22:54:49.0541 0x31e4 [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
22:54:49.0556 0x31e4 mrxsmb10 - ok
22:54:49.0556 0x31e4 [ 0698B15E21EA1B8742F2E7BB3142B754, 0DB79841E863F08452F895DA47CEEF6CA4D527A616EB616FDFF5F7431487E5F7 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
22:54:49.0572 0x31e4 mrxsmb20 - ok
22:54:49.0572 0x31e4 [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
22:54:49.0572 0x31e4 MsBridge - ok
22:54:49.0588 0x31e4 [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC C:\WINDOWS\System32\msdtc.exe
22:54:49.0588 0x31e4 MSDTC - ok
22:54:49.0588 0x31e4 [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
22:54:49.0603 0x31e4 Msfs - ok
22:54:49.0622 0x31e4 [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
22:54:49.0624 0x31e4 msgpiowin32 - ok
22:54:49.0671 0x31e4 [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
22:54:49.0671 0x31e4 mshidkmdf - ok
Geändert von Lisa.Ivles (05.05.2017 um 22:10 Uhr) |
|
05.05.2017, 22:01
| #4 |
| | WEB.de E-Mail-Account: Mail delivery failed Nachrichten, obwohl ich selber keine E-Mails geschrieben habe Logdatei von TDSS-Killer Teil 2 Code:
ATTFilter 22:54:49.0671 0x31e4 [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
22:54:49.0671 0x31e4 mshidumdf - ok
22:54:49.0671 0x31e4 [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
22:54:49.0671 0x31e4 msisadrv - ok
22:54:49.0687 0x31e4 [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
22:54:49.0687 0x31e4 MSiSCSI - ok
22:54:49.0687 0x31e4 msiserver - ok
22:54:49.0703 0x31e4 [ 4586CDA25B7866DD9505CEECF9DB3C74, B94CE1A7C1B6FFEF7AA33AEC30C27E01E44E6E56A4274705684BFBB738F95BCF ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
22:54:49.0741 0x31e4 MSKSSRV - ok
22:54:49.0741 0x31e4 [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
22:54:49.0741 0x31e4 MsLldp - ok
22:54:49.0741 0x31e4 [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
22:54:49.0756 0x31e4 MSPCLOCK - ok
22:54:49.0756 0x31e4 [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
22:54:49.0756 0x31e4 MSPQM - ok
22:54:49.0772 0x31e4 [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
22:54:49.0772 0x31e4 MsRPC - ok
22:54:49.0788 0x31e4 [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
22:54:49.0788 0x31e4 mssmbios - ok
22:54:49.0788 0x31e4 [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
22:54:49.0788 0x31e4 MSTEE - ok
22:54:49.0788 0x31e4 [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
22:54:49.0788 0x31e4 MTConfig - ok
22:54:49.0829 0x31e4 [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
22:54:49.0829 0x31e4 Mup - ok
22:54:49.0829 0x31e4 [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
22:54:49.0829 0x31e4 mvumis - ok
22:54:49.0860 0x31e4 [ A5FA29F748BBF38FC3FAE4B54FA20A93, 8912F08967CFDD2A74593C9D23F43D6487D1920969C380B39BA8EA4672B24C3B ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
22:54:49.0876 0x31e4 NativeWifiP - ok
22:54:49.0891 0x31e4 [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
22:54:49.0891 0x31e4 NcaSvc - ok
22:54:49.0907 0x31e4 [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService C:\WINDOWS\System32\ncbservice.dll
22:54:49.0907 0x31e4 NcbService - ok
22:54:49.0927 0x31e4 [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
22:54:49.0929 0x31e4 NcdAutoSetup - ok
22:54:49.0929 0x31e4 [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
22:54:49.0929 0x31e4 ndfltr - ok
22:54:49.0976 0x31e4 [ 63560E6BC9BCA978A6B72DF65F7A8930, 278AAB22ED6001E7E336EFC027073EDA727A3D333FF2576D087C92F8E6D768B2 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
22:54:50.0007 0x31e4 NDIS - ok
22:54:50.0007 0x31e4 [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
22:54:50.0007 0x31e4 NdisCap - ok
22:54:50.0024 0x31e4 [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
22:54:50.0028 0x31e4 NdisImPlatform - ok
22:54:50.0029 0x31e4 [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:54:50.0029 0x31e4 NdisTapi - ok
22:54:50.0029 0x31e4 [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
22:54:50.0029 0x31e4 Ndisuio - ok
22:54:50.0045 0x31e4 [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
22:54:50.0045 0x31e4 NdisVirtualBus - ok
22:54:50.0045 0x31e4 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
22:54:50.0045 0x31e4 NdisWan - ok
22:54:50.0060 0x31e4 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:54:50.0060 0x31e4 ndiswanlegacy - ok
22:54:50.0076 0x31e4 [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
22:54:50.0076 0x31e4 ndproxy - ok
22:54:50.0076 0x31e4 [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
22:54:50.0076 0x31e4 Ndu - ok
22:54:50.0091 0x31e4 [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys
22:54:50.0091 0x31e4 NetAdapterCx - ok
22:54:50.0091 0x31e4 [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
22:54:50.0091 0x31e4 NetBIOS - ok
22:54:50.0107 0x31e4 [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
22:54:50.0107 0x31e4 NetBT - ok
22:54:50.0128 0x31e4 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon C:\WINDOWS\system32\lsass.exe
22:54:50.0129 0x31e4 Netlogon - ok
22:54:50.0129 0x31e4 [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman C:\WINDOWS\System32\netman.dll
22:54:50.0144 0x31e4 Netman - ok
22:54:50.0160 0x31e4 [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
22:54:50.0160 0x31e4 netprofm - ok
22:54:50.0176 0x31e4 [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
22:54:50.0191 0x31e4 NetSetupSvc - ok
22:54:50.0207 0x31e4 [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:54:50.0207 0x31e4 NetTcpPortSharing - ok
22:54:50.0291 0x31e4 [ 1F91B1E5FD41BDC3DF8AFFB81C8AA277, B8CB13863C1F0C589C008E191A393DF241F3067DD7CADE02B3B7D36B28BBA2ED ] NETwNb64 C:\WINDOWS\System32\drivers\Netwbw02.sys
22:54:50.0361 0x31e4 NETwNb64 - ok
22:54:50.0376 0x31e4 [ E79E364AF827EB1F141BE000ABB8727D, 96218EB8B7C9E0F614AB9EAEAEC41BD4DB0E9EFE5C1D87EC749B9CB71653CEB1 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
22:54:50.0376 0x31e4 NgcCtnrSvc - ok
22:54:50.0426 0x31e4 [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
22:54:50.0445 0x31e4 NgcSvc - ok
22:54:50.0461 0x31e4 [ 02E736F9861F1A6134736CF7473C513F, 7C574A50980885B213EFC0C394AFE613879B669246A4EA5EA6B5F791F7F6F32E ] NitroDriverReadSpool9 C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
22:54:50.0461 0x31e4 NitroDriverReadSpool9 - ok
22:54:50.0476 0x31e4 [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
22:54:50.0492 0x31e4 NlaSvc - ok
22:54:50.0561 0x31e4 [ CD2C0C25ECFCF816306126D3C208614B, C0C8B59BDDB349A593DFF5107841EB76618631C867D7C8F234C9ECBD76713CB0 ] nlsX86cc C:\WINDOWS\SysWOW64\NLSSRV32.EXE
22:54:50.0576 0x31e4 nlsX86cc - ok
22:54:50.0576 0x31e4 [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
22:54:50.0576 0x31e4 Npfs - ok
22:54:50.0592 0x31e4 [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
22:54:50.0592 0x31e4 npsvctrig - ok
22:54:50.0592 0x31e4 [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi C:\WINDOWS\system32\nsisvc.dll
22:54:50.0592 0x31e4 nsi - ok
22:54:50.0592 0x31e4 [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
22:54:50.0608 0x31e4 nsiproxy - ok
22:54:50.0677 0x31e4 [ 98BBD81DC481E9D58EEB31C81EBDEFF5, 28FAAFCB90721C557C37D18533681C274428BC97AB3C3AAFCC75212074E9F2CA ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
22:54:50.0730 0x31e4 NTFS - ok
22:54:50.0730 0x31e4 [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null C:\WINDOWS\system32\drivers\Null.sys
22:54:50.0730 0x31e4 Null - ok
22:54:50.0746 0x31e4 [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
22:54:50.0746 0x31e4 nvraid - ok
22:54:50.0761 0x31e4 [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
22:54:50.0761 0x31e4 nvstor - ok
22:54:50.0777 0x31e4 [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
22:54:50.0792 0x31e4 OneSyncSvc - ok
22:54:50.0829 0x31e4 [ 0282482270F0D0C6E6E2C483B1A35C16, 030E659B4D5DAFFCBE029B2BD94508437EC0B0AFB4EC026EFA586C2C04F023D6 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:54:50.0876 0x31e4 ose - ok
22:54:50.0929 0x31e4 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
22:54:50.0929 0x31e4 p2pimsvc - ok
22:54:50.0961 0x31e4 [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc C:\WINDOWS\system32\p2psvc.dll
22:54:50.0961 0x31e4 p2psvc - ok
22:54:50.0976 0x31e4 [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport C:\WINDOWS\System32\drivers\parport.sys
22:54:50.0976 0x31e4 Parport - ok
22:54:50.0976 0x31e4 [ 0553ECB742278C8F4CFA28B43FF20EAD, ACD7F5BC36573BCEC2C3413DEA687034ECC101EDD3C1544B264BBA29EFCE3425 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
22:54:50.0995 0x31e4 partmgr - ok
22:54:51.0010 0x31e4 [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
22:54:51.0030 0x31e4 PcaSvc - ok
22:54:51.0046 0x31e4 [ 29AF16726F4DD84376ECA85AB6AFF2C6, BEF9EA10637065365ED343C4EBA51191B9BEADD8F1F3362D3EFE75F40BE9A027 ] pci C:\WINDOWS\system32\drivers\pci.sys
22:54:51.0061 0x31e4 pci - ok
22:54:51.0061 0x31e4 [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide C:\WINDOWS\system32\drivers\pciide.sys
22:54:51.0061 0x31e4 pciide - ok
22:54:51.0093 0x31e4 [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
22:54:51.0093 0x31e4 pcmcia - ok
22:54:51.0093 0x31e4 [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
22:54:51.0108 0x31e4 pcw - ok
22:54:51.0108 0x31e4 [ CA979960D3A580C78EDB4BBD6BD3ABCC, 2A136BC562235D26F6421027B158D406FB1D08FE7D70A50DD3E4D344B0E27205 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
22:54:51.0130 0x31e4 pdc - ok
22:54:51.0146 0x31e4 [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
22:54:51.0161 0x31e4 PEAUTH - ok
22:54:51.0161 0x31e4 [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
22:54:51.0177 0x31e4 percsas2i - ok
22:54:51.0177 0x31e4 [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
22:54:51.0177 0x31e4 percsas3i - ok
22:54:51.0193 0x31e4 [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
22:54:51.0193 0x31e4 PerfHost - ok
22:54:51.0236 0x31e4 [ 64351455DF585673FECA37136BC8CBAC, 41376D69CD5F241F27E4F1B2FF06056DB5551C62393DD5FC357B38CC61677EFE ] PGService C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
22:54:51.0236 0x31e4 PGService - ok
22:54:51.0267 0x31e4 [ 29D2ADBA0F22B82D7B1C502A26558C7B, C0280D99614DE2490413ED6DB06CFBD0480766D0F7173DEEBCA6AE8D2CB111F7 ] PG_Service_Launcher C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
22:54:51.0336 0x31e4 PG_Service_Launcher - ok
22:54:51.0367 0x31e4 [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
22:54:51.0398 0x31e4 PhoneSvc - ok
22:54:51.0433 0x31e4 [ C7A94D99CDF054248EFBD9B93D096DA6, F59F0EB5B17DC078E47D044B1126A786D67DC149AC9614CDA6AA1226EEE3EF55 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
22:54:51.0436 0x31e4 PimIndexMaintenanceSvc - ok
22:54:51.0467 0x31e4 [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla C:\WINDOWS\system32\pla.dll
22:54:51.0498 0x31e4 pla - ok
22:54:51.0514 0x31e4 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
22:54:51.0530 0x31e4 PlugPlay - ok
22:54:51.0536 0x31e4 [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
22:54:51.0536 0x31e4 PNRPAutoReg - ok
22:54:51.0551 0x31e4 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
22:54:51.0551 0x31e4 PNRPsvc - ok
22:54:51.0583 0x31e4 [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
22:54:51.0583 0x31e4 PolicyAgent - ok
22:54:51.0598 0x31e4 [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power C:\WINDOWS\system32\umpo.dll
22:54:51.0598 0x31e4 Power - ok
22:54:51.0614 0x31e4 [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
22:54:51.0614 0x31e4 PptpMiniport - ok
22:54:51.0714 0x31e4 [ 12ECCDB0C865A8CB805BABAD5A54EF41, B6E709C692EDDC2308A6944DE1ABA13155FC52905DC572C0008BCC97B3889771 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
22:54:51.0814 0x31e4 PrintNotify - ok
22:54:51.0814 0x31e4 [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor C:\WINDOWS\System32\drivers\processr.sys
22:54:51.0833 0x31e4 Processor - ok
22:54:51.0836 0x31e4 [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
22:54:51.0851 0x31e4 ProfSvc - ok
22:54:51.0851 0x31e4 [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched C:\WINDOWS\system32\drivers\pacer.sys
22:54:51.0851 0x31e4 Psched - ok
22:54:51.0883 0x31e4 [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE C:\WINDOWS\system32\qwave.dll
22:54:51.0883 0x31e4 QWAVE - ok
22:54:51.0898 0x31e4 [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
22:54:51.0898 0x31e4 QWAVEdrv - ok
22:54:51.0898 0x31e4 [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:54:51.0898 0x31e4 RasAcd - ok
22:54:51.0914 0x31e4 [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
22:54:51.0914 0x31e4 RasAgileVpn - ok
22:54:51.0914 0x31e4 [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto C:\WINDOWS\System32\rasauto.dll
22:54:51.0931 0x31e4 RasAuto - ok
22:54:51.0936 0x31e4 [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
22:54:51.0936 0x31e4 Rasl2tp - ok
22:54:51.0952 0x31e4 [ 989DBF4805124A31610947E502501696, BCB73879AEC0588D0BFAB915D1F6EB637333A24D2030ED6572B3A3C03865AE93 ] RasMan C:\WINDOWS\System32\rasmans.dll
22:54:51.0967 0x31e4 RasMan - ok
22:54:51.0967 0x31e4 [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:54:51.0983 0x31e4 RasPppoe - ok
22:54:51.0983 0x31e4 [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
22:54:51.0983 0x31e4 RasSstp - ok
22:54:51.0999 0x31e4 [ 6132B142C5A1FA4C05F06FE43DE5E55E, CCF64C9A778501635B8B5E20BB617D39D0298329FD6911DC125FC8B31FEFEDE1 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:54:52.0014 0x31e4 rdbss - ok
22:54:52.0014 0x31e4 [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
22:54:52.0014 0x31e4 rdpbus - ok
22:54:52.0036 0x31e4 [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
22:54:52.0051 0x31e4 RDPDR - ok
22:54:52.0067 0x31e4 [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
22:54:52.0067 0x31e4 RdpVideoMiniport - ok
22:54:52.0098 0x31e4 [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
22:54:52.0098 0x31e4 rdyboost - ok
22:54:52.0134 0x31e4 [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
22:54:52.0152 0x31e4 ReFSv1 - ok
22:54:52.0167 0x31e4 [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
22:54:52.0183 0x31e4 RemoteAccess - ok
22:54:52.0199 0x31e4 [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
22:54:52.0199 0x31e4 RemoteRegistry - ok
22:54:52.0236 0x31e4 [ 62EC862859B3C6F2B7815466DF24207A, 90A108CB4E58102498F8554D2789C1F3AE505350F640F083373DD07736076554 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
22:54:52.0252 0x31e4 RetailDemo - ok
22:54:52.0283 0x31e4 [ E82F3B1918C6A5FE6EB761CDF1E772AF, 0C993FCB7BFD6E01B70A1821E0DEAFA2CB241AF8C2E6D4CC120F59C1B5F6FF5F ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
22:54:52.0283 0x31e4 RFCOMM - ok
22:54:52.0314 0x31e4 [ FBA61BB4C484A01A655AFB18FF86C417, D53B2110CB09D0A909C4E330C468351BFE076BB056CCDDCB8ADA2FB91E96352E ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
22:54:52.0334 0x31e4 RichVideo64 - ok
22:54:52.0368 0x31e4 [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc C:\WINDOWS\System32\RMapi.dll
22:54:52.0368 0x31e4 RmSvc - ok
22:54:52.0368 0x31e4 [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
22:54:52.0383 0x31e4 RpcEptMapper - ok
22:54:52.0383 0x31e4 [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator C:\WINDOWS\system32\locator.exe
22:54:52.0383 0x31e4 RpcLocator - ok
22:54:52.0415 0x31e4 [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs C:\WINDOWS\system32\rpcss.dll
22:54:52.0437 0x31e4 RpcSs - ok
22:54:52.0437 0x31e4 [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
22:54:52.0452 0x31e4 rspndr - ok
22:54:52.0737 0x31e4 [ D72F22971F0F492BE045EBAB0C79177D, 984B161880226440B5BF09478C783543C242CA995E56074229385E88FF87399A ] rtsuvc C:\WINDOWS\system32\DRIVERS\rtsuvc.sys
22:54:52.0953 0x31e4 rtsuvc - ok
22:54:52.0969 0x31e4 [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
22:54:52.0969 0x31e4 s3cap - ok
22:54:52.0985 0x31e4 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs C:\WINDOWS\system32\lsass.exe
22:54:52.0985 0x31e4 SamSs - ok
22:54:53.0000 0x31e4 [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
22:54:53.0000 0x31e4 sbp2port - ok
22:54:53.0034 0x31e4 [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
22:54:53.0037 0x31e4 SCardSvr - ok
22:54:53.0037 0x31e4 [ 5E8ECCE130A72107B6DFDBE26185A7FB, 811E2CE485BC14161FF629069BCCF53B2B8C6F8B1E1A6B3A3C86DBE4F85A5577 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
22:54:53.0053 0x31e4 ScDeviceEnum - ok
22:54:53.0053 0x31e4 [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
22:54:53.0053 0x31e4 scfilter - ok
22:54:53.0085 0x31e4 [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule C:\WINDOWS\system32\schedsvc.dll
22:54:53.0100 0x31e4 Schedule - ok
22:54:53.0116 0x31e4 [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys
22:54:53.0116 0x31e4 scmbus - ok
22:54:53.0138 0x31e4 [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101 C:\WINDOWS\System32\drivers\scmdisk0101.sys
22:54:53.0138 0x31e4 scmdisk0101 - ok
22:54:53.0138 0x31e4 [ E189727B3C9909A85B33A16B290E192E, 2C273A9F44EDC5E5435904E9681973854B2F3EBB6100021BB139FF0CCCE9BF20 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
22:54:53.0154 0x31e4 SCPolicySvc - ok
22:54:53.0169 0x31e4 [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
22:54:53.0185 0x31e4 sdbus - ok
22:54:53.0200 0x31e4 [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
22:54:53.0200 0x31e4 SDRSVC - ok
22:54:53.0216 0x31e4 [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
22:54:53.0216 0x31e4 sdstor - ok
22:54:53.0235 0x31e4 [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon C:\WINDOWS\system32\seclogon.dll
22:54:53.0238 0x31e4 seclogon - ok
22:54:53.0254 0x31e4 [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS C:\WINDOWS\System32\sens.dll
22:54:53.0254 0x31e4 SENS - ok
22:54:53.0300 0x31e4 [ CF2AEB951CFC56D4F6CF2D66218B673C, CEA0B0E0251EA198893830080EE4CB8A9F18ADBF1F6FEFFC9C7E8AB4588D0639 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
22:54:53.0316 0x31e4 SensorDataService - ok
22:54:53.0354 0x31e4 [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService C:\WINDOWS\system32\SensorService.dll
22:54:53.0354 0x31e4 SensorService - ok
22:54:53.0369 0x31e4 [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
22:54:53.0369 0x31e4 SensrSvc - ok
22:54:53.0385 0x31e4 [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
22:54:53.0385 0x31e4 SerCx - ok
22:54:53.0401 0x31e4 [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
22:54:53.0416 0x31e4 SerCx2 - ok
22:54:53.0416 0x31e4 [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
22:54:53.0416 0x31e4 Serenum - ok
22:54:53.0432 0x31e4 [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial C:\WINDOWS\System32\drivers\serial.sys
22:54:53.0436 0x31e4 Serial - ok
22:54:53.0438 0x31e4 [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
22:54:53.0438 0x31e4 sermouse - ok
22:54:53.0454 0x31e4 [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv C:\WINDOWS\system32\sessenv.dll
22:54:53.0469 0x31e4 SessionEnv - ok
22:54:53.0485 0x31e4 [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
22:54:53.0485 0x31e4 sfloppy - ok
22:54:53.0501 0x31e4 [ E38BE81F0F6D9C74E420A82BC6A02AFE, 25D7594FD1BE0B303F9777ACBA702ACD0C27B00D21F82659989C40636851A330 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
22:54:53.0516 0x31e4 SharedAccess - ok
22:54:53.0554 0x31e4 [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:54:53.0569 0x31e4 ShellHWDetection - ok
22:54:53.0600 0x31e4 [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
22:54:53.0600 0x31e4 shpamsvc - ok
22:54:53.0600 0x31e4 [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
22:54:53.0616 0x31e4 SiSRaid2 - ok
22:54:53.0616 0x31e4 [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
22:54:53.0616 0x31e4 SiSRaid4 - ok
22:54:53.0637 0x31e4 [ 3E98CE04689597C76B3EF4D3D0323836, F7FFF675066281190C236F2995EB003A1779231E5164EEE6BEE334A4240B1DF9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:54:53.0638 0x31e4 SkypeUpdate - ok
22:54:53.0654 0x31e4 [ 8A6571231D93C08434A56E19E33A35CB, 78A12B58D129D5B2017C9A94734656B9F1ED41345DF1D01F82702D4D95C1BE3F ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
22:54:53.0654 0x31e4 SmbDrvI - ok
22:54:53.0669 0x31e4 [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost C:\WINDOWS\System32\smphost.dll
22:54:53.0669 0x31e4 smphost - ok
22:54:53.0701 0x31e4 [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
22:54:53.0716 0x31e4 SmsRouter - ok
22:54:53.0716 0x31e4 [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
22:54:53.0716 0x31e4 SNMPTRAP - ok
22:54:53.0738 0x31e4 [ 8BDB9E47D84144110F05AB757E630374, 8A49004895B8AD17C877AA8E7B6A0F14936BDDCBB88F0E5FB880DD0D816AEAB4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
22:54:53.0769 0x31e4 spaceport - ok
22:54:53.0785 0x31e4 [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
22:54:53.0785 0x31e4 SpbCx - ok
22:54:53.0816 0x31e4 [ 1DFE222F8D6A422B7ADC909E0C8840DA, 96761691CF4447710D65573044A1005F2F0F89443DF581A30B97D7944940BB70 ] Spooler C:\WINDOWS\System32\spoolsv.exe
22:54:53.0838 0x31e4 Spooler - ok
22:54:53.0970 0x31e4 [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
22:54:54.0101 0x31e4 sppsvc - ok
22:54:54.0138 0x31e4 [ FD3C05C412BE1C9FA477AD9CF9B2AADB, 19BEF5B3A0DAF8227200C2294547A497021F0B2558211345BFFFD13678522592 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
22:54:54.0139 0x31e4 srv - ok
22:54:54.0170 0x31e4 [ 55CA5329D1ADEB8F8034045930147AE4, D4F31BC82700D166564C7F9CDCEA3ABAB4A37B55137C34572768DF46FDA9320A ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
22:54:54.0186 0x31e4 srv2 - ok
22:54:54.0186 0x31e4 [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
22:54:54.0202 0x31e4 srvnet - ok
22:54:54.0202 0x31e4 [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
22:54:54.0217 0x31e4 SSDPSRV - ok
22:54:54.0254 0x31e4 [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
22:54:54.0254 0x31e4 SstpSvc - ok
22:54:54.0270 0x31e4 [ 36C3697CA09B23C77BDF95A6B0B57310, DAEF9CFBDE444A80FB41DA0BC5C3C4E1E4B535497A5EDA43EC8768A6EC42E4EA ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
22:54:54.0286 0x31e4 ssudmdm - ok
22:54:54.0401 0x31e4 [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
22:54:54.0501 0x31e4 StateRepository - ok
22:54:54.0517 0x31e4 [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
22:54:54.0517 0x31e4 stexstor - ok
22:54:54.0540 0x31e4 [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc C:\WINDOWS\System32\wiaservc.dll
22:54:54.0555 0x31e4 stisvc - ok
22:54:54.0555 0x31e4 [ 6BC6023E866489D22CE30E18846B80D9, FD0D13332F3E267524A9FA7FEC128298D4905722807C172AE8E3DFE445C28DB1 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
22:54:54.0571 0x31e4 storahci - ok
22:54:54.0586 0x31e4 [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
22:54:54.0586 0x31e4 storflt - ok
22:54:54.0618 0x31e4 [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
22:54:54.0635 0x31e4 stornvme - ok
22:54:54.0639 0x31e4 [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
22:54:54.0639 0x31e4 storqosflt - ok
22:54:54.0671 0x31e4 [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc C:\WINDOWS\system32\storsvc.dll
22:54:54.0671 0x31e4 StorSvc - ok
22:54:54.0686 0x31e4 [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
22:54:54.0686 0x31e4 storufs - ok
22:54:54.0686 0x31e4 [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
22:54:54.0686 0x31e4 storvsc - ok
22:54:54.0702 0x31e4 [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc C:\WINDOWS\system32\svsvc.dll
22:54:54.0702 0x31e4 svsvc - ok
22:54:54.0702 0x31e4 [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum C:\WINDOWS\System32\drivers\swenum.sys
22:54:54.0702 0x31e4 swenum - ok
22:54:54.0718 0x31e4 [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv C:\WINDOWS\System32\swprv.dll
22:54:54.0739 0x31e4 swprv - ok
22:54:54.0755 0x31e4 [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
22:54:54.0755 0x31e4 Synth3dVsc - ok
22:54:54.0786 0x31e4 [ 7DC2B34FB6F1798F2D13453E0321D025, 60EF12A8824384DD88D9C5D188E8FB137F0F85A63C06AAF720CB2D616EB847F4 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
22:54:54.0786 0x31e4 SynTP - ok
22:54:54.0802 0x31e4 [ 6FBDBC24B1642868E041463795CBFA44, E9FA0DB094E7B2129ABD325BC91A48D6646380D6AA97BE6233C220E0C98637AF ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
22:54:54.0818 0x31e4 SynTPEnhService - ok
22:54:54.0840 0x31e4 [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain C:\WINDOWS\system32\sysmain.dll
22:54:54.0855 0x31e4 SysMain - ok
22:54:54.0871 0x31e4 [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
22:54:54.0887 0x31e4 SystemEventsBroker - ok
22:54:54.0887 0x31e4 [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
22:54:54.0902 0x31e4 TabletInputService - ok
22:54:54.0918 0x31e4 [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
22:54:54.0938 0x31e4 TapiSrv - ok
22:54:55.0018 0x31e4 [ F3CFBE74DAF9ABD06F0B2A037DC4C90A, 17644CD7F70CCFFC9C0881AB4017F30D030DE4884B6029C48859C9CF9CA2F14E ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
22:54:55.0071 0x31e4 Tcpip - ok
22:54:55.0140 0x31e4 [ F3CFBE74DAF9ABD06F0B2A037DC4C90A, 17644CD7F70CCFFC9C0881AB4017F30D030DE4884B6029C48859C9CF9CA2F14E ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
22:54:55.0187 0x31e4 Tcpip6 - ok
22:54:55.0187 0x31e4 [ EC9450227A4C661513661F1F9C1F7DD6, 4DB122DECEA7C76BD20A6682958609A40CA2C9EDD236DFA19E9B31C57114DA3A ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
22:54:55.0187 0x31e4 tcpipreg - ok
22:54:55.0203 0x31e4 [ 0B237F8A96952BF95A14865030E131F2, 263089672218D3A768A6FC9D28DBEFE113D6757A9ECBAB4D364A62AC5DDA8AAE ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
22:54:55.0203 0x31e4 tdx - ok
22:54:55.0218 0x31e4 [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
22:54:55.0218 0x31e4 terminpt - ok
22:54:55.0240 0x31e4 [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService C:\WINDOWS\System32\termsrv.dll
22:54:55.0256 0x31e4 TermService - ok
22:54:55.0271 0x31e4 [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes C:\WINDOWS\system32\themeservice.dll
22:54:55.0271 0x31e4 Themes - ok
22:54:55.0303 0x31e4 [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
22:54:55.0303 0x31e4 TieringEngineService - ok
22:54:55.0318 0x31e4 [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
22:54:55.0340 0x31e4 tiledatamodelsvc - ok
22:54:55.0340 0x31e4 [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll
22:54:55.0356 0x31e4 TimeBrokerSvc - ok
22:54:55.0356 0x31e4 [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
22:54:55.0387 0x31e4 TPM - ok
22:54:55.0403 0x31e4 [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks C:\WINDOWS\System32\trkwks.dll
22:54:55.0418 0x31e4 TrkWks - ok
22:54:55.0418 0x31e4 [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
22:54:55.0418 0x31e4 TrustedInstaller - ok
22:54:55.0438 0x31e4 [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
22:54:55.0440 0x31e4 tsusbflt - ok
22:54:55.0440 0x31e4 [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
22:54:55.0440 0x31e4 TsUsbGD - ok
22:54:55.0440 0x31e4 [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
22:54:55.0456 0x31e4 tunnel - ok
22:54:55.0456 0x31e4 [ 13781908186770ABE9F8EBCC2B45B138, 4BEC8466254E0C6492CC55CE344A6173878CFA040238C6BE5842E5209F066DEE ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
22:54:55.0456 0x31e4 tzautoupdate - ok
22:54:55.0472 0x31e4 [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
22:54:55.0472 0x31e4 UASPStor - ok
22:54:55.0472 0x31e4 [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
22:54:55.0487 0x31e4 UcmCx0101 - ok
22:54:55.0487 0x31e4 [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
22:54:55.0487 0x31e4 UcmTcpciCx0101 - ok
22:54:55.0487 0x31e4 [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
22:54:55.0503 0x31e4 UcmUcsi - ok
22:54:55.0503 0x31e4 [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
22:54:55.0518 0x31e4 Ucx01000 - ok
22:54:55.0518 0x31e4 [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
22:54:55.0518 0x31e4 UdeCx - ok
22:54:55.0539 0x31e4 [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
22:54:55.0540 0x31e4 udfs - ok
22:54:55.0540 0x31e4 [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
22:54:55.0540 0x31e4 UEFI - ok
22:54:55.0556 0x31e4 [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
22:54:55.0556 0x31e4 Ufx01000 - ok
22:54:55.0571 0x31e4 [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
22:54:55.0571 0x31e4 UfxChipidea - ok
22:54:55.0571 0x31e4 [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
22:54:55.0587 0x31e4 ufxsynopsys - ok
22:54:55.0587 0x31e4 [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
22:54:55.0603 0x31e4 UI0Detect - ok
22:54:55.0603 0x31e4 [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus C:\WINDOWS\System32\drivers\umbus.sys
22:54:55.0603 0x31e4 umbus - ok
22:54:55.0603 0x31e4 [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
22:54:55.0603 0x31e4 UmPass - ok
22:54:55.0618 0x31e4 [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
22:54:55.0636 0x31e4 UmRdpService - ok
22:54:55.0672 0x31e4 [ 4B956444AF2A352366CF59C3A4A87C64, B5FFAF5908DCF78DDA27EA1ABF2AFDD2BDD43FFC0259D847A7107B1597E22BD6 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
22:54:55.0703 0x31e4 UnistoreSvc - ok
22:54:55.0741 0x31e4 [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost C:\WINDOWS\System32\upnphost.dll
22:54:55.0741 0x31e4 upnphost - ok
22:54:55.0757 0x31e4 [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
22:54:55.0757 0x31e4 UrsChipidea - ok
22:54:55.0757 0x31e4 [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
22:54:55.0757 0x31e4 UrsCx01000 - ok
22:54:55.0757 0x31e4 [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
22:54:55.0772 0x31e4 UrsSynopsys - ok
22:54:55.0772 0x31e4 [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
22:54:55.0772 0x31e4 usbccgp - ok
22:54:55.0788 0x31e4 [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
22:54:55.0788 0x31e4 usbcir - ok
22:54:55.0788 0x31e4 [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
22:54:55.0804 0x31e4 usbehci - ok
22:54:55.0819 0x31e4 [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
22:54:55.0841 0x31e4 usbhub - ok
22:54:55.0841 0x31e4 [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
22:54:55.0857 0x31e4 USBHUB3 - ok
22:54:55.0857 0x31e4 [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
22:54:55.0873 0x31e4 usbohci - ok
22:54:55.0873 0x31e4 [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
22:54:55.0873 0x31e4 usbprint - ok
22:54:55.0873 0x31e4 [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:54:55.0888 0x31e4 usbscan - ok
22:54:55.0904 0x31e4 [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
22:54:55.0904 0x31e4 usbser - ok
22:54:55.0904 0x31e4 [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
22:54:55.0919 0x31e4 USBSTOR - ok
22:54:55.0919 0x31e4 [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
22:54:55.0919 0x31e4 usbuhci - ok
22:54:55.0939 0x31e4 [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
22:54:55.0942 0x31e4 USBXHCI - ok
22:54:55.0973 0x31e4 [ A39AFDD26E6F2E5595FF2D3997D7E1FE, 30DE54033DE437C16A069602529E63FF971AF0ABB383885E47B4DF5E0F8483AE ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
22:54:56.0004 0x31e4 UserDataSvc - ok
22:54:56.0042 0x31e4 [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager C:\WINDOWS\System32\usermgr.dll
22:54:56.0073 0x31e4 UserManager - ok
22:54:56.0089 0x31e4 [ B0116A4304D08362EE75948BA38B76EA, 1175CA5F9281BA15ED35AFE94F13AE9080595CB16CF5B4B8C843CD22703F26D1 ] UsoSvc C:\WINDOWS\system32\usocore.dll
22:54:56.0104 0x31e4 UsoSvc - ok
22:54:56.0104 0x31e4 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc C:\WINDOWS\system32\lsass.exe
22:54:56.0104 0x31e4 VaultSvc - ok
22:54:56.0120 0x31e4 [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
22:54:56.0120 0x31e4 vdrvroot - ok
22:54:56.0142 0x31e4 [ 2C5D96D0BB7EDEF9F2F8966A31007CCE, A8FB02E9E1B8ED5F2026534360C229DA7FC11BA209DE9C3222C65D0A9652FD3C ] vds C:\WINDOWS\System32\vds.exe
22:54:56.0160 0x31e4 vds - ok
22:54:56.0176 0x31e4 [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
22:54:56.0176 0x31e4 VerifierExt - ok
22:54:56.0223 0x31e4 [ 3BB8D153A9A514EC9FFCB586251A1925, 5E4B46511F9791699826DC63B35528544347166BDE9981FB93F1F7F2A09599C7 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
22:54:56.0242 0x31e4 vhdmp - ok
22:54:56.0257 0x31e4 [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
22:54:56.0257 0x31e4 vhf - ok
22:54:56.0273 0x31e4 [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
22:54:56.0273 0x31e4 vmbus - ok
22:54:56.0273 0x31e4 [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
22:54:56.0273 0x31e4 VMBusHID - ok
22:54:56.0289 0x31e4 [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
22:54:56.0289 0x31e4 vmgid - ok
22:54:56.0304 0x31e4 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
22:54:56.0304 0x31e4 vmicguestinterface - ok
22:54:56.0320 0x31e4 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
22:54:56.0320 0x31e4 vmicheartbeat - ok
22:54:56.0338 0x31e4 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
22:54:56.0342 0x31e4 vmickvpexchange - ok
22:54:56.0358 0x31e4 [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
22:54:56.0358 0x31e4 vmicrdv - ok
22:54:56.0374 0x31e4 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
22:54:56.0389 0x31e4 vmicshutdown - ok
22:54:56.0389 0x31e4 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync C:\WINDOWS\System32\icsvc.dll
22:54:56.0405 0x31e4 vmictimesync - ok
22:54:56.0405 0x31e4 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
22:54:56.0421 0x31e4 vmicvmsession - ok
22:54:56.0421 0x31e4 [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicvss C:\WINDOWS\System32\icsvcext.dll
22:54:56.0441 0x31e4 vmicvss - ok
22:54:56.0443 0x31e4 [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
22:54:56.0443 0x31e4 volmgr - ok
22:54:56.0458 0x31e4 [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
22:54:56.0458 0x31e4 volmgrx - ok
22:54:56.0474 0x31e4 [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
22:54:56.0490 0x31e4 volsnap - ok
22:54:56.0490 0x31e4 [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume C:\WINDOWS\system32\drivers\volume.sys
22:54:56.0490 0x31e4 volume - ok
22:54:56.0505 0x31e4 [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
22:54:56.0521 0x31e4 vpci - ok
22:54:56.0540 0x31e4 [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
22:54:56.0543 0x31e4 vsmraid - ok
22:54:56.0574 0x31e4 [ 6DBB20053A67EFE5D8114CE93D12BEB3, B48997FADA4A600FEBFE36B249684E9CAF01570BAD36ED1FC9DA99F2D100638E ] VSS C:\WINDOWS\system32\vssvc.exe
22:54:56.0605 0x31e4 VSS - ok
22:54:56.0621 0x31e4 [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
22:54:56.0621 0x31e4 VSTXRAID - ok
22:54:56.0637 0x31e4 [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
22:54:56.0639 0x31e4 vwifibus - ok
22:54:56.0643 0x31e4 [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
22:54:56.0643 0x31e4 vwififlt - ok
22:54:56.0643 0x31e4 [ 59920894C38A827091A06AF559834E47, 8B40FE0B1BA3B2A79BFF70803D039DB921F85C978724722E5E5AFF188FA75471 ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys
22:54:56.0643 0x31e4 vwifimp - ok
22:54:56.0706 0x31e4 [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time C:\WINDOWS\system32\w32time.dll
22:54:56.0758 0x31e4 W32Time - ok
22:54:56.0774 0x31e4 [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
22:54:56.0774 0x31e4 WacomPen - ok
22:54:56.0789 0x31e4 [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService C:\WINDOWS\system32\WalletService.dll
22:54:56.0789 0x31e4 WalletService - ok
22:54:56.0805 0x31e4 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:54:56.0805 0x31e4 wanarp - ok
22:54:56.0805 0x31e4 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:54:56.0821 0x31e4 wanarpv6 - ok
22:54:56.0874 0x31e4 [ 68CC5E83B6F220F5BD7B5BC394917505, 24A793E1293608D1D1DB9396627DBF5FE66C9EFD1D49CCCD832CF1762B4E0E7D ] wbengine C:\WINDOWS\system32\wbengine.exe
22:54:56.0905 0x31e4 wbengine - ok
22:54:56.0937 0x31e4 [ 8C521D161445C3E1F38A494E7649E70D, F00990B2FE1FB52C74A2057E6480C5EBF2BDBC32955CC03C6B63360F20A49A18 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
22:54:56.0943 0x31e4 WbioSrvc - ok
22:54:56.0958 0x31e4 [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
22:54:56.0958 0x31e4 wcifs - ok
22:54:56.0974 0x31e4 [ CA10C91D802ABE6E5136E2168C2CD2B4, 5979FF9ED783ED3154257ED0507C7BBAF8C77C081CC30AE835EA8AF7508AAD08 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
22:54:56.0989 0x31e4 Wcmsvc - ok
22:54:57.0021 0x31e4 [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
22:54:57.0043 0x31e4 wcncsvc - ok
22:54:57.0043 0x31e4 [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
22:54:57.0043 0x31e4 wcnfs - ok
22:54:57.0059 0x31e4 [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
22:54:57.0059 0x31e4 WdBoot - ok
22:54:57.0074 0x31e4 [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
22:54:57.0090 0x31e4 Wdf01000 - ok
22:54:57.0106 0x31e4 [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
22:54:57.0121 0x31e4 WdFilter - ok
22:54:57.0121 0x31e4 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
22:54:57.0121 0x31e4 WdiServiceHost - ok
22:54:57.0138 0x31e4 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
22:54:57.0143 0x31e4 WdiSystemHost - ok
22:54:57.0159 0x31e4 [ EDC08B8D3E67F96688774841C247B82A, DB5AFAF87C74431B8EB5420DBF5428691F291B63C2FDE8282EE2E399C76F63F3 ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
22:54:57.0190 0x31e4 wdiwifi - ok
22:54:57.0206 0x31e4 [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
22:54:57.0206 0x31e4 WdNisDrv - ok
22:54:57.0206 0x31e4 WdNisSvc - ok
22:54:57.0243 0x31e4 [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient C:\WINDOWS\System32\webclnt.dll
22:54:57.0243 0x31e4 WebClient - ok
22:54:57.0259 0x31e4 [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
22:54:57.0275 0x31e4 Wecsvc - ok
22:54:57.0275 0x31e4 [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
22:54:57.0275 0x31e4 WEPHOSTSVC - ok
22:54:57.0290 0x31e4 [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
22:54:57.0290 0x31e4 wercplsupport - ok
22:54:57.0306 0x31e4 [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
22:54:57.0306 0x31e4 WerSvc - ok
22:54:57.0322 0x31e4 [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
22:54:57.0322 0x31e4 WFPLWFS - ok
22:54:57.0322 0x31e4 [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
22:54:57.0338 0x31e4 WiaRpc - ok
22:54:57.0343 0x31e4 [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
22:54:57.0344 0x31e4 WIMMount - ok
22:54:57.0344 0x31e4 WinDefend - ok
22:54:57.0359 0x31e4 [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
22:54:57.0359 0x31e4 WindowsTrustedRT - ok
22:54:57.0375 0x31e4 [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
22:54:57.0375 0x31e4 WindowsTrustedRTProxy - ok
22:54:57.0391 0x31e4 [ 4AB1AC1E60118443A14C241F91AC8FC9, 2B9237AC124874664E31B4F313BAAF8059BD0749653496784B4B89B4B7F66784 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
22:54:57.0422 0x31e4 WinHttpAutoProxySvc - ok
22:54:57.0422 0x31e4 [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
22:54:57.0422 0x31e4 WinMad - ok
22:54:57.0443 0x31e4 [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
22:54:57.0459 0x31e4 Winmgmt - ok
22:54:57.0544 0x31e4 [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
22:54:57.0622 0x31e4 WinRM - ok
22:54:57.0639 0x31e4 [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
22:54:57.0642 0x31e4 WINUSB - ok
22:54:57.0644 0x31e4 [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
22:54:57.0644 0x31e4 WinVerbs - ok
22:54:57.0660 0x31e4 [ EC80E34789681E01D3F1508EC2E13CB3, 584A043D7C58B71B8577A0B7F14BFFEFD6111B7167EE580E6E3EF395BA4059D2 ] wisvc C:\WINDOWS\system32\flightsettings.dll
22:54:57.0675 0x31e4 wisvc - ok
22:54:57.0775 0x31e4 [ 5A7AA8198156DC2BFF9F064E29D11AF5, 9CBAF1B99B54CDE087E0FC0A2601B3F056F81F2F5AF63B5BB71C7389247E496A ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
22:54:57.0806 0x31e4 WlanSvc - ok
22:54:57.0875 0x31e4 [ E15711970C5BE05E8D70B294D0AFF621, 30670CFC4DA57B4A3E0E895E4111100D847BB8041A258A303524CD96DC566482 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
22:54:57.0922 0x31e4 wlidsvc - ok
22:54:57.0942 0x31e4 [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
22:54:57.0943 0x31e4 WmiAcpi - ok
22:54:57.0944 0x31e4 [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
22:54:57.0959 0x31e4 wmiApSrv - ok
22:54:57.0959 0x31e4 WMPNetworkSvc - ok
22:54:57.0975 0x31e4 [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
22:54:57.0991 0x31e4 Wof - ok
22:54:58.0059 0x31e4 [ 5820CC51AB1C368F29ECCA713397D006, AA0CC2BC4DF7DBFB144FF47C3508BEEF00467C9D312C135AFB3406E42C6CD821 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
22:54:58.0091 0x31e4 workfolderssvc - ok
22:54:58.0106 0x31e4 [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
22:54:58.0106 0x31e4 WPDBusEnum - ok
22:54:58.0106 0x31e4 [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
22:54:58.0122 0x31e4 WpdUpFltr - ok
22:54:58.0122 0x31e4 [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService C:\WINDOWS\system32\WpnService.dll
22:54:58.0140 0x31e4 WpnService - ok
22:54:58.0144 0x31e4 [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
22:54:58.0144 0x31e4 WpnUserService - ok
22:54:58.0160 0x31e4 [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
22:54:58.0160 0x31e4 ws2ifsl - ok
22:54:58.0175 0x31e4 [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
22:54:58.0191 0x31e4 wscsvc - ok
22:54:58.0191 0x31e4 WSearch - ok
22:54:58.0206 0x31e4 [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd C:\WINDOWS\system32\DRIVERS\wsvd.sys
22:54:58.0206 0x31e4 wsvd - ok
22:54:58.0276 0x31e4 [ FC02797FC7910AC4F4A1D366D3584171, 868075A94239086D38C946B9B7F33CA53A17AF91BC442C145C39B30DFA62F36F ] wuauserv C:\WINDOWS\system32\wuaueng.dll
22:54:58.0323 0x31e4 wuauserv - ok
22:54:58.0344 0x31e4 [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
22:54:58.0344 0x31e4 WudfPf - ok
22:54:58.0344 0x31e4 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
22:54:58.0360 0x31e4 WUDFRd - ok
22:54:58.0360 0x31e4 [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
22:54:58.0376 0x31e4 wudfsvc - ok
22:54:58.0376 0x31e4 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
22:54:58.0376 0x31e4 WUDFWpdFs - ok
22:54:58.0422 0x31e4 [ D313FF382A26D1295B212A66EE3E52A8, 59FEF2AF611507BCB6FE036A7D4F1595F3449B76F9B055CDC67DC1BE1D90EEB8 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
22:54:58.0445 0x31e4 WwanSvc - ok
22:54:58.0476 0x31e4 [ 7EF75102A793AAA6AAA45A4F7C15FF4D, A3FB68905F3E3A7DE52B85FAD966ABCB787FAC7E709964CE9BF2A4F9AC8B0653 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
22:54:58.0491 0x31e4 XblAuthManager - ok
22:54:58.0540 0x31e4 [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
22:54:58.0560 0x31e4 XblGameSave - ok
22:54:58.0576 0x31e4 [ DB77764B46D02DCB9777D9E00A3F7D63, 469491E3A57FBB0CB0482A2493823B57410E24A5BD4C1C96D79FE9888F7827BB ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
22:54:58.0607 0x31e4 xboxgip - ok
22:54:58.0640 0x31e4 [ 1A8D9EA4DD1A3E276B85EDB05B42BEC7, 23FC10AC29BDF917AEDB3AAF82537EC2C72453E52B41836FD83643054FA4F0BE ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
22:54:58.0660 0x31e4 XboxNetApiSvc - ok
22:54:58.0660 0x31e4 [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
22:54:58.0676 0x31e4 xinputhid - ok
22:54:58.0676 0x31e4 ================ Scan global ===============================
22:54:58.0707 0x31e4 [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
22:54:58.0723 0x31e4 [ 0690445DD89A6498945E0FECC1689A45, ED11E144FCEDED7EF8ABEFC0B558312047AA7A2F37BFECEC14D5A44179130F70 ] C:\WINDOWS\system32\winsrv.dll
22:54:58.0745 0x31e4 [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
22:54:58.0760 0x31e4 [ 3C69CC28665854F1AAB4B4005005FA31, 2750F5ECCD448C07E3402AA64EA625D27C6BC1D000A3FFE57C03D62428BB46C4 ] C:\WINDOWS\system32\services.exe
22:54:58.0776 0x31e4 [ Global ] - ok
22:54:58.0776 0x31e4 ================ Scan MBR ==================================
22:54:58.0776 0x31e4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
22:54:58.0792 0x31e4 \Device\Harddisk0\DR0 - ok
22:54:58.0792 0x31e4 ================ Scan VBR ==================================
22:54:58.0792 0x31e4 [ E92E42703C18294D9AEFE553316F9CA4 ] \Device\Harddisk0\DR0\Partition1
22:54:58.0792 0x31e4 \Device\Harddisk0\DR0\Partition1 - ok
22:54:58.0792 0x31e4 [ FF165B729D518D417F850C974C3902E1 ] \Device\Harddisk0\DR0\Partition2
22:54:58.0792 0x31e4 \Device\Harddisk0\DR0\Partition2 - ok
22:54:58.0807 0x31e4 [ ABDCA2314E6FC04E6EF9535FDBA6DE71 ] \Device\Harddisk0\DR0\Partition3
22:54:58.0807 0x31e4 \Device\Harddisk0\DR0\Partition3 - ok
22:54:58.0807 0x31e4 [ 62B154E5B170E88FCB9B2F428F43AC8A ] \Device\Harddisk0\DR0\Partition4
22:54:58.0807 0x31e4 \Device\Harddisk0\DR0\Partition4 - ok
22:54:58.0807 0x31e4 [ 15A5EA3042868EE9DFC1A23691CBC892 ] \Device\Harddisk0\DR0\Partition5
22:54:58.0807 0x31e4 \Device\Harddisk0\DR0\Partition5 - ok
22:54:58.0807 0x31e4 [ 688F9118CDD78C4AFEE539952273074F ] \Device\Harddisk0\DR0\Partition6
22:54:58.0807 0x31e4 \Device\Harddisk0\DR0\Partition6 - ok
22:54:58.0823 0x31e4 [ B65A27BFCA19FB28C2F42495B4023A73 ] \Device\Harddisk0\DR0\Partition7
22:54:58.0823 0x31e4 \Device\Harddisk0\DR0\Partition7 - ok
22:54:58.0823 0x31e4 ================ Scan generic autorun ======================
22:54:58.0992 0x31e4 [ F7924502BDFBBD3AD2FAF913F159F0A2, 59217F1B6A3E7FB7BB4C806DB762282533C73A16845A3578DC93BCFA33867B5F ] C:\WINDOWS\RTFTrack.exe
22:54:59.0142 0x31e4 RtsFT - ok
22:54:59.0488 0x31e4 [ B2F0A328DB84D8DA9550D934AEEA927F, 8E157DA39875431280C43C6A704EEDD90182DCD467A1FB36BED78DBC4575A8B3 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
22:54:59.0806 0x31e4 RtHDVCpl - ok
22:54:59.0851 0x31e4 [ 375695D4C03B122C4329F2720A88986E, B4DD7A8B51BC10A5720A29B57DB8A404B82FF5B50F0556180FD15A0072F0078E ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
22:54:59.0882 0x31e4 RtHDVBg_Dolby - ok
22:54:59.0914 0x31e4 [ 375695D4C03B122C4329F2720A88986E, B4DD7A8B51BC10A5720A29B57DB8A404B82FF5B50F0556180FD15A0072F0078E ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
22:54:59.0936 0x31e4 RtHDVBg_LENOVO_MICPKEY - ok
22:54:59.0967 0x31e4 [ F3E1B4D249B9E2E820870A3C1ED82AC8, AA8BA7B6B0C064253289896CE5283F429C43A22E9D58DB687130899F1A09F8EF ] C:\WINDOWS\system32\igfxtray.exe
22:54:59.0967 0x31e4 IgfxTray - ok
22:55:00.0375 0x31e4 [ 64CA43FF218C71AB6EB709AD0341AF2B, 45C4FCCD9F5B12A54A6186F4C94CC55A80745B09A34D398C35FD48C9BF21E6A8 ] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
22:55:00.0723 0x31e4 Energy Manager - ok
22:55:00.0741 0x31e4 [ F0627CE818DA58BAE771DCD4669FA343, 070CE17C9DAC01CC5AE465DFA3FDD8A44ABF97AC8101ED238C96668027B6F10B ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
22:55:00.0743 0x31e4 Lenovo Utility - ok
22:55:00.0748 0x31e4 [ 968292958A5A507856B0E7025A73857D, 6151E8481C169F2C23812654FA425ECAB7780A0207D972DD2B8FE7F167B0F553 ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
22:55:00.0748 0x31e4 Classic Start Menu - ok
22:55:00.0795 0x31e4 [ 0DD231ADAEC8DD63F30FB07E5E335664, 5DF8FDFDC4BE8AF1E7E1CBCBA4D3784A4EF8A25A8CDEDBF44E87F3BBFE9C13F3 ] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
22:55:00.0811 0x31e4 COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} - ok
22:55:00.0864 0x31e4 [ DE497156D78772338D399895CC720860, 6FCF6C703D160E8C70B9123CE640625E310F33CA7BD6883B4A603BED6FFDD75E ] C:\Program Files\FileOpen\Services\FileOpenBroker64.exe
22:55:00.0896 0x31e4 FileOpenBroker - ok
22:55:00.0965 0x31e4 [ 3895C05252E7EC7EE65973775B4548B0, 5F397496D01CF77202BC44A9AF1A82142257698F18E8FF0CC4358A3406F86C79 ] C:\WINDOWS\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
22:55:01.0012 0x31e4 EKIJ5000StatusMonitor - ok
22:55:01.0012 0x31e4 SynTPEnh - ok
22:55:01.0012 0x31e4 WindowsDefender - ok
22:55:01.0012 0x31e4 Dropbox - ok
22:55:01.0027 0x31e4 Conime - ok
22:55:01.0096 0x31e4 [ 9F1CEEB223F341A4FAA78763FD9B2EAC, 7F4A0184B97C0907847D33BFD9358909FD10E52B631876BBA79383EC301D4D32 ] C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
22:55:01.0149 0x31e4 IseUI - ok
22:55:01.0227 0x31e4 [ 3895C05252E7EC7EE65973775B4548B0, 5F397496D01CF77202BC44A9AF1A82142257698F18E8FF0CC4358A3406F86C79 ] C:\WINDOWS\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
22:55:01.0249 0x31e4 EKIJ5000StatusMonitor - ok
22:55:01.0565 0x31e4 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
22:55:01.0796 0x31e4 OneDriveSetup - ok
22:55:02.0078 0x31e4 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
22:55:02.0216 0x31e4 OneDriveSetup - ok
22:55:02.0302 0x31e4 [ 642102CCB9EF737E188D136B93AB9A1F, 9BF47F3B3DAD7938C804C951FC81AC5C1EA8BDD94AB29630D5080CE797F3CC0F ] C:\Users\Selvi\AppData\Local\Microsoft\OneDrive\OneDrive.exe
22:55:02.0336 0x31e4 OneDrive - ok
22:55:02.0339 0x31e4 Waiting for KSN requests completion. In queue: 266
22:55:03.0400 0x31e4 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1066 ), 0x61100 ( enabled : updated )
22:55:03.0400 0x31e4 FW detected via SS2: COMODO Firewall, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 10.0.1.6223 ), 0x61010 ( enabled )
22:55:03.0548 0x31e4 ============================================================
22:55:03.0548 0x31e4 Scan finished
22:55:03.0548 0x31e4 ============================================================
22:55:03.0554 0x28d0 Detected object count: 0
22:55:03.0554 0x28d0 Actual detected object count: 0
22:55:11.0226 0x1a24 Deinitialize success
Geändert von Lisa.Ivles (05.05.2017 um 22:10 Uhr) |
|
05.05.2017, 22:04
| #5 |
| | WEB.de E-Mail-Account: Mail delivery failed Nachrichten, obwohl ich selber keine E-Mails geschrieben habe Log-Datei FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-05-2017 02
durchgeführt von Selvi (Administrator) auf SELVI-PC (05-05-2017 23:02:08)
Gestartet von C:\Users\Selvi\Desktop
Geladene Profile: Selvi (Verfügbare Profile: Selvi)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManager64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Windows\System32\igfxTray.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenBroker64.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-10-19] (Realtek semiconductor)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [401896 2016-11-05] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2015-01-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2015-01-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [164112 2015-05-16] (IvoSoft)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1487552 2017-04-23] (COMODO)
HKLM\...\Run: [FileOpenBroker] => C:\Program Files\FileOpen\Services\FileOpenBroker64.exe [1566200 2016-03-01] (FileOpen Systems Inc.)
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2045440 2016-07-07] (Eastman Kodak Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-09-09] (Synaptics Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-03-28] (Microsoft Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28432392 2017-05-01] (Dropbox, Inc.)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3386576 2017-03-31] (COMODO)
HKLM-x32\...\Run: [EKIJ5000StatusMonitor] => C:\WINDOWS\System32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2045440 2016-07-07] (Eastman Kodak Company)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2015-01-26]
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{daa1c4ef-0097-428d-8227-ae1d84ec2e63}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-453909624-3209935802-3352585122-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.netflix.de/
HKU\S-1-5-21-453909624-3209935802-3352585122-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-453909624-3209935802-3352585122-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-453909624-3209935802-3352585122-1001 -> {0AA24E16-07B3-4694-8357-3C21ACC5F516} URL = hxxps://de.search.yahoo.com/yhs/search?hspart=comodo&hsimp=yhs-com_chrome&type=7291_33220005005_4.29.402047.207_u_ds_sp&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-04-02] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-04-02] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-04-02] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-04-02] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-02] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: vwrlke5b.default
FF ProfilePath: C:\Users\Selvi\AppData\Roaming\Mozilla\Firefox\Profiles\vwrlke5b.default [2017-05-05]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\vwrlke5b.default -> Ecosia
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\vwrlke5b.default -> Web Search
FF Homepage: Mozilla\Firefox\Profiles\vwrlke5b.default -> hxxps://www.ecosia.org/
FF Extension: (Ecosia — The search engine that plants trees!) - C:\Users\Selvi\AppData\Roaming\Mozilla\Firefox\Profiles\vwrlke5b.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2016-10-14]
FF Extension: (Adblock Plus) - C:\Users\Selvi\AppData\Roaming\Mozilla\Firefox\Profiles\vwrlke5b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-29]
FF Extension: (Shield Recipe Client) - C:\Users\Selvi\AppData\Roaming\Mozilla\Firefox\Profiles\vwrlke5b.default\features\{d08a8d2b-d70c-47c1-869d-3f9a2c4c550c}\shield-recipe-client@mozilla.org.xpi [2017-05-03]
FF SearchPlugin: C:\Users\Selvi\AppData\Roaming\Mozilla\Firefox\Profiles\vwrlke5b.default\searchplugins\AdTrustMediaGeekbuddy.xml [2016-10-29]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-11-02] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-11-02] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-04-02] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-04-02] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-12] (Nitro PDF)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ChromodoUpdater; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [2304184 2016-04-11] (Comodo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3294920 2017-04-03] (Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10512032 2017-04-23] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-04-23] (COMODO)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-17] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-17] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [48944 2017-05-01] (Dropbox, Inc.)
R2 FileOpenManager; C:\Program Files\FileOpen\Services\FileOpenManager64.exe [380920 2016-03-01] (FileOpen Systems Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-05] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [118480 2017-03-31] (COMODO)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-01-26] (Lenovo(beijing) Limited)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872808 2015-12-03] (Maxthon)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-12] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-12] (Nitro PDF Software)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [161072 2013-08-07] (PointGrab LTD)
S4 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [345408 2013-08-07] (PointGrab LTD)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-25] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-09-09] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 CFRMD; C:\WINDOWS\System32\DRIVERS\CFRMD.sys [40224 2015-08-07] (Windows (R) Win 7 DDK provider)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [40960 2017-03-31] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [831504 2017-03-31] (COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-03-31] (COMODO)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-06-08] (Samsung Electronics Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230656 2017-02-02] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 INETMON; C:\WINDOWS\System32\Drivers\INETMON.sys [29088 2013-08-13] ()
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [129200 2017-03-31] (COMODO)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)
R0 mfedisk; C:\WINDOWS\System32\DRIVERS\mfedisk.sys [101872 2015-04-08] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8876248 2013-10-19] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-06-08] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-05 22:54 - 2017-05-05 22:55 - 00281134 _____ C:\TDSSKiller.3.1.0.15_05.05.2017_22.54.03_log.txt
2017-05-05 22:53 - 2017-05-05 22:53 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Selvi\Desktop\tdsskiller.exe
2017-05-05 18:35 - 2017-05-05 18:36 - 00126691 _____ C:\Users\Selvi\Desktop\Addition.txt
2017-05-05 18:33 - 2017-05-05 23:02 - 00026174 _____ C:\Users\Selvi\Desktop\FRST.txt
2017-05-05 18:32 - 2017-05-05 23:02 - 00000000 ____D C:\FRST
2017-05-05 18:32 - 2017-05-05 18:32 - 02429440 _____ (Farbar) C:\Users\Selvi\Desktop\FRST64.exe
2017-05-04 15:47 - 2017-05-04 15:47 - 00008167 _____ C:\Users\Selvi\Desktop\Klageerwiderung Anwaltsklausur VerwR.pdf
2017-05-04 15:46 - 2017-05-04 15:46 - 00106130 _____ C:\Users\Selvi\Desktop\RA Schriftsatz Beigeladener.pdf
2017-05-04 11:12 - 2017-05-04 11:12 - 00027574 _____ C:\Users\Selvi\Desktop\Mail Luther CleverFit.pdf
2017-05-03 15:42 - 2017-05-03 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-05-01 16:49 - 2017-05-01 16:49 - 00048944 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-05-01 15:20 - 2017-05-01 15:20 - 00143388 _____ C:\Users\Selvi\Desktop\JA 2012, 769 - beck-online.pdf
2017-04-25 17:37 - 2017-04-26 22:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-21 11:22 - 2017-04-21 11:22 - 00057144 _____ C:\Users\Selvi\Desktop\BGH JuS 2015, 363.pdf
2017-04-20 15:18 - 2017-04-20 15:18 - 00142895 _____ C:\Users\Selvi\Desktop\JA 2011, 49 - beck-online.pdf
2017-04-12 17:18 - 2017-03-28 08:05 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-12 17:18 - 2017-03-28 08:04 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-04-12 17:18 - 2017-03-28 08:04 - 02262776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-04-12 17:18 - 2017-03-28 07:59 - 06667520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-12 17:18 - 2017-03-28 07:58 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-04-12 17:18 - 2017-03-28 07:58 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-04-12 17:18 - 2017-03-28 07:58 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-04-12 17:18 - 2017-03-28 07:58 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-04-12 17:18 - 2017-03-28 07:58 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-04-12 17:18 - 2017-03-28 07:58 - 00961192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-12 17:18 - 2017-03-28 07:53 - 01414728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-04-12 17:18 - 2017-03-28 07:24 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-04-12 17:18 - 2017-03-28 07:20 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-04-12 17:18 - 2017-03-28 07:17 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-04-12 17:18 - 2017-03-28 07:11 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-04-12 17:18 - 2017-03-28 07:11 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-04-12 17:17 - 2017-03-28 09:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-04-12 17:17 - 2017-03-28 09:10 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-12 17:17 - 2017-03-28 08:32 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-04-12 17:17 - 2017-03-28 08:29 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-04-12 17:17 - 2017-03-28 08:28 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-04-12 17:17 - 2017-03-28 08:26 - 00218520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2017-04-12 17:17 - 2017-03-28 08:21 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-04-12 17:17 - 2017-03-28 08:20 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-04-12 17:17 - 2017-03-28 08:19 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-04-12 17:17 - 2017-03-28 08:18 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-04-12 17:17 - 2017-03-28 08:15 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-04-12 17:17 - 2017-03-28 08:11 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-04-12 17:17 - 2017-03-28 08:11 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-04-12 17:17 - 2017-03-28 08:10 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-04-12 17:17 - 2017-03-28 08:10 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-04-12 17:17 - 2017-03-28 08:09 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-04-12 17:17 - 2017-03-28 08:07 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-04-12 17:17 - 2017-03-28 08:06 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 22221368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 08168512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-04-12 17:17 - 2017-03-28 08:04 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-04-12 17:17 - 2017-03-28 08:04 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-04-12 17:17 - 2017-03-28 08:04 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-04-12 17:17 - 2017-03-28 08:04 - 00277344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-04-12 17:17 - 2017-03-28 08:04 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-04-12 17:17 - 2017-03-28 08:04 - 00116568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-04-12 17:17 - 2017-03-28 08:02 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-04-12 17:17 - 2017-03-28 08:02 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-04-12 17:17 - 2017-03-28 08:02 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-04-12 17:17 - 2017-03-28 07:59 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-04-12 17:17 - 2017-03-28 07:59 - 02533728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-04-12 17:17 - 2017-03-28 07:58 - 01851688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-04-12 17:17 - 2017-03-28 07:58 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-04-12 17:17 - 2017-03-28 07:58 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-04-12 17:17 - 2017-03-28 07:53 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-04-12 17:17 - 2017-03-28 07:52 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-04-12 17:17 - 2017-03-28 07:48 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-04-12 17:17 - 2017-03-28 07:42 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-04-12 17:17 - 2017-03-28 07:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-04-12 17:17 - 2017-03-28 07:41 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-04-12 17:17 - 2017-03-28 07:40 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-04-12 17:17 - 2017-03-28 07:40 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2017-04-12 17:17 - 2017-03-28 07:40 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-12 17:17 - 2017-03-28 07:39 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-04-12 17:17 - 2017-03-28 07:39 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-04-12 17:17 - 2017-03-28 07:38 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-04-12 17:17 - 2017-03-28 07:38 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-12 17:17 - 2017-03-28 07:38 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-04-12 17:17 - 2017-03-28 07:37 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apds.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-12 17:17 - 2017-03-28 07:36 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsecsnp.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys
2017-04-12 17:17 - 2017-03-28 07:35 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-04-12 17:17 - 2017-03-28 07:35 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-04-12 17:17 - 2017-03-28 07:35 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-04-12 17:17 - 2017-03-28 07:35 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-04-12 17:17 - 2017-03-28 07:35 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-12 17:17 - 2017-03-28 07:34 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-04-12 17:17 - 2017-03-28 07:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-04-12 17:17 - 2017-03-28 07:34 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-04-12 17:17 - 2017-03-28 07:34 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsmsnap.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-04-12 17:17 - 2017-03-28 07:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-04-12 17:17 - 2017-03-28 07:31 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-04-12 17:17 - 2017-03-28 07:31 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-04-12 17:17 - 2017-03-28 07:31 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-04-12 17:17 - 2017-03-28 07:31 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-04-12 17:17 - 2017-03-28 07:31 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-04-12 17:17 - 2017-03-28 07:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-04-12 17:17 - 2017-03-28 07:27 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-04-12 17:17 - 2017-03-28 07:27 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2017-04-12 17:17 - 2017-03-28 07:27 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-04-12 17:17 - 2017-03-28 07:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-04-12 17:17 - 2017-03-28 07:26 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-04-12 17:17 - 2017-03-28 07:26 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-04-12 17:17 - 2017-03-28 07:26 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-04-12 17:17 - 2017-03-28 07:26 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-04-12 17:17 - 2017-03-28 07:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-04-12 17:17 - 2017-03-28 07:26 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-04-12 17:17 - 2017-03-28 07:25 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-04-12 17:17 - 2017-03-28 07:25 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-04-12 17:17 - 2017-03-28 07:25 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-04-12 17:17 - 2017-03-28 07:25 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-04-12 17:17 - 2017-03-28 07:24 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-04-12 17:17 - 2017-03-28 07:24 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-04-12 17:17 - 2017-03-28 07:24 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-04-12 17:17 - 2017-03-28 07:24 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-04-12 17:17 - 2017-03-28 07:23 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-04-12 17:17 - 2017-03-28 07:23 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-04-12 17:17 - 2017-03-28 07:23 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-04-12 17:17 - 2017-03-28 07:23 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-04-12 17:17 - 2017-03-28 07:22 - 00516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2017-04-12 17:17 - 2017-03-28 07:22 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-04-12 17:17 - 2017-03-28 07:22 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-04-12 17:17 - 2017-03-28 07:22 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2017-04-12 17:17 - 2017-03-28 07:21 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-04-12 17:17 - 2017-03-28 07:21 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-04-12 17:17 - 2017-03-28 07:21 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-04-12 17:17 - 2017-03-28 07:21 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-04-12 17:17 - 2017-03-28 07:20 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-04-12 17:17 - 2017-03-28 07:20 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 07655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-04-12 17:17 - 2017-03-28 07:18 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-04-12 17:17 - 2017-03-28 07:18 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-04-12 17:17 - 2017-03-28 07:17 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-04-12 17:17 - 2017-03-28 07:17 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-04-12 17:17 - 2017-03-28 07:17 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-04-12 17:17 - 2017-03-28 07:16 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-04-12 17:17 - 2017-03-28 07:16 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-04-12 17:17 - 2017-03-28 07:16 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-04-12 17:17 - 2017-03-28 07:16 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-04-12 17:17 - 2017-03-28 07:15 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-04-12 17:17 - 2017-03-28 07:15 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-04-12 17:17 - 2017-03-28 07:14 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-04-12 17:17 - 2017-03-28 07:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-04-12 17:17 - 2017-03-28 07:11 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-04-12 17:17 - 2017-03-28 07:11 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-04-12 17:17 - 2017-03-28 07:11 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-04-12 17:17 - 2017-03-28 07:11 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-04-12 17:17 - 2017-03-28 07:11 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-04-12 17:17 - 2017-03-28 07:11 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-04-12 17:17 - 2017-03-28 07:10 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-04-12 17:17 - 2017-03-28 07:10 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-04-12 17:17 - 2017-03-28 07:10 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-04-12 17:17 - 2017-03-28 07:10 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-04-12 17:17 - 2017-03-28 07:10 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-04-12 17:17 - 2017-03-28 07:10 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-04-12 17:17 - 2017-03-28 07:09 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-04-12 17:17 - 2017-03-28 07:09 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-04-12 17:17 - 2017-03-28 07:09 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-04-12 17:17 - 2017-03-28 07:08 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-12 17:17 - 2017-03-28 07:08 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-04-12 17:17 - 2017-03-28 07:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-04-12 17:17 - 2017-03-28 07:06 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-04-12 17:17 - 2017-03-28 06:48 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-04-12 17:17 - 2017-03-16 06:38 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-04-12 17:16 - 2017-03-28 08:28 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-04-12 17:16 - 2017-03-28 08:26 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-04-12 17:16 - 2017-03-28 08:22 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-12 17:16 - 2017-03-28 08:12 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-04-12 17:16 - 2017-03-28 08:11 - 02187616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-12 17:16 - 2017-03-28 08:11 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-12 17:16 - 2017-03-28 08:11 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-12 17:16 - 2017-03-28 08:10 - 02758648 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-12 17:16 - 2017-03-28 08:10 - 01157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-04-12 17:16 - 2017-03-28 08:04 - 01276760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-12 17:16 - 2017-03-28 08:04 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-04-12 17:16 - 2017-03-28 08:04 - 00160088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-04-12 17:16 - 2017-03-28 08:00 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-04-12 17:16 - 2017-03-28 08:00 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-12 17:16 - 2017-03-28 07:41 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-04-12 17:16 - 2017-03-28 07:38 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-04-12 17:16 - 2017-03-28 07:37 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-12 17:16 - 2017-03-28 07:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2017-04-12 17:16 - 2017-03-28 07:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-04-12 17:16 - 2017-03-28 07:36 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-04-12 17:16 - 2017-03-28 07:35 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-04-12 17:16 - 2017-03-28 07:35 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-04-12 17:16 - 2017-03-28 07:34 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-04-12 17:16 - 2017-03-28 07:34 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-12 17:16 - 2017-03-28 07:33 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-04-12 17:16 - 2017-03-28 07:33 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-04-12 17:16 - 2017-03-28 07:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-04-12 17:16 - 2017-03-28 07:32 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-04-12 17:16 - 2017-03-28 07:31 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-04-12 17:16 - 2017-03-28 07:31 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-04-12 17:16 - 2017-03-28 07:30 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-04-12 17:16 - 2017-03-28 07:30 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-04-12 17:16 - 2017-03-28 07:30 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-04-12 17:16 - 2017-03-28 07:30 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-04-12 17:16 - 2017-03-28 07:30 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2017-04-12 17:16 - 2017-03-28 07:29 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-04-12 17:16 - 2017-03-28 07:29 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-12 17:16 - 2017-03-28 07:29 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-04-12 17:16 - 2017-03-28 07:29 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-04-12 17:16 - 2017-03-28 07:29 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-04-12 17:16 - 2017-03-28 07:29 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-04-12 17:16 - 2017-03-28 07:28 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-04-12 17:16 - 2017-03-28 07:28 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-04-12 17:16 - 2017-03-28 07:28 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-04-12 17:16 - 2017-03-28 07:28 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-04-12 17:16 - 2017-03-28 07:28 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-04-12 17:16 - 2017-03-28 07:27 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-04-12 17:16 - 2017-03-28 07:27 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-04-12 17:16 - 2017-03-28 07:27 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-04-12 17:16 - 2017-03-28 07:26 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-04-12 17:16 - 2017-03-28 07:26 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-04-12 17:16 - 2017-03-28 07:25 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-04-12 17:16 - 2017-03-28 07:25 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-04-12 17:16 - 2017-03-28 07:25 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-12 17:16 - 2017-03-28 07:24 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-12 17:16 - 2017-03-28 07:24 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-04-12 17:16 - 2017-03-28 07:23 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-04-12 17:16 - 2017-03-28 07:23 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-04-12 17:16 - 2017-03-28 07:21 - 23681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-12 17:16 - 2017-03-28 07:21 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-04-12 17:16 - 2017-03-28 07:21 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2017-04-12 17:16 - 2017-03-28 07:20 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-04-12 17:16 - 2017-03-28 07:20 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-12 17:16 - 2017-03-28 07:19 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-04-12 17:16 - 2017-03-28 07:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2017-04-12 17:16 - 2017-03-28 07:18 - 12181504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-12 17:16 - 2017-03-28 07:18 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-12 17:16 - 2017-03-28 07:18 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-04-12 17:16 - 2017-03-28 07:17 - 13087232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-12 17:16 - 2017-03-28 07:17 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-04-12 17:16 - 2017-03-28 07:15 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-04-12 17:16 - 2017-03-28 07:15 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-12 17:16 - 2017-03-28 07:15 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-04-12 17:16 - 2017-03-28 07:15 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-04-12 17:16 - 2017-03-28 07:15 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-04-12 17:16 - 2017-03-28 07:15 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-04-12 17:16 - 2017-03-28 07:14 - 08126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-12 17:16 - 2017-03-28 07:14 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-04-12 17:16 - 2017-03-28 07:14 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-04-12 17:16 - 2017-03-28 07:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-04-12 17:16 - 2017-03-28 07:14 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-12 17:16 - 2017-03-28 07:13 - 06045184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-04-12 17:16 - 2017-03-28 07:13 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-12 17:16 - 2017-03-28 07:13 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-12 17:16 - 2017-03-28 07:13 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-04-12 17:16 - 2017-03-28 07:13 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-04-12 17:16 - 2017-03-28 07:13 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-12 17:16 - 2017-03-28 07:13 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-04-12 17:16 - 2017-03-28 07:12 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-04-12 17:16 - 2017-03-28 07:12 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-04-12 17:16 - 2017-03-28 07:12 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-04-12 17:16 - 2017-03-28 07:12 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-04-12 17:16 - 2017-03-28 07:11 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-04-12 17:16 - 2017-03-28 07:10 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-12 17:16 - 2017-03-28 07:10 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-12 17:16 - 2017-03-28 07:10 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-12 17:16 - 2017-03-28 07:10 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-04-12 17:16 - 2017-03-28 07:10 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-04-12 17:16 - 2017-03-28 07:10 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-04-12 17:16 - 2017-03-28 07:09 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-04-12 17:16 - 2017-03-28 07:09 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-04-12 17:16 - 2017-03-28 07:09 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-04-12 17:16 - 2017-03-28 07:08 - 03612672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-12 17:16 - 2017-03-28 07:08 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-04-12 17:16 - 2017-03-28 07:08 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-12 17:16 - 2017-03-28 07:07 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-04-12 17:16 - 2017-03-28 07:07 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-04-12 17:16 - 2017-03-28 07:07 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2017-04-12 17:16 - 2017-03-28 07:06 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-04-12 17:16 - 2017-03-28 07:06 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-04-12 17:16 - 2017-03-28 07:05 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-12 17:16 - 2017-03-18 18:35 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-04-12 17:15 - 2017-03-28 08:36 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-04-12 17:15 - 2017-03-28 08:36 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-04-12 17:15 - 2017-03-28 08:36 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-04-12 17:15 - 2017-03-28 08:36 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-04-12 17:15 - 2017-03-28 08:36 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-04-12 17:15 - 2017-03-28 08:35 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-12 17:15 - 2017-03-28 08:20 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-04-12 17:15 - 2017-03-28 08:10 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-04-12 17:15 - 2017-03-28 08:10 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-04-12 17:15 - 2017-03-28 08:09 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-04-12 17:15 - 2017-03-28 08:09 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-04-12 17:15 - 2017-03-28 08:09 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-04-12 17:15 - 2017-03-28 08:08 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-04-12 17:15 - 2017-03-28 08:08 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-04-12 17:15 - 2017-03-28 08:08 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-04-12 17:15 - 2017-03-28 08:04 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-04-12 17:15 - 2017-03-28 07:58 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-04-12 17:15 - 2017-03-28 07:44 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-04-12 17:15 - 2017-03-28 07:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-04-12 17:15 - 2017-03-28 07:37 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2017-04-12 17:15 - 2017-03-28 07:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-04-12 17:15 - 2017-03-28 07:36 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-12 17:15 - 2017-03-28 07:35 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-04-12 17:15 - 2017-03-28 07:35 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-04-12 17:15 - 2017-03-28 07:34 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-04-12 17:15 - 2017-03-28 07:34 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-04-12 17:15 - 2017-03-28 07:34 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-04-12 17:15 - 2017-03-28 07:34 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-04-12 17:15 - 2017-03-28 07:33 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-04-12 17:15 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-04-12 17:15 - 2017-03-28 07:33 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-04-12 17:15 - 2017-03-28 07:33 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-04-12 17:15 - 2017-03-28 07:33 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-04-12 17:15 - 2017-03-28 07:32 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-04-12 17:15 - 2017-03-28 07:32 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-04-12 17:15 - 2017-03-28 07:31 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-04-12 17:15 - 2017-03-28 07:31 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-04-12 17:15 - 2017-03-28 07:31 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-04-12 17:15 - 2017-03-28 07:30 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-04-12 17:15 - 2017-03-28 07:30 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-04-12 17:15 - 2017-03-28 07:30 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-04-12 17:15 - 2017-03-28 07:28 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-04-12 17:15 - 2017-03-28 07:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-04-12 17:15 - 2017-03-28 07:27 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-04-12 17:15 - 2017-03-28 07:27 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2017-04-12 17:15 - 2017-03-28 07:27 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-04-12 17:15 - 2017-03-28 07:26 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-04-12 17:15 - 2017-03-28 07:25 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-04-12 17:15 - 2017-03-28 07:25 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-04-12 17:15 - 2017-03-28 07:25 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-04-12 17:15 - 2017-03-28 07:24 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-04-12 17:15 - 2017-03-28 07:23 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-04-12 17:15 - 2017-03-28 07:23 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-04-12 17:15 - 2017-03-28 07:19 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-04-12 17:15 - 2017-03-28 07:17 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-04-12 17:15 - 2017-03-28 07:17 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-04-12 17:15 - 2017-03-28 07:16 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-04-12 17:15 - 2017-03-28 07:16 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-04-12 17:15 - 2017-03-28 07:15 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-04-12 17:15 - 2017-03-28 07:14 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-04-12 17:15 - 2017-03-28 07:14 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-04-12 17:15 - 2017-03-28 07:14 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-04-12 17:15 - 2017-03-28 07:13 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-04-12 17:15 - 2017-03-28 07:12 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-04-12 17:15 - 2017-03-28 07:11 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-04-12 17:15 - 2017-03-28 07:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-04-12 17:15 - 2017-03-28 07:09 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-04-12 17:15 - 2017-03-28 07:09 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-04-12 17:15 - 2017-03-28 07:08 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-04-12 17:15 - 2017-03-18 18:50 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-04-12 17:15 - 2017-03-16 06:47 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-04-12 16:59 - 2017-04-12 16:59 - 00101716 _____ C:\Users\Selvi\Desktop\Entscheidung-des-Monats-04-2017.pdf
2017-04-12 11:52 - 2017-04-25 17:35 - 00002256 _____ C:\Users\Public\Desktop\COMODO Firewall 10.lnk
2017-04-12 08:31 - 2017-04-23 00:28 - 00230592 _____ (COMODO) C:\WINDOWS\system32\cmdshim64.dll
2017-04-12 08:31 - 2017-04-23 00:26 - 00194752 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdshim32.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-05 23:01 - 2016-12-02 19:05 - 00000000 ____D C:\Users\Selvi\AppData\LocalLow\Mozilla
2017-05-05 22:48 - 2016-11-04 19:37 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-05 22:48 - 2015-09-09 23:33 - 00000000 __SHD C:\Users\Selvi\IntelGraphicsProfiles
2017-05-05 19:48 - 2015-11-05 23:37 - 00000000 ____D C:\Users\Selvi\Documents\Outlook-Dateien
2017-05-05 19:45 - 2015-06-06 20:28 - 00000000 ____D C:\Users\Selvi\AppData\Local\Packages
2017-05-05 18:36 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-05-05 18:05 - 2016-11-04 19:32 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-05 17:27 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-05 17:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-05 17:19 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-05 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-05 17:15 - 2015-06-17 21:52 - 00000000 ____D C:\ProgramData\Kodak
2017-05-04 15:58 - 2017-03-01 17:08 - 00011387 _____ C:\Users\Selvi\Desktop\Lernplan.xlsx
2017-05-04 15:47 - 2015-07-20 17:31 - 00000000 ____D C:\Users\Selvi\AppData\Roaming\Nitro PDF
2017-05-04 12:11 - 2017-03-28 08:48 - 00000000 ____D C:\Users\Selvi\Desktop\Unterlagen Daniel
2017-05-04 12:06 - 2015-08-14 22:22 - 00000000 ____D C:\Users\Selvi\AppData\Local\Spotify
2017-05-04 12:06 - 2015-08-14 22:21 - 00000000 ____D C:\Users\Selvi\AppData\Roaming\Spotify
2017-05-03 15:42 - 2015-06-11 11:05 - 00000000 ___RD C:\Users\Selvi\Dropbox
2017-05-03 15:42 - 2015-06-11 11:02 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-04-28 17:30 - 2016-07-17 00:51 - 01390030 _____ C:\WINDOWS\system32\perfh007.dat
2017-04-28 17:30 - 2016-07-17 00:51 - 00356602 _____ C:\WINDOWS\system32\perfc007.dat
2017-04-28 17:30 - 2015-09-09 21:12 - 02948740 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-28 17:27 - 2016-11-04 20:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-28 17:26 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-04-26 22:05 - 2015-06-07 11:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-26 22:04 - 2015-08-10 15:27 - 00007926 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2017-04-23 00:31 - 2015-04-01 18:48 - 00051808 _____ (COMODO) C:\WINDOWS\system32\cmdcsr.dll
2017-04-23 00:30 - 2015-04-01 18:48 - 00942792 _____ (COMODO) C:\WINDOWS\system32\guard64.dll
2017-04-23 00:30 - 2015-04-01 18:48 - 00733456 _____ (COMODO) C:\WINDOWS\SysWOW64\guard32.dll
2017-04-23 00:28 - 2015-04-01 18:47 - 00457408 _____ (COMODO) C:\WINDOWS\system32\cmdvrt64.dll
2017-04-23 00:26 - 2015-04-01 18:45 - 00363200 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdvrt32.dll
2017-04-22 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2017-04-21 18:12 - 2015-08-18 12:22 - 00000000 ____D C:\Users\Selvi\Desktop\Ref
2017-04-19 11:16 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-04-19 09:03 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-19 09:01 - 2015-01-26 03:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-04-18 10:40 - 2016-12-18 19:35 - 00003276 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-18 10:39 - 2015-09-09 23:36 - 00002433 _____ C:\Users\Selvi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-18 10:39 - 2015-06-06 20:34 - 00000000 __RDO C:\Users\Selvi\OneDrive
2017-04-13 22:12 - 2015-06-17 11:02 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-04-13 22:11 - 2016-11-04 20:07 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-04-13 09:16 - 2015-06-07 03:21 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-13 09:15 - 2016-11-04 19:41 - 00000000 ____D C:\Users\Selvi
2017-04-13 09:00 - 2016-11-04 19:31 - 00355608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-13 08:56 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-04-12 23:16 - 2015-06-08 00:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-12 23:11 - 2015-06-08 00:05 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-12 08:36 - 2016-11-04 20:07 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2017-04-12 08:34 - 2015-06-06 21:29 - 00000000 ____D C:\Users\Selvi\AppData\Local\ClassicShell
2017-04-12 08:31 - 2016-11-04 20:08 - 00003140 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2017-04-08 10:11 - 2015-08-06 21:14 - 00532136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-09-18 19:45 - 2016-10-13 15:55 - 0285510 _____ () C:\Program Files (x86)\lizenzvertrag.pdf
2016-04-14 10:33 - 2016-04-14 10:34 - 0016084 _____ () C:\Users\Selvi\AppData\Local\clear.log
2016-04-14 11:41 - 2016-04-14 11:41 - 0000236 _____ () C:\Users\Selvi\AppData\Local\LaunchHomeCenter.log
2015-12-18 19:58 - 2015-12-18 19:58 - 0000000 _____ () C:\Users\Selvi\AppData\Local\{A0359E3F-99E8-48D5-A237-82810DA8B900}
2015-12-18 20:04 - 2015-12-18 20:04 - 0000000 _____ () C:\Users\Selvi\AppData\Local\{BB34A00B-2C5B-4C00-9298-0DE81EC8170A}
2015-12-21 18:49 - 2015-12-21 18:49 - 0000000 _____ () C:\Users\Selvi\AppData\Local\{EF70DC41-1585-486E-BFB5-C6A6B2553D3B}
2016-11-04 19:36 - 2016-11-04 19:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
2017-03-31 16:42 - 2017-03-31 16:42 - 3866608 _____ (COMODO) C:\Users\Selvi\AppData\Local\Temp\ise_installer.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-04 14:08
==================== Ende von FRST.txt ============================
Geändert von Lisa.Ivles (05.05.2017 um 22:11 Uhr) |
|
05.05.2017, 22:06
| #6 |
| | WEB.de E-Mail-Account: Mail delivery failed Nachrichten, obwohl ich selber keine E-Mails geschrieben habe Log Datei Addition.txt Teil 1 Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-05-2017 02
durchgeführt von Selvi (05-05-2017 23:02:49)
Gestartet von C:\Users\Selvi\Desktop
Windows 10 Home Version 1607 (X64) (2016-11-04 18:13:02)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-453909624-3209935802-3352585122-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-453909624-3209935802-3352585122-503 - Limited - Disabled)
Gast (S-1-5-21-453909624-3209935802-3352585122-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-453909624-3209935802-3352585122-1003 - Limited - Enabled)
Selvi (S-1-5-21-453909624-3209935802-3352585122-1001 - Administrator - Enabled) => C:\Users\Selvi
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.20) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
Anki (HKLM-x32\...\Anki) (Version: - )
Benutzerhandbücher (x32 Version: 3.0.0.3 - Lenovo) Hidden
C4USelfUpdater (x32 Version: 1.00.0000 - Your Company Name) Hidden
Chromodo (HKLM-x32\...\Chromodo) (Version: 48.12.18.254 - Comodo)
Classic Shell (HKLM\...\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}) (Version: 4.2.1 - IvoSoft)
COMODO Firewall (HKLM\...\{73830292-868E-4C82-9AF5-CCFE2047B6A3}) (Version: 10.0.1.6223 - COMODO Security Solutions Inc.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 25.4.28 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.5.20601 - Landesfinanzdirektion Thüringen)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.32 - Lenovo)
Energy Manager (x32 Version: 1.0.0.32 - Lenovo) Hidden
essentials (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
FileOpen Client B969 (HKLM\...\FileOpenClient_is1) (Version: B969 - FileOpen Systems, Inc.)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Host App Service (HKU\S-1-5-21-453909624-3209935802-3352585122-1001\...\Pokki) (Version: 0.269.7.783 - Pokki)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{8B4EA042-9E21-46FB-8286-225F4D51CC52}) (Version: 4.2.41.2710 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{b9007812-6a61-4dfc-8a0c-4c726c7dc43f}) (Version: 17.0.1 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.1.413499.43 - Comodo)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{A7B68D5F-A468-493F-AD3D-625001293E19}) (Version: 2.0.0.0807 - Ihr Firmenname)
Lenovo Motion Control (x32 Version: 2.0.0.0807 - Ihr Firmenname) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo Photo Master (x32 Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.1.3000 - Maxthon International Limited)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: - )
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7369.2127 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-453909624-3209935802-3352585122-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 53.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 de)) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.0.6312 - Mozilla)
Nitro Pro 9 (HKLM\...\{4C32F7E8-A65F-4D3C-9153-9F3B57CB6872}) (Version: 9.0.5.9 - Nitro)
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7369.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7369.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7369.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7369.2127 - Microsoft Corporation) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7133 - Realtek Semiconductor Corp.)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-453909624-3209935802-3352585122-1001\...\Spotify) (Version: 1.0.47.13.gd8e05b1f - Spotify AB)
Start Menu (HKU\S-1-5-21-453909624-3209935802-3352585122-1001\...\Pokki_Start_Menu) (Version: 0.269.7.783 - Pokki)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0415E40A-0BF0-4EBF-B86C-B93E132421EE} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-23] (COMODO)
Task: {0C5B71D1-BE52-48D7-9641-C3B18298ACF5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {3F63CB59-A13C-4DAC-BF99-6DA6DFC2773A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {412BF28B-AA9E-4731-B0C8-017F3F775ED4} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {511D110D-0F01-43F9-929E-965D70AE91D8} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2014-07-31] (Maxthon International ltd.)
Task: {515B696F-7CAB-477A-8C11-79A224B55FCC} - \WPD\SqmUpload_S-1-5-21-453909624-3209935802-3352585122-1001 -> Keine Datei <==== ACHTUNG
Task: {56DA2173-AFA1-450A-A178-6D8396056013} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] ()
Task: {5F191795-AC39-41EE-80A8-AA8AB5363A9A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {6892257B-F709-4145-8298-AE3457DF6566} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {68C321D3-599C-4F73-BA68-E66EDAC8DF05} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-03] (Microsoft Corporation)
Task: {6C9BF9A8-40EE-44E0-9E4D-5A8628A2E6DF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {7A0A4FFF-177A-4538-96DD-460319E5E44C} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {7B9BAA7A-2B49-4B3A-A64E-607902BF68F9} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-23] (COMODO)
Task: {7DC58543-A034-4E3B-9DB6-46BFB86BFC46} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Selvi\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {966D3805-9DB1-4C65-9C80-5ACB4ACA0120} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {970C4222-CE49-4DE3-9893-882709250672} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-17] (Dropbox, Inc.)
Task: {9889E76D-3FC4-4C61-B9E4-ADFD56244525} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-02-02] (Adobe Systems Incorporated)
Task: {A6B795F3-CC09-43FF-9D5A-957D2C48E6F4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {AB401EE7-0F94-4ABC-BE37-EFAA1CFECADA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-03] (Microsoft Corporation)
Task: {B476C716-D342-4477-B06C-6D0CEFC8C12B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {BE40754E-FBB7-43DB-9BDF-6FB53CCC826D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {C2666B86-C350-4660-B366-40BDA3C10AEB} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-04-04] (Microsoft Corporation)
Task: {C6267AD8-DD18-43BD-91BD-5E6D3CFB77D2} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {CF3FE135-B1B3-484D-998A-4564AFEDFBA7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {D21325B7-E8A1-45D0-AFED-211F5223FEA0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-04-04] (Microsoft Corporation)
Task: {E6DC53C2-E80A-4F61-BD13-2BA7228EFF7F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-17] (Dropbox, Inc.)
Task: {E77FC924-86BC-4A67-8DA5-05F0B3350185} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {E96519A1-727E-4BE7-93A7-3B5B35167E78} - System32\Tasks\Pokki => %LOCALAPPDATA%\Pokki\Engine\ServiceHostAppUpdater.exe
Task: {F0A66EE3-9411-480A-9E8A-AC6B955C9FC6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-04-04] (Microsoft Corporation)
Task: {F4830ECB-2621-432D-8DD8-CDE2ECAAF893} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {F8A28044-9DF3-4701-804A-8F6337405927} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {FC1B9B7D-9F6C-4F2B-A0BC-40133EBE6D84} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {FEDA3E07-44AA-4212-986C-AE1848A6331F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-02] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job =>
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-04-12 08:31 - 2017-04-23 00:28 - 00156352 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
2015-04-01 18:46 - 2017-04-23 00:27 - 00107200 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2015-04-01 18:46 - 2017-04-23 00:27 - 00244928 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2015-01-26 03:43 - 2012-04-25 04:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2013-12-04 09:44 - 2013-12-04 09:44 - 00200168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-12-04 09:44 - 2013-12-04 09:44 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-12-04 09:44 - 2013-12-04 09:44 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-12 17:16 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2017-04-12 17:16 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-12 17:16 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-11-04 19:23 - 2016-11-04 19:23 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-16 18:36 - 2017-03-16 18:36 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-16 18:37 - 2017-03-16 18:37 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-16 18:37 - 2017-03-16 18:37 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-16 18:37 - 2017-03-16 18:37 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-12 17:16 - 2017-03-28 07:07 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-04-12 17:16 - 2017-03-28 07:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-12 17:16 - 2017-03-28 07:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-05-01 14:59 - 2017-05-01 14:59 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-01 14:59 - 2017-05-01 14:59 - 00190464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-01 14:59 - 2017-05-01 14:59 - 43012096 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-01 14:59 - 2017-05-01 14:59 - 02451456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\skypert.dll
2016-05-27 15:50 - 2016-11-05 20:11 - 00401896 _____ () C:\Windows\System32\igfxTray.exe
2017-04-17 10:20 - 2017-04-13 01:50 - 00018904 _____ () C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
2015-01-26 02:58 - 2013-09-04 17:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-05-03 15:42 - 2017-05-01 16:44 - 00870720 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-04-17 10:20 - 2017-04-13 01:43 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-04-17 10:20 - 2017-04-13 01:43 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-04-17 10:20 - 2017-04-13 01:43 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-04-17 10:20 - 2017-05-01 16:48 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-04-17 10:20 - 2017-04-13 01:44 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-04-17 10:20 - 2017-04-13 01:43 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-05-03 15:42 - 2017-04-13 01:43 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-05-03 15:42 - 2017-04-13 01:44 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-05-03 15:42 - 2017-04-13 01:43 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-04-17 10:20 - 2017-04-13 01:46 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-05-03 15:42 - 2017-04-13 01:43 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-05-03 15:42 - 2017-04-13 01:46 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-04-17 10:20 - 2017-04-13 01:45 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-04-17 10:20 - 2017-04-13 01:44 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-05-03 15:42 - 2017-04-13 01:37 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-05-03 15:42 - 2017-05-01 16:48 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-05-03 15:42 - 2017-03-22 03:42 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-05-03 15:42 - 2017-05-01 16:48 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-04-17 10:20 - 2017-05-01 16:49 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-05-03 15:42 - 2017-04-13 01:50 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-05-03 15:42 - 2017-04-13 01:50 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-05-03 15:42 - 2017-05-01 16:48 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\WINDOWS\explorer.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\regedit.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\splwow64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\accountaccessor.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aclui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ActionCenter.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ActionCenterCPL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ActivationManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ActiveSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aepic.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aitstatic.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppCapture.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\appinfo.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ApplicationFrame.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppointmentApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppReadiness.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\appwiz.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppXApplicabilityBlob.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppxPackaging.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AudioEndpointBuilder.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\audiosrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AudioSrvPolicyManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AuthHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\authui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\autoplay.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BackgroundMediaPolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\basecsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bcastdvr.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BcastDVRHelper.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bcdedit.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bcrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bdesvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bdeui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bdeunlock.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\BingMaps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bisrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BitLockerDeviceEncryption.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\biwinrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BluetoothApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BluetoothDesktopHandlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BootMenuUX.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bootux.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\browserbroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BrowserSettingSync.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BthRadioMedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CameraCaptureUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpusersvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cemapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\certprop.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CfgSPCellular.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\chartv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ChatApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ci.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ClipUp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cloudAP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CloudBackupSettings.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CloudStorageWizard.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clusapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cmifw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cmintegrator.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\combase.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\comdlg32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\common_clang64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CompatTelRunner.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ConsoleLogon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ContactApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CredProvDataModel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\credprovhost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\credprovs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\credprovslegacy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\crypt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cryptngc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CspCellularSettings.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3d10warp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3d11.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3D12.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3d9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dab.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dafBth.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DafPrintProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DataExchange.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DataSenseHandlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DavSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\daxexec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dbgeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dcntel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ddraw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ddrawex.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DeviceCensus.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DeviceCenter.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DeviceEnroller.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DeviceFlows.DataModel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DevicePairing.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DevicePairingFolder.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DeviceReactivation.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dhcpcore6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dialclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dialserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\difx64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\discan.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Display.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dmenrollengine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DMRServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dnsapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dnsrslvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DolbyDecMFT.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\domgmt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dpapisrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyAppv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\drvstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dsreg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dsregcmd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DuCsps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dui70.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dwmcore.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DWrite.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\dxgi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DXP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EAMProgressHandler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\easwrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EditBufferTestHook.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EditionUpgradeHelper.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EditionUpgradeManagerObj.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EDPCleanup.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\efsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EKIJ5000MON.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EKIJCOINST09.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\energy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EnterpriseAPNCsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ErrorDetailsUpdate.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\esent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\esentutl.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ExplorerFrame.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ExSMime.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\facecredentialprovider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Family.Authentication.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ffbroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fhcfg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fhcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fhsettingsprovider.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\FntCache.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fontext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FrameServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FSClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fveapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fveapibase.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fvecpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fvenotify.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fveui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fvewiz.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\GamePanelExternalHook.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\gameux.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\gdi32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\GdiPlus.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\generaltel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GfxResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GfxUIEx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv4_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GlobCollationHost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\gpapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\gpsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hal.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hevcdecoder.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hgcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hpovst11.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hppldcoi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hpwtiop4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hpwwiax5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\HttpsDataSource.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hvloader.efi:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hvloader.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\ibtproppage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\icfupgd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\icm32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\icsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\icsvcext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IdCtrls.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iepeers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ieproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ig75icd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10idpp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10iumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd11dxva64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd12umd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdail64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdbcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdde64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\igdfcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdrcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdumdim64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdusc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfx11cmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmjit64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v4531.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCPL.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIServicePS.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDH.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDTCM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxexps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxext.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxOSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDK.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhcp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhsip64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\imapi2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\imapi2fs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ImplatSetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\inetcomm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\InputLocaleManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\InputService.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelCpHDCPSvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelOpenCL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCComp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\internetmail.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IPHLPAPI.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iphlpsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ipnathlp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iprtrmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iscsiwmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\JpMapControl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\jscript9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KnobsCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KnobsCsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\LaunchWinApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ListSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\LocationFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\LockAppBroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\LockAppHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\LogonController.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\lpremove.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\lsasrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\lsm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\main.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\manage-bde.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MapConfiguration.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MapControlCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MapGeocoder.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MapRouter.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MapsBtSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MapsStore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MCCSEngineShared.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MDMAppInstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mdmregistration.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfaudiocnv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MFCaptureEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfds.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfksproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfmkvsrcsnk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfnetsrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MFPlay.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfreadwrite.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfsensorgroup.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfsvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\microsoft-windows-system-events.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\migisol.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mispace.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mmc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MMDevAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\modernexecserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\moshost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\moshostcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MosStorage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mprapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mprddm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mprdim.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MPSSVC.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MrmCoreR.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MSAC3ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MSAudDecMFT.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mscandui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msctf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msctfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msctfui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msdtcprx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msdtcuiu.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msftedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msinfo32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mspaint.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MSPhotography.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mssitlb.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mssph.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mssphtb.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mssrch.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\mssvp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mstsc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msutb.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msv1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MSVidCtl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MSVideoDSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msvproc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MSVPXENC.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msxml3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MultiDigiMon.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ncsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\netiohlp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\netiougc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\netplwiz.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\NetSetupApi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetSetupEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetSetupShim.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetSetupSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\netshell.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nettrace.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\NetworkCollectionAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetworkDesktopSettings.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetworkMobileSettings.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetworkUXBroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NfcRadioMedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ngccredprov.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NgcCtnr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NgcCtnrGidsHandler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NgcCtnrSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ngcsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nlasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nltest.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NMAA.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NotificationController.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NPSM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nshwfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ntshrui.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\offlinesam.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\offreg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OnDemandConnRouteHelper.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OpenCL.DLL:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\pcasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PCPTpm12.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\pdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PhotoScreensaver.scr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PimIndexMaintenance.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Pimstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\pnidui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\policymanager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\powercfg.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PrintDialogs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PrintDialogs3D.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PrintRenderAPIHost.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PrintWSDAHost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\profsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\provengine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\provops.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ProvPluginEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ProvSysprep.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PsmServiceExtHost.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\puiapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\pwrshplugin.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\qmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RADCUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\rasapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\rascustom.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\rasgcw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\rasmans.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\rdpcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ReAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ReAgentc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RelPost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\remoteaudioendpoint.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RemoteNaturalLanguage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ReportingCSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\reseteng.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ResetEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\resutils.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RjvMDMConfig.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RMapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\rshx32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkGuiCompLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTWorkQ.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\samsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ScDeviceEnum.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\scksp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sdengin2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SearchFilterHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SearchFolder.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SearchIndexer.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SearchProtocolHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SecConfig.efi:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\securekernel.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\sendmail.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Sens.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SensorDataService.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SensorService.dll:$CmdTcID [64]
Geändert von Lisa.Ivles (05.05.2017 um 22:15 Uhr) |
|
05.05.2017, 22:07
| #7 |
| | WEB.de E-Mail-Account: Mail delivery failed Nachrichten, obwohl ich selber keine E-Mails geschrieben habe Log Datei Addition.txt Teil 2 Code:
ATTFilter AlternateDataStreams: C:\WINDOWS\system32\services.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SessEnv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_Flights.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingSync.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingSyncHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\setupugc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SHCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\shdocvw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\shutdownux.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\skci.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\smphost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SndVolSSO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SpaceAgent.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SpaceControl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\spaceman.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SpeechPal.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\spoolsv.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sppcext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sppnp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sppsvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sppwinob.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRH.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRHInproc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sspicli.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\stobject.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\storagewmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\StorSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\StructuredQuery.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sud.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SyncCenter.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\systemreset.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SystemSettings.Handlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Tabbtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tabcal.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\TabletPC.cpl:$CmdTcID [32]
AlternateDataStreams: C:\WINDOWS\system32\tapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\taskbarcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tbauth.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\TextInputFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\themecpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\thumbcache.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\timedate.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\TokenBrokerCookies.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\TpmCoreProvisioning.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\TpmTasks.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tquery.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\TSpkg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\twinapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\twinui.appcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\twinui.pcshell.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tzautoupdate.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ubpm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\uDWM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UIAnimation.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UIAutomationCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UIRibbon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\umpoext.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Unistore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\uReFS.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usbmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usercpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UserDataService.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UserLanguagesCpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usermgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usoapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\VCardParser.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vds.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\VEStoreEventHandlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vmrdvcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vpnike.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\VPNv2CSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vssapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\VSSVC.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wbengine.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\wbiosrvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wcmsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wcnwiz.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wc_storage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\webio.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\werconcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\weretw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\werui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wevtsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wfdprov.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wifinetworkmanager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wifitask.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\win32k.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\win32spl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wincorlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Cortana.Desktop.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Cortana.OneCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Energy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Networking.HostName.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Networking.Vpn.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.StateRepository.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Storage.Search.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.BioFeedback.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.CredDialogController.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Immersive.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Logon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Shell.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Xaml.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winhttp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wininetlui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winload.efi:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winload.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winlogon.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winresume.efi:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winresume.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WinSCard.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WinSetupUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winspool.drv:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\wintrust.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wkssvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlanapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlancfg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WlanMediaManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlansec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlansvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlanui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlidprov.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlidsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WMPDMC.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wmpdxm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wmpeffects.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wmpshell.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WordBreakers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WorkFolders.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WorkfoldersControl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WorkFoldersGPExt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WorkFoldersShell.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\workfolderssvc.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\wow64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Wpc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WpcMon.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WpcRefreshTask.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WpcTok.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wpncore.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\wpnprv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wpx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wscinterop.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wscsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wsecedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WsmSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wsp_fs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wsp_health.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wsp_sr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wups.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WWAHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WWanAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wwanconn.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wwanmm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wwansvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XblAuthManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XblGameSaveExt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XboxNetApiSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XInputUap.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\zipfldr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\accountaccessor.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aclui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ActionCenterCPL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ActivationManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aepic.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AppCapture.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AppointmentApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\appwiz.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AppxPackaging.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AuthExt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\authui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\autoplay.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\azroleui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BackgroundMediaPolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\basecsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BcastDVRHelper.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\bcrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BingMaps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\biwinrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BluetoothApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BrowserSettingSync.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CameraCaptureUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\cemapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Chakradiag.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\chartv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ChatApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ClipboardServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CloudBackupSettings.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CloudStorageWizard.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\clusapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\cmifw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\combase.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\comdlg32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\common_clang32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ContactApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\credprovhost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\credprovs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\credprovslegacy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\crypt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\cryptngc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d2d1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3d10warp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3d11.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3D12.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3d8.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3d9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DafPrintProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DataExchange.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DavSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\daxexec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dbgeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ddraw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ddrawex.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DevicePairing.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dhcpcore6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dnsapi.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DolbyDecMFT.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\drvstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dsreg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dtdump.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DWrite.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dxgi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\EditBufferTestHook.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\efsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\EmailApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\esent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\esentutl.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\explorer.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ExplorerFrame.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\findnetprinters.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\fontext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\FSClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GamePanelExternalHook.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\gameux.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\gdi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GdiPlus.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GlobCollationHost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\gpapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\hevcdecoder.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\hgcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\icm32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iepeers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ig75icd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10idpp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10iumd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd11dxva32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd12umd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdail32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdbcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdde32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdfcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdrcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdumdim32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdusc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfx11cmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmjit32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxexps32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhcp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhsip32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\imapi2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\imapi2fs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\inetcomm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\input.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\InputLocaleManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelOpenCL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IPHLPAPI.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iprtrmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iscsiwmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ise_installer.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\JpMapControl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\jscript9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\jscript9diag.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LaunchWinApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LicenseManagerApi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LockAppBroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LockAppHost.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LogonController.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\main.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MapConfiguration.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MapControlCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MapGeocoder.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MapRouter.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MapsBtSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MCCSEngineShared.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mdmregistration.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfaudiocnv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfds.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfksproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MFPlay.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfreadwrite.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfsensorgroup.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfsvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\migisol.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mispace.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mmc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MMDevAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MosStorage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mprapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mprddm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mprdim.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MrmCoreR.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MSAC3ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mscandui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mscms.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msctf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msctfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msctfui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msdtcuiu.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msftedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msinfo32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MSPhotography.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mssitlb.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mssph.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mssphtb.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mssrch.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mssvp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msutb.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msv1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MSVidCtl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MSVP9DEC.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvproc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MSVPXENC.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msxml3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mtxclu.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\netiohlp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\netiougc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NetSetupApi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NetSetupEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NetSetupShim.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NetworkCollectionAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ngccredprov.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NMAA.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NPSM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nshwfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ntshrui.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\offlinesam.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\offreg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OneDriveSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenCL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PCPTpm12.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\pdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PhotoScreensaver.scr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Pimstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\policymanager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\powercfg.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PrintDialogs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ProximityCommon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\puiapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\puiobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\pwrshplugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\rasapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\rasgcw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\rdpcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\rdpencom.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ReAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ReAgentc.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\regedit.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\resutils.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RTWorkQ.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\scksp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SearchFilterHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SearchFolder.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SearchIndexer.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SearchProtocolHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\sendmail.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SessEnv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSync.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSyncHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\setupugc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SHCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\smphost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SndVolSSO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\sppcext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\sspicli.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\stobject.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\storagewmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\sud.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\systemcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\tapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\tbauth.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\tcpipcfg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TempSignedLicenseExchangeTask.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TextInputFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\themecpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\thumbcache.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\tquery.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\tsmf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TSpkg.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\twinapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\twinui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\UIAnimation.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\UIAutomationCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\UIRibbon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Unistore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\uReFS.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\usercpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\VCardParser.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vssapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wcnwiz.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\webio.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\weretw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wfdprov.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\win32k.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wincorlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Energy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Gaming.UI.GameBar.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.StateRepository.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Search.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\winhttp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wininetlui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\winmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WinSCard.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\winspool.drv:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wintrust.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wlanapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wlancfg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wlanui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wlidprov.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WMPDMC.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wmpdxm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wmpeffects.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wmpshell.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WordBreakers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Wpc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WPDShServiceObj.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wscinterop.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wsecedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wsp_fs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wsp_health.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wsp_sr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WWAHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WWanAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XInputUap.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xolehlp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zipfldr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\afd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ahcache.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bowser.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\BthLEEnum.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bthpan.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bthport.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\capimg.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\CFRMD.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Classpnp.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\clfs.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\cmimcext.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\crashdmp.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dam.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dfsc.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dumpsd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgmms2.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\fastfat.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\fvevol.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hidclass.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\http.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hvsocket.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ibtusb.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\igdkmd64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\iorate.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IPMIDrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\kbdhid.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ks.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbam.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbamchameleon.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\MegaSas2i.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\modem.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxdav.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxsmb.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxsmb10.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxsmb20.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mskssrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mwac.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ntfs.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nwifi.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\partmgr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\pci.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\pdc.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rdbss.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdbus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\spaceport.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\srv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\srv2.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssudbus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssudmdm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\storahci.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\stornvme.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\storport.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tcpipreg.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tdx.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tpm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbscan.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vhdmp.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vmbkmcl.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vmbkmclr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vpci.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wcifs.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\WdiWiFi.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\winhvr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\xboxgip.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Selvi\Desktop\aio_install(1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Selvi\Desktop\aio_install(1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Selvi\Desktop\ElsterFormular-17.4.37.20160609p.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Selvi\Desktop\ElsterFormular-17.4.37.20160609p.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Selvi\Desktop\FileOpenInstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Selvi\Desktop\FileOpenInstaller.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Selvi\Desktop\KfZ Schäden Anika.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Selvi\Desktop\KfZ Schäden Anika.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Selvi\Desktop\OneDriveSetup.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Selvi\Desktop\OneDriveSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Selvi\Downloads\SpotifySetup_1.0.11.134.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Selvi\Documents\514984_Con_gusto_A1_Loesungen_EB.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Selvi\Documents\514984_Con_gusto_A1_Loesungen_EB.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Selvi\Documents\freebie_ordneretiketten_dotsandstripesde.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Selvi\Documents\freebie_ordneretiketten_dotsandstripesde.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Selvi\Documents\kleines-Rezeptpaket-schnelle-rezepte-on-the-run.pdf:$CmdZnID [26]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-453909624-3209935802-3352585122-1001\...\sharepoint.com -> hxxps://umuenster-files.sharepoint.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2015-08-06 20:54 - 00000826 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-453909624-3209935802-3352585122-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Selvi\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img9.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{C26461E9-3139-463D-A858-D618E9455F6B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{1BA9EFFA-47BE-4265-A7EF-E4E69578A699}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{2DC121A1-1287-487F-BCE6-61CF64A62940}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8BFAF11C-95EB-43A2-9EC4-F38552E0E128}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{7DBD37D6-9576-42D3-9E62-47B3505A8C6F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{21CCFA82-C52B-49DB-9D91-AB49D25EC881}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{4020BB82-4C31-4844-8CA1-8D2EB928E89B}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{4F251087-CCCE-4422-A60A-D8099B34832A}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{656CD836-1500-41B6-B2BF-8589F95F5949}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{764CDA3D-52DA-4BB6-9D55-9C2F36C3FAA6}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{3CFD7C84-560E-4467-9654-E7980FD10FAD}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{105C79DE-E043-4DDB-9384-F8D42FE80346}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{46D6702A-A31F-4C84-AD1E-588559D559BA}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{C38E2627-AE7D-4AD7-BC51-C73BDBC52988}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{58FF3BB1-9AB5-435E-9997-793E3AB0F1A2}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [UDP Query User{89007AA3-0868-43DB-B246-C2A0BDEF564F}C:\users\selvi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\selvi\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{39D79BAC-0637-4A93-9563-3DCB3F76BB94}C:\users\selvi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\selvi\appdata\roaming\spotify\spotify.exe
FirewallRules: [{73D1A40B-3492-4A0F-AEB0-86F20BA38EDF}] => (Allow) LPort=5353
FirewallRules: [{F1A0269C-BB46-4BDD-B5AF-AEAB38865041}] => (Allow) LPort=9322
FirewallRules: [{EA2DEC50-059D-4112-8093-4CB0B4DC7711}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{C7E64231-E5F7-4936-8228-DC1C80EAE0A4}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{9618F554-ED0C-43B6-973A-FF42A26405A2}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{55387B8A-6E86-4A45-9BE1-B75AB30CB580}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{A7E62EB4-A4C3-43DB-8DDA-1A4611CCFA62}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{1E74D4B0-E097-46FE-BEED-A9955B7AE3BF}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{94169512-6385-420D-868E-8F38DA334497}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{6BA3CD82-A010-45D7-95A3-363068D053AC}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{D2571A98-E903-4911-8EFF-F68F4B37AEC7}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{FBEFD6CB-96CD-41F9-9468-A54BE50D5B4D}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{5A35CBCA-930C-4E45-8333-5B53D1916ED6}] => (Allow) LPort=5353
FirewallRules: [{6793377C-DE0C-4449-906B-8F570FB8B037}] => (Allow) LPort=9322
FirewallRules: [{077F5A76-0634-40F2-B529-D889624E404A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{336E698C-7EDF-4435-B18F-B4D0349F9ACC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{592286F8-6891-4B24-A4A3-FE8D6C83E9AA}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{5A2EB6A4-2117-4340-B7B4-C19032C0B8DC}] => (Allow) LPort=55100
FirewallRules: [{7A5892AC-2593-4E48-9FC5-40A6068339CF}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{97FE75DA-50B1-4E57-8259-DDD23B48E73E}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe
FirewallRules: [{1D344ED5-2EFA-46D3-82E3-2F54A8857377}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{AAD6D337-AD5C-413D-A1BE-2C66C8975F78}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{8ADE6E87-42CF-47FD-B2EC-81114D3148CB}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{4BFA0D74-22CE-4038-B734-698C2C3EE22C}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{FF2B0067-2D8B-4171-BF77-D017D912F78E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{4ACCB284-6D0F-4F77-A983-9525B465FA22}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{1D227BCA-0DF6-4FFA-85FB-9F7503A7C1A5}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{A3865932-FB93-4B84-9AB8-0EEAD0E6AEE4}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{D6D9F9BB-EF5E-4BF9-B7A9-D720F3D023D6}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{1C96F01A-35A4-43B6-9392-99E6D0EF9BFC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{69DFCBDB-72C3-424A-8F23-5ABF1A096C5A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EC8C2ECF-C554-465B-B656-687630E78ABD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E11E6FFC-EC65-4832-8CC8-1F5C072CF6EC}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Wiederherstellungspunkte =========================
24-04-2017 17:53:37 Windows Update
02-05-2017 15:16:00 Windows Update
05-05-2017 17:26:07 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/05/2017 07:48:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/05/2017 07:48:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/05/2017 07:48:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/05/2017 07:48:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/05/2017 07:48:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/05/2017 07:48:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/05/2017 07:48:13 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/05/2017 07:48:13 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/05/2017 07:48:13 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/05/2017 07:48:13 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Systemfehler:
=============
Error: (05/05/2017 10:51:24 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (05/05/2017 10:48:24 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/05/2017 07:48:09 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/05/2017 06:54:01 PM) (Source: DCOM) (EventID: 10010) (User: SELVI-PC)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (05/05/2017 05:16:07 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (05/05/2017 05:13:07 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/04/2017 03:58:57 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/04/2017 03:54:32 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT-AUTORITÄT)
Description: Bei der automatischen WLAN-Konfiguration wurde eine eingeschränkte Konnektivität erkannt, "Reset/Recover.adapter" wird ausgeführt.
Code: 8 0x0 0x0
Error: (05/04/2017 03:54:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT-AUTORITÄT)
Description: Bei der automatischen WLAN-Konfiguration wurde eine eingeschränkte Konnektivität erkannt, "Reset/Recover.adapter" wird ausgeführt.
Code: 2 0xdeaddeed 0xeeec
Error: (05/04/2017 03:54:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT-AUTORITÄT)
Description: Bei der automatischen WLAN-Konfiguration wurde eine eingeschränkte Konnektivität erkannt, "Reset/Recover.adapter" wird ausgeführt.
Code: 1 0xc 0x4
CodeIntegrity:
===================================
Date: 2017-04-28 17:27:16.087
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-28 17:27:11.800
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-28 17:27:11.793
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-28 17:27:10.710
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-26 22:05:44.434
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-26 22:05:34.258
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-26 22:05:34.249
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-26 22:05:33.242
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-20 14:35:01.167
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-20 14:34:52.431
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 4019.27 MB
Verfügbarer physikalischer RAM: 2010.73 MB
Summe virtueller Speicher: 4723.27 MB
Verfügbarer virtueller Speicher: 2373.17 MB
==================== Laufwerke ================================
Drive c: (Windows8_OS) (Fixed) (Total:424.25 GB) (Free:358.82 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.39 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 0DC5A29F)
Partition: GPT.
==================== Ende von Addition.txt ============================
Geändert von Lisa.Ivles (05.05.2017 um 22:16 Uhr) |
|
06.05.2017, 21:40
| #8 |
| /// TB-Ausbilder | WEB.de E-Mail-Account: Mail delivery failed Nachrichten, obwohl ich selber keine E-Mails geschrieben habe Servus, Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2
Schritt 3 Downloade Dir bitte Malwarebytes Anti-Malware 3
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
07.05.2017, 21:23
| #9 |
| | WEB.de E-Mail-Account: Mail delivery failed Nachrichten, obwohl ich selber keine E-Mails geschrieben habe Hallo, hier die Logdatei von AdwCleaner Code:
ATTFilter # AdwCleaner v6.046 - Bericht erstellt am 07/05/2017 um 17:48:53
# Aktualisiert am 24/04/2017 von Malwarebytes
# Datenbank : 2017-05-05.1 [Server]
# Betriebssystem : Windows 10 Home (X64)
# Benutzername : Selvi - SELVI-PC
# Gestartet von : C:\Users\Selvi\Desktop\AdwCleaner_6.046.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\Selvi\AppData\Local\Pokki
[-] Ordner gelöscht: C:\ProgramData\Pokki
[-] Ordner gelöscht: C:\Users\Default User\AppData\Local\Pokki
[#] Ordner mit Neustart gelöscht: C:\Users\Default\AppData\Local\Pokki
[-] Ordner gelöscht: C:\Users\Public\Pokki
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
[-] Aufgabe gelöscht: Pokki
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\geekbuddyrsp
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\geekbuddyrsp
[-] Schlüssel gelöscht: HKU\S-1-5-21-453909624-3209935802-3352585122-1001\Software\Classes\pokki
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Classes\pokki
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\pokki
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{02966FA9-C01A-47E7-A169-C83AEA1FB0BA}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{9AD5C084-B6E6-456A-8BA2-A559663780E5}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{70C7334A-66D9-46DE-A4E2-6B923C7DB94E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{5780633B-414C-446F-8EB2-FF1C9A731C99}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{4EECDED2-40FB-4500-85B4-86FB0EBECA68}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{10A7F29D-4B00-40EC-B07D-8616DF8135E6}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{05FF6A00-76A3-4AA1-A9A4-A782152ABE60}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
[-] Schlüssel gelöscht: HKU\S-1-5-21-453909624-3209935802-3352585122-1001\Software\SweetLabs App Platform
[-] Schlüssel gelöscht: HKU\S-1-5-21-453909624-3209935802-3352585122-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\SweetLabs App Platform
[-] Schlüssel gelöscht: HKLM\SOFTWARE\VisualDiscovery
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\SweetLabs App Platform
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
[-] Schlüssel gelöscht: HKU\S-1-5-21-453909624-3209935802-3352585122-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0AA24E16-07B3-4694-8357-3C21ACC5F516}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0AA24E16-07B3-4694-8357-3C21ACC5F516}
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0AA24E16-07B3-4694-8357-3C21ACC5F516}
[-] Schlüssel gelöscht: HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
[-] Schlüssel gelöscht: HKCU\Software\Classes\Directory\shell\pokki
[-] Schlüssel gelöscht: HKCU\Software\Classes\Drive\shell\pokki
[-] Schlüssel gelöscht: HKCU\Software\Classes\lnkfile\shell\pokki
***** [ Browser ] *****
[-] Firefox Einstellungen bereinigt: "browser.search.selectedEngine" - "Web Search"
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [5136 Bytes] - [07/05/2017 17:48:53]
C:\AdwCleaner\AdwCleaner[S0].txt - [5038 Bytes] - [07/05/2017 17:47:33]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [5282 Bytes] ##########
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 07.05.17
Scan-Zeit: 21:38
Protokolldatei: mbam.txt
Administrator: Ja
-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.103
Version des Aktualisierungspakets: 1.0.1888
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: SELVI-PC\Selvi
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 397427
Abgelaufene Zeit: 18 Min., 36 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 8
PUP.Optional.GeekBuddy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DA5BEF3F-88B4-45BE-8D8A-8D57B34ACA97}, In Quarantäne, [1891], [342297],1.0.1888
PUP.Optional.GeekBuddy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{DA5BEF3F-88B4-45BE-8D8A-8D57B34ACA97}, In Quarantäne, [1891], [342297],1.0.1888
PUP.Optional.GeekBuddy, HKLM\SOFTWARE\CLASSES\TYPELIB\{DA5BEF3F-88B4-45BE-8D8A-8D57B34ACA97}, In Quarantäne, [1891], [342297],1.0.1888
PUP.Optional.GeekBuddy, HKLM\SOFTWARE\CLASSES\AutorunsWrapper.CAutorunsWrapper, In Quarantäne, [1891], [342287],1.0.1888
PUP.Optional.GeekBuddy, HKLM\SOFTWARE\CLASSES\AutorunsWrapper.CAutorunsWrapper.1, In Quarantäne, [1891], [342287],1.0.1888
PUP.Optional.GeekBuddy, HKLM\SOFTWARE\CLASSES\CLSID\{2b455106-531b-4428-9f56-c35336c89b6e}, In Quarantäne, [1891], [342287],1.0.1888
PUP.Optional.GeekBuddy, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Geekbuddy, In Quarantäne, [1891], [342296],1.0.1888
PUP.Optional.GeekBuddy, HKLM\SOFTWARE\WOW6432NODE\GeekBuddyRSP, In Quarantäne, [1891], [342277],1.0.1888
Registrierungswert: 1
PUP.Optional.GeekBuddy, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\PROGRAM FILES (X86)\COMMON FILES\COMODO\GeekBuddyRSP.exe, In Quarantäne, [1891], [366013],1.0.1888
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 1
PUP.Optional.GeekBuddy, C:\PROGRAM FILES (X86)\COMMON FILES\COMODO\GeekBuddyRSP.exe, In Quarantäne, [1891], [366013],1.0.1888
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 07-05-2017
durchgeführt von Selvi (Administrator) auf SELVI-PC (07-05-2017 22:19:41)
Gestartet von C:\Users\Selvi\Desktop
Geladene Profile: Selvi & (Verfügbare Profile: Selvi)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManager64.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Windows\System32\igfxTray.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenBroker64.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-10-19] (Realtek semiconductor)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [401896 2016-11-05] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2015-01-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2015-01-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [164112 2015-05-16] (IvoSoft)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1487552 2017-04-23] (COMODO)
HKLM\...\Run: [FileOpenBroker] => C:\Program Files\FileOpen\Services\FileOpenBroker64.exe [1566200 2016-03-01] (FileOpen Systems Inc.)
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2045440 2016-07-07] (Eastman Kodak Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-09-09] (Synaptics Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-03-28] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28432392 2017-05-01] (Dropbox, Inc.)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3386576 2017-03-31] (COMODO)
HKLM-x32\...\Run: [EKIJ5000StatusMonitor] => C:\WINDOWS\System32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2045440 2016-07-07] (Eastman Kodak Company)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2015-01-26]
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{daa1c4ef-0097-428d-8227-ae1d84ec2e63}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-453909624-3209935802-3352585122-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.netflix.de/
HKU\S-1-5-21-453909624-3209935802-3352585122-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-453909624-3209935802-3352585122-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-453909624-3209935802-3352585122-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05072017221043482\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.netflix.de/
HKU\S-1-5-21-453909624-3209935802-3352585122-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05072017221043482\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-453909624-3209935802-3352585122-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05072017221043482\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-04-02] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-04-02] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-04-02] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-04-02] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-02] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: vwrlke5b.default
FF ProfilePath: C:\Users\Selvi\AppData\Roaming\Mozilla\Firefox\Profiles\vwrlke5b.default [2017-05-07]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\vwrlke5b.default -> Ecosia
FF Homepage: Mozilla\Firefox\Profiles\vwrlke5b.default -> hxxps://www.ecosia.org/
FF Extension: (Ecosia — The search engine that plants trees!) - C:\Users\Selvi\AppData\Roaming\Mozilla\Firefox\Profiles\vwrlke5b.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2016-10-14]
FF Extension: (Adblock Plus) - C:\Users\Selvi\AppData\Roaming\Mozilla\Firefox\Profiles\vwrlke5b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-29]
FF SearchPlugin: C:\Users\Selvi\AppData\Roaming\Mozilla\Firefox\Profiles\vwrlke5b.default\searchplugins\AdTrustMediaGeekbuddy.xml [2016-10-29]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-11-02] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-11-02] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-04-02] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-04-02] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-12] (Nitro PDF)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ChromodoUpdater; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [2304184 2016-04-11] (Comodo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3294920 2017-04-03] (Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10512032 2017-04-23] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-04-23] (COMODO)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-17] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-17] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [48944 2017-05-01] (Dropbox, Inc.)
R2 FileOpenManager; C:\Program Files\FileOpen\Services\FileOpenManager64.exe [380920 2016-03-01] (FileOpen Systems Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-05] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [118480 2017-03-31] (COMODO)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-01-26] (Lenovo(beijing) Limited)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872808 2015-12-03] (Maxthon)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-12] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-12] (Nitro PDF Software)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [161072 2013-08-07] (PointGrab LTD)
S4 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [345408 2013-08-07] (PointGrab LTD)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-25] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-09-09] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 CFRMD; C:\WINDOWS\System32\DRIVERS\CFRMD.sys [40224 2015-08-07] (Windows (R) Win 7 DDK provider)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [40960 2017-03-31] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [831504 2017-03-31] (COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-03-31] (COMODO)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-06-08] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-03-22] ()
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230656 2017-02-02] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 INETMON; C:\WINDOWS\System32\Drivers\INETMON.sys [29088 2013-08-13] ()
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [129200 2017-03-31] (COMODO)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-05-07] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-05-07] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-07] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-07] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92096 2017-05-07] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)
R0 mfedisk; C:\WINDOWS\System32\DRIVERS\mfedisk.sys [101872 2015-04-08] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8876248 2013-10-19] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-06-08] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-07 22:19 - 2017-05-07 22:19 - 00000000 ____D C:\Users\Selvi\Desktop\FRST-OlderVersion
2017-05-07 22:15 - 2017-05-07 22:15 - 00002508 _____ C:\Users\Selvi\Desktop\mbam.txt
2017-05-07 21:38 - 2017-05-07 22:10 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-07 21:38 - 2017-05-07 22:10 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-07 21:38 - 2017-05-07 22:10 - 00092096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-07 21:38 - 2017-05-07 22:10 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-07 21:38 - 2017-05-07 21:38 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-07 21:38 - 2017-05-07 21:38 - 00001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-07 21:38 - 2017-05-07 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-07 21:38 - 2017-03-22 11:02 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-07 21:37 - 2017-05-07 21:37 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-07 21:37 - 2017-05-07 21:37 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-07 21:35 - 2017-05-07 21:37 - 60107896 _____ (Malwarebytes ) C:\Users\Selvi\Desktop\mb3-setup-consumer-3.0.6.1469-10103.exe
2017-05-07 21:32 - 2017-05-07 21:32 - 00566128 _____ (Malwarebytes) C:\Users\Selvi\Desktop\mbam-clean-2.3.0.1001(1).exe
2017-05-07 21:29 - 2017-05-07 21:29 - 00005384 _____ C:\Users\Selvi\Desktop\AdwCleaner[C0].txt
2017-05-07 17:44 - 2017-05-07 17:48 - 00000000 ____D C:\AdwCleaner
2017-05-07 17:44 - 2017-05-07 17:44 - 04102600 _____ C:\Users\Selvi\Desktop\AdwCleaner_6.046.exe
2017-05-07 17:23 - 2017-05-07 17:23 - 00072162 _____ C:\Users\Selvi\Desktop\business-visa-form.pdf
2017-05-05 22:54 - 2017-05-05 22:55 - 00281134 _____ C:\TDSSKiller.3.1.0.15_05.05.2017_22.54.03_log.txt
2017-05-05 22:53 - 2017-05-05 22:53 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Selvi\Desktop\tdsskiller.exe
2017-05-05 18:35 - 2017-05-05 23:03 - 00125411 _____ C:\Users\Selvi\Desktop\Addition.txt
2017-05-05 18:33 - 2017-05-07 22:20 - 00027219 _____ C:\Users\Selvi\Desktop\FRST.txt
2017-05-05 18:32 - 2017-05-07 22:19 - 02429440 _____ (Farbar) C:\Users\Selvi\Desktop\FRST64.exe
2017-05-05 18:32 - 2017-05-07 22:19 - 00000000 ____D C:\FRST
2017-05-04 15:47 - 2017-05-04 15:47 - 00008167 _____ C:\Users\Selvi\Desktop\Klageerwiderung Anwaltsklausur VerwR.pdf
2017-05-04 15:46 - 2017-05-04 15:46 - 00106130 _____ C:\Users\Selvi\Desktop\RA Schriftsatz Beigeladener.pdf
2017-05-04 11:12 - 2017-05-04 11:12 - 00027574 _____ C:\Users\Selvi\Desktop\Mail Luther CleverFit.pdf
2017-05-03 15:42 - 2017-05-03 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-05-01 16:49 - 2017-05-01 16:49 - 00048944 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-05-01 15:20 - 2017-05-01 15:20 - 00143388 _____ C:\Users\Selvi\Desktop\JA 2012, 769 - beck-online.pdf
2017-04-25 17:37 - 2017-05-07 17:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-21 11:22 - 2017-04-21 11:22 - 00057144 _____ C:\Users\Selvi\Desktop\BGH JuS 2015, 363.pdf
2017-04-20 15:18 - 2017-04-20 15:18 - 00142895 _____ C:\Users\Selvi\Desktop\JA 2011, 49 - beck-online.pdf
2017-04-12 17:18 - 2017-03-28 08:05 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-12 17:18 - 2017-03-28 08:04 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-04-12 17:18 - 2017-03-28 08:04 - 02262776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-04-12 17:18 - 2017-03-28 07:59 - 06667520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-12 17:18 - 2017-03-28 07:58 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-04-12 17:18 - 2017-03-28 07:58 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-04-12 17:18 - 2017-03-28 07:58 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-04-12 17:18 - 2017-03-28 07:58 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-04-12 17:18 - 2017-03-28 07:58 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-04-12 17:18 - 2017-03-28 07:58 - 00961192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-12 17:18 - 2017-03-28 07:53 - 01414728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-04-12 17:18 - 2017-03-28 07:24 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-04-12 17:18 - 2017-03-28 07:20 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-04-12 17:18 - 2017-03-28 07:17 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-04-12 17:18 - 2017-03-28 07:11 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-04-12 17:18 - 2017-03-28 07:11 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-04-12 17:17 - 2017-03-28 09:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-04-12 17:17 - 2017-03-28 09:10 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-12 17:17 - 2017-03-28 08:32 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-04-12 17:17 - 2017-03-28 08:29 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-04-12 17:17 - 2017-03-28 08:28 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-04-12 17:17 - 2017-03-28 08:26 - 00218520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2017-04-12 17:17 - 2017-03-28 08:21 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-04-12 17:17 - 2017-03-28 08:20 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-04-12 17:17 - 2017-03-28 08:19 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-04-12 17:17 - 2017-03-28 08:18 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-04-12 17:17 - 2017-03-28 08:15 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-04-12 17:17 - 2017-03-28 08:11 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-04-12 17:17 - 2017-03-28 08:11 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-04-12 17:17 - 2017-03-28 08:10 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-04-12 17:17 - 2017-03-28 08:10 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-04-12 17:17 - 2017-03-28 08:09 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-04-12 17:17 - 2017-03-28 08:07 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-04-12 17:17 - 2017-03-28 08:06 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 22221368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 08168512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-04-12 17:17 - 2017-03-28 08:04 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-04-12 17:17 - 2017-03-28 08:04 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-04-12 17:17 - 2017-03-28 08:04 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-04-12 17:17 - 2017-03-28 08:04 - 00277344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-04-12 17:17 - 2017-03-28 08:04 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-04-12 17:17 - 2017-03-28 08:04 - 00116568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-04-12 17:17 - 2017-03-28 08:02 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-04-12 17:17 - 2017-03-28 08:02 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-04-12 17:17 - 2017-03-28 08:02 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-04-12 17:17 - 2017-03-28 07:59 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-04-12 17:17 - 2017-03-28 07:59 - 02533728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-04-12 17:17 - 2017-03-28 07:58 - 01851688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-04-12 17:17 - 2017-03-28 07:58 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-04-12 17:17 - 2017-03-28 07:58 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-04-12 17:17 - 2017-03-28 07:53 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-04-12 17:17 - 2017-03-28 07:52 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-04-12 17:17 - 2017-03-28 07:48 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-04-12 17:17 - 2017-03-28 07:42 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-04-12 17:17 - 2017-03-28 07:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-04-12 17:17 - 2017-03-28 07:41 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-04-12 17:17 - 2017-03-28 07:40 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-04-12 17:17 - 2017-03-28 07:40 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2017-04-12 17:17 - 2017-03-28 07:40 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-12 17:17 - 2017-03-28 07:39 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-04-12 17:17 - 2017-03-28 07:39 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-04-12 17:17 - 2017-03-28 07:38 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-04-12 17:17 - 2017-03-28 07:38 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-12 17:17 - 2017-03-28 07:38 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-04-12 17:17 - 2017-03-28 07:37 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apds.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-12 17:17 - 2017-03-28 07:36 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsecsnp.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys
2017-04-12 17:17 - 2017-03-28 07:35 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-04-12 17:17 - 2017-03-28 07:35 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-04-12 17:17 - 2017-03-28 07:35 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-04-12 17:17 - 2017-03-28 07:35 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-04-12 17:17 - 2017-03-28 07:35 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-12 17:17 - 2017-03-28 07:34 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-04-12 17:17 - 2017-03-28 07:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-04-12 17:17 - 2017-03-28 07:34 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-04-12 17:17 - 2017-03-28 07:34 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsmsnap.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-04-12 17:17 - 2017-03-28 07:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-04-12 17:17 - 2017-03-28 07:31 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-04-12 17:17 - 2017-03-28 07:31 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-04-12 17:17 - 2017-03-28 07:31 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-04-12 17:17 - 2017-03-28 07:31 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-04-12 17:17 - 2017-03-28 07:31 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-04-12 17:17 - 2017-03-28 07:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-04-12 17:17 - 2017-03-28 07:27 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-04-12 17:17 - 2017-03-28 07:27 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2017-04-12 17:17 - 2017-03-28 07:27 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-04-12 17:17 - 2017-03-28 07:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-04-12 17:17 - 2017-03-28 07:26 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-04-12 17:17 - 2017-03-28 07:26 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-04-12 17:17 - 2017-03-28 07:26 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-04-12 17:17 - 2017-03-28 07:26 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-04-12 17:17 - 2017-03-28 07:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-04-12 17:17 - 2017-03-28 07:26 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-04-12 17:17 - 2017-03-28 07:25 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-04-12 17:17 - 2017-03-28 07:25 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-04-12 17:17 - 2017-03-28 07:25 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-04-12 17:17 - 2017-03-28 07:25 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-04-12 17:17 - 2017-03-28 07:24 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-04-12 17:17 - 2017-03-28 07:24 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-04-12 17:17 - 2017-03-28 07:24 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-04-12 17:17 - 2017-03-28 07:24 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-04-12 17:17 - 2017-03-28 07:23 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-04-12 17:17 - 2017-03-28 07:23 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-04-12 17:17 - 2017-03-28 07:23 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-04-12 17:17 - 2017-03-28 07:23 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-04-12 17:17 - 2017-03-28 07:22 - 00516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2017-04-12 17:17 - 2017-03-28 07:22 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-04-12 17:17 - 2017-03-28 07:22 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-04-12 17:17 - 2017-03-28 07:22 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2017-04-12 17:17 - 2017-03-28 07:21 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-04-12 17:17 - 2017-03-28 07:21 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-04-12 17:17 - 2017-03-28 07:21 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-04-12 17:17 - 2017-03-28 07:21 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-04-12 17:17 - 2017-03-28 07:20 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-04-12 17:17 - 2017-03-28 07:20 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 07655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-04-12 17:17 - 2017-03-28 07:18 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-04-12 17:17 - 2017-03-28 07:18 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-04-12 17:17 - 2017-03-28 07:17 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-04-12 17:17 - 2017-03-28 07:17 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-04-12 17:17 - 2017-03-28 07:17 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-04-12 17:17 - 2017-03-28 07:16 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-04-12 17:17 - 2017-03-28 07:16 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-04-12 17:17 - 2017-03-28 07:16 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-04-12 17:17 - 2017-03-28 07:16 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-04-12 17:17 - 2017-03-28 07:15 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-04-12 17:17 - 2017-03-28 07:15 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-04-12 17:17 - 2017-03-28 07:14 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-04-12 17:17 - 2017-03-28 07:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-04-12 17:17 - 2017-03-28 07:11 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-04-12 17:17 - 2017-03-28 07:11 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-04-12 17:17 - 2017-03-28 07:11 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-04-12 17:17 - 2017-03-28 07:11 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-04-12 17:17 - 2017-03-28 07:11 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-04-12 17:17 - 2017-03-28 07:11 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-04-12 17:17 - 2017-03-28 07:10 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-04-12 17:17 - 2017-03-28 07:10 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-04-12 17:17 - 2017-03-28 07:10 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-04-12 17:17 - 2017-03-28 07:10 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-04-12 17:17 - 2017-03-28 07:10 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-04-12 17:17 - 2017-03-28 07:10 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-04-12 17:17 - 2017-03-28 07:09 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-04-12 17:17 - 2017-03-28 07:09 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-04-12 17:17 - 2017-03-28 07:09 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-04-12 17:17 - 2017-03-28 07:08 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-12 17:17 - 2017-03-28 07:08 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-04-12 17:17 - 2017-03-28 07:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-04-12 17:17 - 2017-03-28 07:06 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-04-12 17:17 - 2017-03-28 06:48 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-04-12 17:17 - 2017-03-16 06:38 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-04-12 17:16 - 2017-03-28 08:28 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-04-12 17:16 - 2017-03-28 08:26 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-04-12 17:16 - 2017-03-28 08:22 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-12 17:16 - 2017-03-28 08:12 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-04-12 17:16 - 2017-03-28 08:11 - 02187616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-12 17:16 - 2017-03-28 08:11 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-12 17:16 - 2017-03-28 08:11 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-12 17:16 - 2017-03-28 08:10 - 02758648 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-12 17:16 - 2017-03-28 08:10 - 01157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-04-12 17:16 - 2017-03-28 08:04 - 01276760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-12 17:16 - 2017-03-28 08:04 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-04-12 17:16 - 2017-03-28 08:04 - 00160088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-04-12 17:16 - 2017-03-28 08:00 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-04-12 17:16 - 2017-03-28 08:00 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-12 17:16 - 2017-03-28 07:41 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-04-12 17:16 - 2017-03-28 07:38 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-04-12 17:16 - 2017-03-28 07:37 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-12 17:16 - 2017-03-28 07:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2017-04-12 17:16 - 2017-03-28 07:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-04-12 17:16 - 2017-03-28 07:36 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-04-12 17:16 - 2017-03-28 07:35 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-04-12 17:16 - 2017-03-28 07:35 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-04-12 17:16 - 2017-03-28 07:34 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-04-12 17:16 - 2017-03-28 07:34 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-12 17:16 - 2017-03-28 07:33 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-04-12 17:16 - 2017-03-28 07:33 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-04-12 17:16 - 2017-03-28 07:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-04-12 17:16 - 2017-03-28 07:32 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-04-12 17:16 - 2017-03-28 07:31 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-04-12 17:16 - 2017-03-28 07:31 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-04-12 17:16 - 2017-03-28 07:30 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-04-12 17:16 - 2017-03-28 07:30 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-04-12 17:16 - 2017-03-28 07:30 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-04-12 17:16 - 2017-03-28 07:30 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-04-12 17:16 - 2017-03-28 07:30 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2017-04-12 17:16 - 2017-03-28 07:29 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-04-12 17:16 - 2017-03-28 07:29 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-12 17:16 - 2017-03-28 07:29 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-04-12 17:16 - 2017-03-28 07:29 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-04-12 17:16 - 2017-03-28 07:29 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-04-12 17:16 - 2017-03-28 07:29 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-04-12 17:16 - 2017-03-28 07:28 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-04-12 17:16 - 2017-03-28 07:28 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-04-12 17:16 - 2017-03-28 07:28 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-04-12 17:16 - 2017-03-28 07:28 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-04-12 17:16 - 2017-03-28 07:28 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-04-12 17:16 - 2017-03-28 07:27 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-04-12 17:16 - 2017-03-28 07:27 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-04-12 17:16 - 2017-03-28 07:27 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-04-12 17:16 - 2017-03-28 07:26 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-04-12 17:16 - 2017-03-28 07:26 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-04-12 17:16 - 2017-03-28 07:25 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-04-12 17:16 - 2017-03-28 07:25 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-04-12 17:16 - 2017-03-28 07:25 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-12 17:16 - 2017-03-28 07:24 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-12 17:16 - 2017-03-28 07:24 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-04-12 17:16 - 2017-03-28 07:23 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-04-12 17:16 - 2017-03-28 07:23 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-04-12 17:16 - 2017-03-28 07:21 - 23681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-12 17:16 - 2017-03-28 07:21 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-04-12 17:16 - 2017-03-28 07:21 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2017-04-12 17:16 - 2017-03-28 07:20 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-04-12 17:16 - 2017-03-28 07:20 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-12 17:16 - 2017-03-28 07:19 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-04-12 17:16 - 2017-03-28 07:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2017-04-12 17:16 - 2017-03-28 07:18 - 12181504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-12 17:16 - 2017-03-28 07:18 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-12 17:16 - 2017-03-28 07:18 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-04-12 17:16 - 2017-03-28 07:17 - 13087232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-12 17:16 - 2017-03-28 07:17 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-04-12 17:16 - 2017-03-28 07:15 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-04-12 17:16 - 2017-03-28 07:15 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-12 17:16 - 2017-03-28 07:15 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-04-12 17:16 - 2017-03-28 07:15 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-04-12 17:16 - 2017-03-28 07:15 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-04-12 17:16 - 2017-03-28 07:15 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-04-12 17:16 - 2017-03-28 07:14 - 08126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-12 17:16 - 2017-03-28 07:14 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-04-12 17:16 - 2017-03-28 07:14 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-04-12 17:16 - 2017-03-28 07:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-04-12 17:16 - 2017-03-28 07:14 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-12 17:16 - 2017-03-28 07:13 - 06045184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-04-12 17:16 - 2017-03-28 07:13 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-12 17:16 - 2017-03-28 07:13 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-12 17:16 - 2017-03-28 07:13 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-04-12 17:16 - 2017-03-28 07:13 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-04-12 17:16 - 2017-03-28 07:13 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-12 17:16 - 2017-03-28 07:13 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-04-12 17:16 - 2017-03-28 07:12 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-04-12 17:16 - 2017-03-28 07:12 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-04-12 17:16 - 2017-03-28 07:12 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-04-12 17:16 - 2017-03-28 07:12 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-04-12 17:16 - 2017-03-28 07:11 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-04-12 17:16 - 2017-03-28 07:10 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-12 17:16 - 2017-03-28 07:10 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-12 17:16 - 2017-03-28 07:10 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-12 17:16 - 2017-03-28 07:10 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-04-12 17:16 - 2017-03-28 07:10 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-04-12 17:16 - 2017-03-28 07:10 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-04-12 17:16 - 2017-03-28 07:09 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-04-12 17:16 - 2017-03-28 07:09 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-04-12 17:16 - 2017-03-28 07:09 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-04-12 17:16 - 2017-03-28 07:08 - 03612672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-12 17:16 - 2017-03-28 07:08 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-04-12 17:16 - 2017-03-28 07:08 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-12 17:16 - 2017-03-28 07:07 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-04-12 17:16 - 2017-03-28 07:07 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-04-12 17:16 - 2017-03-28 07:07 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2017-04-12 17:16 - 2017-03-28 07:06 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-04-12 17:16 - 2017-03-28 07:06 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-04-12 17:16 - 2017-03-28 07:05 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-12 17:16 - 2017-03-18 18:35 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-04-12 17:15 - 2017-03-28 08:36 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-04-12 17:15 - 2017-03-28 08:36 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-04-12 17:15 - 2017-03-28 08:36 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-04-12 17:15 - 2017-03-28 08:36 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-04-12 17:15 - 2017-03-28 08:36 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-04-12 17:15 - 2017-03-28 08:35 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-12 17:15 - 2017-03-28 08:20 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-04-12 17:15 - 2017-03-28 08:10 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-04-12 17:15 - 2017-03-28 08:10 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-04-12 17:15 - 2017-03-28 08:09 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-04-12 17:15 - 2017-03-28 08:09 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-04-12 17:15 - 2017-03-28 08:09 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-04-12 17:15 - 2017-03-28 08:08 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-04-12 17:15 - 2017-03-28 08:08 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-04-12 17:15 - 2017-03-28 08:08 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-04-12 17:15 - 2017-03-28 08:04 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-04-12 17:15 - 2017-03-28 07:58 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-04-12 17:15 - 2017-03-28 07:44 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-04-12 17:15 - 2017-03-28 07:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-04-12 17:15 - 2017-03-28 07:37 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2017-04-12 17:15 - 2017-03-28 07:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-04-12 17:15 - 2017-03-28 07:36 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-12 17:15 - 2017-03-28 07:35 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-04-12 17:15 - 2017-03-28 07:35 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-04-12 17:15 - 2017-03-28 07:34 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-04-12 17:15 - 2017-03-28 07:34 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-04-12 17:15 - 2017-03-28 07:34 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-04-12 17:15 - 2017-03-28 07:34 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-04-12 17:15 - 2017-03-28 07:33 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-04-12 17:15 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-04-12 17:15 - 2017-03-28 07:33 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-04-12 17:15 - 2017-03-28 07:33 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-04-12 17:15 - 2017-03-28 07:33 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-04-12 17:15 - 2017-03-28 07:32 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-04-12 17:15 - 2017-03-28 07:32 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-04-12 17:15 - 2017-03-28 07:31 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-04-12 17:15 - 2017-03-28 07:31 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-04-12 17:15 - 2017-03-28 07:31 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-04-12 17:15 - 2017-03-28 07:30 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-04-12 17:15 - 2017-03-28 07:30 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-04-12 17:15 - 2017-03-28 07:30 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-04-12 17:15 - 2017-03-28 07:28 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-04-12 17:15 - 2017-03-28 07:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-04-12 17:15 - 2017-03-28 07:27 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-04-12 17:15 - 2017-03-28 07:27 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2017-04-12 17:15 - 2017-03-28 07:27 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-04-12 17:15 - 2017-03-28 07:26 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-04-12 17:15 - 2017-03-28 07:25 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-04-12 17:15 - 2017-03-28 07:25 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-04-12 17:15 - 2017-03-28 07:25 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-04-12 17:15 - 2017-03-28 07:24 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-04-12 17:15 - 2017-03-28 07:23 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-04-12 17:15 - 2017-03-28 07:23 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-04-12 17:15 - 2017-03-28 07:19 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-04-12 17:15 - 2017-03-28 07:17 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-04-12 17:15 - 2017-03-28 07:17 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-04-12 17:15 - 2017-03-28 07:16 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-04-12 17:15 - 2017-03-28 07:16 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-04-12 17:15 - 2017-03-28 07:15 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-04-12 17:15 - 2017-03-28 07:14 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-04-12 17:15 - 2017-03-28 07:14 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-04-12 17:15 - 2017-03-28 07:14 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-04-12 17:15 - 2017-03-28 07:13 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-04-12 17:15 - 2017-03-28 07:12 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-04-12 17:15 - 2017-03-28 07:11 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-04-12 17:15 - 2017-03-28 07:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-04-12 17:15 - 2017-03-28 07:09 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-04-12 17:15 - 2017-03-28 07:09 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-04-12 17:15 - 2017-03-28 07:08 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-04-12 17:15 - 2017-03-18 18:50 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-04-12 17:15 - 2017-03-16 06:47 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-04-12 16:59 - 2017-04-12 16:59 - 00101716 _____ C:\Users\Selvi\Desktop\Entscheidung-des-Monats-04-2017.pdf
2017-04-12 11:52 - 2017-04-25 17:35 - 00002256 _____ C:\Users\Public\Desktop\COMODO Firewall 10.lnk
2017-04-12 08:31 - 2017-04-23 00:28 - 00230592 _____ (COMODO) C:\WINDOWS\system32\cmdshim64.dll
2017-04-12 08:31 - 2017-04-23 00:26 - 00194752 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdshim32.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-07 22:12 - 2016-12-02 19:05 - 00000000 ____D C:\Users\Selvi\AppData\LocalLow\Mozilla
2017-05-07 22:11 - 2015-09-09 23:33 - 00000000 __SHD C:\Users\Selvi\IntelGraphicsProfiles
2017-05-07 22:10 - 2016-11-04 20:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-07 22:10 - 2016-11-04 19:37 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-07 22:10 - 2015-06-17 21:52 - 00000000 ____D C:\ProgramData\Kodak
2017-05-07 22:09 - 2016-11-04 20:07 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-05-07 22:09 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-07 21:26 - 2016-11-04 19:32 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-07 17:54 - 2016-07-17 00:51 - 01406972 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-07 17:54 - 2016-07-17 00:51 - 00361338 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-07 17:54 - 2015-09-09 21:12 - 02979870 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-07 17:50 - 2015-06-07 11:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-06 17:49 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-06 17:12 - 2015-06-06 20:28 - 00000000 ____D C:\Users\Selvi\AppData\Local\Packages
2017-05-06 15:39 - 2015-11-05 23:37 - 00000000 ____D C:\Users\Selvi\Documents\Outlook-Dateien
2017-05-05 18:36 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-05-05 17:27 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-05 17:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-05 17:19 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-04 15:58 - 2017-03-01 17:08 - 00011387 _____ C:\Users\Selvi\Desktop\Lernplan.xlsx
2017-05-04 15:47 - 2015-07-20 17:31 - 00000000 ____D C:\Users\Selvi\AppData\Roaming\Nitro PDF
2017-05-04 12:11 - 2017-03-28 08:48 - 00000000 ____D C:\Users\Selvi\Desktop\Unterlagen Daniel
2017-05-04 12:06 - 2015-08-14 22:22 - 00000000 ____D C:\Users\Selvi\AppData\Local\Spotify
2017-05-04 12:06 - 2015-08-14 22:21 - 00000000 ____D C:\Users\Selvi\AppData\Roaming\Spotify
2017-05-03 15:42 - 2015-06-11 11:05 - 00000000 ___RD C:\Users\Selvi\Dropbox
2017-05-03 15:42 - 2015-06-11 11:02 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-04-26 22:04 - 2015-08-10 15:27 - 00007926 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2017-04-23 00:31 - 2015-04-01 18:48 - 00051808 _____ (COMODO) C:\WINDOWS\system32\cmdcsr.dll
2017-04-23 00:30 - 2015-04-01 18:48 - 00942792 _____ (COMODO) C:\WINDOWS\system32\guard64.dll
2017-04-23 00:30 - 2015-04-01 18:48 - 00733456 _____ (COMODO) C:\WINDOWS\SysWOW64\guard32.dll
2017-04-23 00:28 - 2015-04-01 18:47 - 00457408 _____ (COMODO) C:\WINDOWS\system32\cmdvrt64.dll
2017-04-23 00:26 - 2015-04-01 18:45 - 00363200 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdvrt32.dll
2017-04-22 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2017-04-21 18:12 - 2015-08-18 12:22 - 00000000 ____D C:\Users\Selvi\Desktop\Ref
2017-04-19 11:16 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-04-19 09:03 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-19 09:01 - 2015-01-26 03:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-04-18 10:40 - 2016-12-18 19:35 - 00003276 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-18 10:39 - 2015-09-09 23:36 - 00002433 _____ C:\Users\Selvi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-18 10:39 - 2015-06-06 20:34 - 00000000 __RDO C:\Users\Selvi\OneDrive
2017-04-13 22:12 - 2015-06-17 11:02 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-04-13 09:16 - 2015-06-07 03:21 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-13 09:15 - 2016-11-04 19:41 - 00000000 ____D C:\Users\Selvi
2017-04-13 09:00 - 2016-11-04 19:31 - 00355608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-13 08:56 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-04-12 23:16 - 2015-06-08 00:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-12 23:11 - 2015-06-08 00:05 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-12 08:36 - 2016-11-04 20:07 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2017-04-12 08:34 - 2015-06-06 21:29 - 00000000 ____D C:\Users\Selvi\AppData\Local\ClassicShell
2017-04-12 08:31 - 2016-11-04 20:08 - 00003140 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2017-04-08 10:11 - 2015-08-06 21:14 - 00532136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-09-18 19:45 - 2016-10-13 15:55 - 0285510 _____ () C:\Program Files (x86)\lizenzvertrag.pdf
2016-04-14 10:33 - 2016-04-14 10:34 - 0016084 _____ () C:\Users\Selvi\AppData\Local\clear.log
2016-04-14 11:41 - 2016-04-14 11:41 - 0000236 _____ () C:\Users\Selvi\AppData\Local\LaunchHomeCenter.log
2015-12-18 19:58 - 2015-12-18 19:58 - 0000000 _____ () C:\Users\Selvi\AppData\Local\{A0359E3F-99E8-48D5-A237-82810DA8B900}
2015-12-18 20:04 - 2015-12-18 20:04 - 0000000 _____ () C:\Users\Selvi\AppData\Local\{BB34A00B-2C5B-4C00-9298-0DE81EC8170A}
2015-12-21 18:49 - 2015-12-21 18:49 - 0000000 _____ () C:\Users\Selvi\AppData\Local\{EF70DC41-1585-486E-BFB5-C6A6B2553D3B}
2016-11-04 19:36 - 2016-11-04 19:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
2017-03-31 16:42 - 2017-03-31 16:42 - 3866608 _____ (COMODO) C:\Users\Selvi\AppData\Local\Temp\ise_installer.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-04 14:08
==================== Ende von FRST.txt ============================
|
|
07.05.2017, 21:25
| #10 |
| | WEB.de E-Mail-Account: Mail delivery failed Nachrichten, obwohl ich selber keine E-Mails geschrieben habe Addition.txt Teil 1 Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 07-05-2017
durchgeführt von Selvi (07-05-2017 22:21:03)
Gestartet von C:\Users\Selvi\Desktop
Windows 10 Home Version 1607 (X64) (2016-11-04 18:13:02)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-453909624-3209935802-3352585122-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-453909624-3209935802-3352585122-503 - Limited - Disabled)
Gast (S-1-5-21-453909624-3209935802-3352585122-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-453909624-3209935802-3352585122-1003 - Limited - Enabled)
Selvi (S-1-5-21-453909624-3209935802-3352585122-1001 - Administrator - Enabled) => C:\Users\Selvi
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.20) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
Anki (HKLM-x32\...\Anki) (Version: - )
Benutzerhandbücher (x32 Version: 3.0.0.3 - Lenovo) Hidden
C4USelfUpdater (x32 Version: 1.00.0000 - Your Company Name) Hidden
Chromodo (HKLM-x32\...\Chromodo) (Version: 48.12.18.254 - Comodo)
Classic Shell (HKLM\...\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}) (Version: 4.2.1 - IvoSoft)
COMODO Firewall (HKLM\...\{73830292-868E-4C82-9AF5-CCFE2047B6A3}) (Version: 10.0.1.6223 - COMODO Security Solutions Inc.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 25.4.28 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.5.20601 - Landesfinanzdirektion Thüringen)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.32 - Lenovo)
Energy Manager (x32 Version: 1.0.0.32 - Lenovo) Hidden
essentials (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
FileOpen Client B969 (HKLM\...\FileOpenClient_is1) (Version: B969 - FileOpen Systems, Inc.)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{8B4EA042-9E21-46FB-8286-225F4D51CC52}) (Version: 4.2.41.2710 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{b9007812-6a61-4dfc-8a0c-4c726c7dc43f}) (Version: 17.0.1 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.1.413499.43 - Comodo)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{A7B68D5F-A468-493F-AD3D-625001293E19}) (Version: 2.0.0.0807 - Ihr Firmenname)
Lenovo Motion Control (x32 Version: 2.0.0.0807 - Ihr Firmenname) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo Photo Master (x32 Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.1.3000 - Maxthon International Limited)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: - )
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7369.2127 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-453909624-3209935802-3352585122-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-453909624-3209935802-3352585122-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05072017221043482\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 53.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 de)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.2.6333 - Mozilla)
Nitro Pro 9 (HKLM\...\{4C32F7E8-A65F-4D3C-9153-9F3B57CB6872}) (Version: 9.0.5.9 - Nitro)
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7369.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7369.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7369.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7369.2127 - Microsoft Corporation) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7133 - Realtek Semiconductor Corp.)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-453909624-3209935802-3352585122-1001\...\Spotify) (Version: 1.0.47.13.gd8e05b1f - Spotify AB)
Spotify (HKU\S-1-5-21-453909624-3209935802-3352585122-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05072017221043482\...\Spotify) (Version: 1.0.47.13.gd8e05b1f - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0415E40A-0BF0-4EBF-B86C-B93E132421EE} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-23] (COMODO)
Task: {0C5B71D1-BE52-48D7-9641-C3B18298ACF5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {1FD70C55-96E8-4153-93A9-061A25DEA311} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {3F63CB59-A13C-4DAC-BF99-6DA6DFC2773A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {412BF28B-AA9E-4731-B0C8-017F3F775ED4} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {511D110D-0F01-43F9-929E-965D70AE91D8} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2014-07-31] (Maxthon International ltd.)
Task: {515B696F-7CAB-477A-8C11-79A224B55FCC} - \WPD\SqmUpload_S-1-5-21-453909624-3209935802-3352585122-1001 -> Keine Datei <==== ACHTUNG
Task: {56DA2173-AFA1-450A-A178-6D8396056013} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] ()
Task: {5F191795-AC39-41EE-80A8-AA8AB5363A9A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {6892257B-F709-4145-8298-AE3457DF6566} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {68C321D3-599C-4F73-BA68-E66EDAC8DF05} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-03] (Microsoft Corporation)
Task: {6C9BF9A8-40EE-44E0-9E4D-5A8628A2E6DF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {7A0A4FFF-177A-4538-96DD-460319E5E44C} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {7B9BAA7A-2B49-4B3A-A64E-607902BF68F9} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-23] (COMODO)
Task: {7DC58543-A034-4E3B-9DB6-46BFB86BFC46} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Selvi\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {966D3805-9DB1-4C65-9C80-5ACB4ACA0120} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {970C4222-CE49-4DE3-9893-882709250672} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-17] (Dropbox, Inc.)
Task: {A6B795F3-CC09-43FF-9D5A-957D2C48E6F4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {AB401EE7-0F94-4ABC-BE37-EFAA1CFECADA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-03] (Microsoft Corporation)
Task: {B476C716-D342-4477-B06C-6D0CEFC8C12B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {BBC84000-857E-4266-ACDF-47BF38A0733F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-04-04] (Microsoft Corporation)
Task: {BE40754E-FBB7-43DB-9BDF-6FB53CCC826D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {C6267AD8-DD18-43BD-91BD-5E6D3CFB77D2} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {CF3FE135-B1B3-484D-998A-4564AFEDFBA7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {D21325B7-E8A1-45D0-AFED-211F5223FEA0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-04-04] (Microsoft Corporation)
Task: {E6DC53C2-E80A-4F61-BD13-2BA7228EFF7F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-17] (Dropbox, Inc.)
Task: {E77FC924-86BC-4A67-8DA5-05F0B3350185} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {F0A66EE3-9411-480A-9E8A-AC6B955C9FC6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-04-04] (Microsoft Corporation)
Task: {F4830ECB-2621-432D-8DD8-CDE2ECAAF893} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {F8A28044-9DF3-4701-804A-8F6337405927} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {FC1B9B7D-9F6C-4F2B-A0BC-40133EBE6D84} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {FEDA3E07-44AA-4212-986C-AE1848A6331F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-02] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job =>
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-12 17:16 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-12 08:31 - 2017-04-23 00:28 - 00156352 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
2015-04-01 18:46 - 2017-04-23 00:27 - 00107200 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2015-04-01 18:46 - 2017-04-23 00:27 - 00244928 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2017-05-07 21:38 - 2017-03-22 10:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-05-07 21:38 - 2017-03-23 19:40 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2013-12-04 09:44 - 2013-12-04 09:44 - 00200168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-12-04 09:44 - 2013-12-04 09:44 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-12-04 09:44 - 2013-12-04 09:44 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2015-01-26 03:43 - 2012-04-25 04:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2017-04-12 17:16 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-11-04 19:23 - 2016-11-04 19:23 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-16 18:36 - 2017-03-16 18:36 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-16 18:37 - 2017-03-16 18:37 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-16 18:37 - 2017-03-16 18:37 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-16 18:37 - 2017-03-16 18:37 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-12 17:16 - 2017-03-28 07:07 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-04-12 17:16 - 2017-03-28 07:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-12 17:16 - 2017-03-28 07:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-05-01 14:59 - 2017-05-01 14:59 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-01 14:59 - 2017-05-01 14:59 - 00190464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-01 14:59 - 2017-05-01 14:59 - 43012096 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-01 14:59 - 2017-05-01 14:59 - 02451456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.14.675.0_x64__kzf8qxf38zg5c\skypert.dll
2016-05-27 15:50 - 2016-11-05 20:11 - 00401896 _____ () C:\Windows\System32\igfxTray.exe
2017-04-17 10:20 - 2017-04-13 01:50 - 00018904 _____ () C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
2017-05-03 15:42 - 2017-05-01 16:44 - 00870720 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-04-17 10:20 - 2017-04-13 01:43 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-04-17 10:20 - 2017-04-13 01:43 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-04-17 10:20 - 2017-04-13 01:43 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-04-17 10:20 - 2017-05-01 16:48 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-04-17 10:20 - 2017-04-13 01:44 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-04-17 10:20 - 2017-04-13 01:43 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-05-03 15:42 - 2017-04-13 01:43 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-05-03 15:42 - 2017-04-13 01:44 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-05-03 15:42 - 2017-04-13 01:43 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-04-17 10:20 - 2017-04-13 01:46 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-05-03 15:42 - 2017-04-13 01:43 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-05-03 15:42 - 2017-04-13 01:46 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-04-17 10:20 - 2017-04-13 01:45 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-04-17 10:20 - 2017-04-13 01:44 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-05-03 15:42 - 2017-04-13 01:37 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-05-03 15:42 - 2017-05-01 16:48 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-05-03 15:42 - 2017-03-22 03:42 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-05-03 15:42 - 2017-05-01 16:48 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-04-17 10:20 - 2017-05-01 16:49 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-05-03 15:42 - 2017-04-13 01:50 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-05-03 15:42 - 2017-04-13 01:50 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-05-03 15:42 - 2017-05-01 16:48 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-02-06 09:17 - 2017-04-13 01:52 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-01-26 02:58 - 2013-09-04 17:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-10-21 23:51 - 2017-04-19 08:59 - 03593920 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\gfx.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\WINDOWS\explorer.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\regedit.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\splwow64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\accountaccessor.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aclui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ActionCenter.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ActionCenterCPL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ActivationManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ActiveSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aepic.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aitstatic.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppCapture.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\appinfo.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ApplicationFrame.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppointmentApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppReadiness.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\appwiz.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppXApplicabilityBlob.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppxPackaging.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AudioEndpointBuilder.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\audiosrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AudioSrvPolicyManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AuthHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\authui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\autoplay.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BackgroundMediaPolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\basecsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bcastdvr.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BcastDVRHelper.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bcdedit.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bcrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bdesvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bdeui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bdeunlock.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\BingMaps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bisrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BitLockerDeviceEncryption.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\biwinrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BluetoothApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BluetoothDesktopHandlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BootMenuUX.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bootux.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\browserbroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BrowserSettingSync.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BthRadioMedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CameraCaptureUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpusersvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cemapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\certprop.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CfgSPCellular.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\chartv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ChatApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ci.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ClipUp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cloudAP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CloudBackupSettings.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CloudStorageWizard.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clusapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cmifw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cmintegrator.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\combase.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\comdlg32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\common_clang64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CompatTelRunner.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ConsoleLogon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ContactApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CredProvDataModel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\credprovhost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\credprovs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\credprovslegacy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\crypt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cryptngc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CspCellularSettings.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3d10warp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3d11.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3D12.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3d9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dab.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dafBth.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DafPrintProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DataExchange.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DataSenseHandlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DavSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\daxexec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dbgeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dcntel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ddraw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ddrawex.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DeviceCensus.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DeviceCenter.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DeviceEnroller.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DeviceFlows.DataModel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DevicePairing.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DevicePairingFolder.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DeviceReactivation.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dhcpcore6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dialclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dialserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\difx64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\discan.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Display.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dmenrollengine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DMRServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dnsapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dnsrslvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DolbyDecMFT.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\domgmt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dpapisrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyAppv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\drvstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dsreg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dsregcmd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DuCsps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dui70.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dwmcore.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DWrite.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\dxgi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DXP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EAMProgressHandler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\easwrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EditBufferTestHook.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EditionUpgradeHelper.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EditionUpgradeManagerObj.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EDPCleanup.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\efsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EKIJ5000MON.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EKIJCOINST09.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\energy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EnterpriseAPNCsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ErrorDetailsUpdate.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\esent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\esentutl.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ExplorerFrame.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ExSMime.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\facecredentialprovider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Family.Authentication.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ffbroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fhcfg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fhcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fhsettingsprovider.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\FntCache.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fontext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FrameServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FSClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fveapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fveapibase.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fvecpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fvenotify.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fveui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fvewiz.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\GamePanelExternalHook.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\gameux.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\gdi32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\GdiPlus.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\generaltel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GfxResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GfxUIEx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv4_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GlobCollationHost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\gpapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\gpsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hal.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hevcdecoder.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hgcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hpovst11.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hppldcoi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hpwtiop4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hpwwiax5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\HttpsDataSource.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hvloader.efi:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hvloader.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\ibtproppage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\icfupgd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\icm32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\icsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\icsvcext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IdCtrls.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iepeers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ieproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ig75icd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10idpp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10iumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd11dxva64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd12umd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdail64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdbcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdde64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\igdfcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdrcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdumdim64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdusc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfx11cmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmjit64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v4531.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCPL.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIServicePS.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDH.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDTCM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxexps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxext.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxOSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDK.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhcp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhsip64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\imapi2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\imapi2fs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ImplatSetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\inetcomm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\InputLocaleManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\InputService.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelCpHDCPSvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelOpenCL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCComp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\internetmail.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IPHLPAPI.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iphlpsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ipnathlp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iprtrmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iscsiwmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\JpMapControl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\jscript9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KnobsCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KnobsCsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\LaunchWinApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ListSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\LocationFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\LockAppBroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\LockAppHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\LogonController.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\lpremove.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\lsasrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\lsm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\main.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\manage-bde.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MapConfiguration.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MapControlCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MapGeocoder.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MapRouter.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MapsBtSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MapsStore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MCCSEngineShared.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MDMAppInstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mdmregistration.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfaudiocnv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MFCaptureEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfds.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfksproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfmkvsrcsnk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfnetsrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MFPlay.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfreadwrite.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfsensorgroup.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfsvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\microsoft-windows-system-events.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\migisol.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mispace.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mmc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MMDevAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\modernexecserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\moshost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\moshostcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MosStorage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mprapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mprddm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mprdim.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MPSSVC.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MrmCoreR.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MSAC3ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MSAudDecMFT.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mscandui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msctf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msctfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msctfui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msdtcprx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msdtcuiu.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msftedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msinfo32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mspaint.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MSPhotography.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mssitlb.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mssph.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mssphtb.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mssrch.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\mssvp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mstsc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msutb.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msv1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MSVidCtl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MSVideoDSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msvproc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MSVPXENC.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msxml3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MultiDigiMon.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ncsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\netiohlp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\netiougc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\netplwiz.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\NetSetupApi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetSetupEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetSetupShim.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetSetupSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\netshell.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nettrace.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\NetworkCollectionAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetworkDesktopSettings.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetworkMobileSettings.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetworkUXBroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NfcRadioMedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ngccredprov.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NgcCtnr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NgcCtnrGidsHandler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NgcCtnrSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ngcsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nlasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nltest.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NMAA.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NotificationController.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NPSM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nshwfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ntshrui.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\offlinesam.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\offreg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OnDemandConnRouteHelper.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OpenCL.DLL:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\pcasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PCPTpm12.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\pdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PhotoScreensaver.scr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PimIndexMaintenance.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Pimstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\pnidui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\policymanager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\powercfg.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PrintDialogs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PrintDialogs3D.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PrintRenderAPIHost.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PrintWSDAHost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\profsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\provengine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\provops.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ProvPluginEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ProvSysprep.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PsmServiceExtHost.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\puiapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\pwrshplugin.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\qmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RADCUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\rasapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\rascustom.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\rasgcw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\rasmans.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\rdpcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ReAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ReAgentc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RelPost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\remoteaudioendpoint.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RemoteNaturalLanguage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ReportingCSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\reseteng.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ResetEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\resutils.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RjvMDMConfig.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RMapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\rshx32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkGuiCompLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTWorkQ.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\samsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ScDeviceEnum.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\scksp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sdengin2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SearchFilterHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SearchFolder.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SearchIndexer.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SearchProtocolHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SecConfig.efi:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\securekernel.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\sendmail.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Sens.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SensorDataService.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SensorService.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\services.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SessEnv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_Flights.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingSync.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingSyncHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\setupugc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SHCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\shdocvw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\shutdownux.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\skci.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\smphost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SndVolSSO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SpaceAgent.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SpaceControl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\spaceman.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SpeechPal.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\spoolsv.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sppcext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sppnp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sppsvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sppwinob.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRH.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRHInproc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sspicli.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\stobject.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\storagewmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\StorSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\StructuredQuery.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sud.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SyncCenter.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\systemreset.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SystemSettings.Handlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Tabbtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tabcal.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\TabletPC.cpl:$CmdTcID [32]
AlternateDataStreams: C:\WINDOWS\system32\tapi32.dll:$CmdTcID [64]
|
|
07.05.2017, 21:27
| #11 |
| | WEB.de E-Mail-Account: Mail delivery failed Nachrichten, obwohl ich selber keine E-Mails geschrieben habe Addition.txt Teil 2 Code:
ATTFilter AlternateDataStreams: C:\WINDOWS\system32\taskbarcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tbauth.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\TextInputFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\themecpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\thumbcache.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\timedate.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\TokenBrokerCookies.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\TpmCoreProvisioning.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\TpmTasks.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tquery.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\TSpkg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\twinapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\twinui.appcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\twinui.pcshell.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tzautoupdate.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ubpm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\uDWM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UIAnimation.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UIAutomationCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UIRibbon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\umpoext.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Unistore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\uReFS.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usbmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usercpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UserDataService.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UserLanguagesCpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usermgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usoapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\VCardParser.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vds.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\VEStoreEventHandlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vmrdvcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vpnike.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\VPNv2CSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vssapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\VSSVC.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wbengine.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\wbiosrvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wcmsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wcnwiz.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wc_storage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\webio.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\werconcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\weretw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\werui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wevtsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wfdprov.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wifinetworkmanager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wifitask.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\win32k.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\win32spl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wincorlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Cortana.Desktop.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Cortana.OneCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Energy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Networking.HostName.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Networking.Vpn.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.StateRepository.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Storage.Search.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.BioFeedback.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.CredDialogController.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Immersive.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Logon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Shell.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Xaml.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winhttp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wininetlui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winload.efi:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winload.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winlogon.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winresume.efi:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winresume.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WinSCard.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WinSetupUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winspool.drv:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\wintrust.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wkssvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlanapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlancfg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WlanMediaManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlansec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlansvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlanui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlidprov.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlidsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WMPDMC.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wmpdxm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wmpeffects.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wmpshell.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WordBreakers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WorkFolders.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WorkfoldersControl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WorkFoldersGPExt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WorkFoldersShell.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\workfolderssvc.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\wow64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Wpc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WpcMon.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WpcRefreshTask.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WpcTok.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wpncore.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\wpnprv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wpx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wscinterop.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wscsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wsecedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WsmSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wsp_fs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wsp_health.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wsp_sr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wups.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WWAHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WWanAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wwanconn.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wwanmm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wwansvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XblAuthManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XblGameSaveExt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XboxNetApiSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XInputUap.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\zipfldr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\accountaccessor.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aclui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ActionCenterCPL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ActivationManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aepic.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AppCapture.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AppointmentApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\appwiz.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AppxPackaging.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AuthExt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\authui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\autoplay.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\azroleui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BackgroundMediaPolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\basecsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BcastDVRHelper.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\bcrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BingMaps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\biwinrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BluetoothApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BrowserSettingSync.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CameraCaptureUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\cemapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Chakradiag.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\chartv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ChatApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ClipboardServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CloudBackupSettings.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CloudStorageWizard.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\clusapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\cmifw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\combase.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\comdlg32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\common_clang32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ContactApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\credprovhost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\credprovs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\credprovslegacy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\crypt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\cryptngc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d2d1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3d10warp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3d11.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3D12.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3d8.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3d9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DafPrintProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DataExchange.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DavSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\daxexec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dbgeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ddraw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ddrawex.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DevicePairing.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dhcpcore6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dnsapi.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DolbyDecMFT.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\drvstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dsreg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dtdump.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DWrite.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dxgi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\EditBufferTestHook.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\efsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\EmailApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\esent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\esentutl.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\explorer.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ExplorerFrame.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\findnetprinters.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\fontext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\FSClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GamePanelExternalHook.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\gameux.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\gdi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GdiPlus.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GlobCollationHost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\gpapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\hevcdecoder.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\hgcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\icm32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iepeers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ig75icd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10idpp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10iumd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd11dxva32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd12umd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdail32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdbcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdde32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdfcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdrcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdumdim32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdusc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfx11cmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmjit32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxexps32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhcp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhsip32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\imapi2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\imapi2fs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\inetcomm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\input.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\InputLocaleManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelOpenCL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IPHLPAPI.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iprtrmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iscsiwmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ise_installer.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\JpMapControl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\jscript9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\jscript9diag.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LaunchWinApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LicenseManagerApi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LockAppBroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LockAppHost.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LogonController.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\main.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MapConfiguration.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MapControlCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MapGeocoder.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MapRouter.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MapsBtSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MCCSEngineShared.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mdmregistration.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfaudiocnv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfds.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfksproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MFPlay.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfreadwrite.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfsensorgroup.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfsvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\migisol.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mispace.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mmc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MMDevAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MosStorage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mprapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mprddm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mprdim.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MrmCoreR.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MSAC3ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mscandui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mscms.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msctf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msctfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msctfui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msdtcuiu.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msftedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msinfo32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MSPhotography.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mssitlb.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mssph.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mssphtb.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mssrch.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mssvp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msutb.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msv1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MSVidCtl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MSVP9DEC.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvproc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MSVPXENC.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msxml3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mtxclu.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\netiohlp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\netiougc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NetSetupApi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NetSetupEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NetSetupShim.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NetworkCollectionAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ngccredprov.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NMAA.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NPSM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nshwfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ntshrui.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\offlinesam.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\offreg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OneDriveSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenCL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PCPTpm12.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\pdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PhotoScreensaver.scr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Pimstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\policymanager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\powercfg.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PrintDialogs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ProximityCommon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\puiapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\puiobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\pwrshplugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\rasapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\rasgcw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\rdpcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\rdpencom.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ReAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ReAgentc.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\regedit.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\resutils.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RTWorkQ.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\scksp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SearchFilterHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SearchFolder.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SearchIndexer.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SearchProtocolHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\sendmail.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SessEnv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSync.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSyncHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\setupugc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SHCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\smphost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SndVolSSO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\sppcext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\sspicli.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\stobject.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\storagewmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\sud.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\systemcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\tapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\tbauth.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\tcpipcfg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TempSignedLicenseExchangeTask.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TextInputFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\themecpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\thumbcache.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\tquery.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\tsmf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TSpkg.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\twinapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\twinui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\UIAnimation.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\UIAutomationCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\UIRibbon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Unistore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\uReFS.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\usercpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\VCardParser.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vssapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wcnwiz.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\webio.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\weretw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wfdprov.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\win32k.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wincorlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Energy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Gaming.UI.GameBar.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.StateRepository.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Search.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\winhttp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wininetlui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\winmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WinSCard.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\winspool.drv:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wintrust.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wlanapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wlancfg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wlanui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wlidprov.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WMPDMC.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wmpdxm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wmpeffects.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wmpshell.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WordBreakers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Wpc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WPDShServiceObj.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wscinterop.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wsecedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wsp_fs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wsp_health.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wsp_sr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WWAHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WWanAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XInputUap.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xolehlp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zipfldr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\afd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ahcache.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bowser.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\BthLEEnum.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bthpan.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bthport.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\capimg.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\CFRMD.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Classpnp.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\clfs.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\cmimcext.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\crashdmp.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dam.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dfsc.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dumpsd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgmms2.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\fastfat.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\fvevol.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hidclass.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\http.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hvsocket.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ibtusb.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\igdkmd64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\iorate.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IPMIDrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\kbdhid.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ks.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\MegaSas2i.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\modem.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxdav.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxsmb.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxsmb10.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxsmb20.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mskssrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ntfs.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nwifi.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\partmgr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\pci.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\pdc.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rdbss.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdbus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\spaceport.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\srv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\srv2.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssudbus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssudmdm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\storahci.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\stornvme.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\storport.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tcpipreg.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tdx.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tpm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbscan.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vhdmp.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vmbkmcl.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vmbkmclr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vpci.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wcifs.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\WdiWiFi.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\winhvr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\xboxgip.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Selvi\Desktop\aio_install(1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Selvi\Desktop\aio_install(1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Selvi\Desktop\ElsterFormular-17.4.37.20160609p.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Selvi\Desktop\ElsterFormular-17.4.37.20160609p.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Selvi\Desktop\FileOpenInstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Selvi\Desktop\FileOpenInstaller.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Selvi\Desktop\KfZ Schäden Anika.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Selvi\Desktop\KfZ Schäden Anika.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Selvi\Desktop\OneDriveSetup.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Selvi\Desktop\OneDriveSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Selvi\Downloads\SpotifySetup_1.0.11.134.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Selvi\Documents\514984_Con_gusto_A1_Loesungen_EB.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Selvi\Documents\514984_Con_gusto_A1_Loesungen_EB.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Selvi\Documents\freebie_ordneretiketten_dotsandstripesde.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Selvi\Documents\freebie_ordneretiketten_dotsandstripesde.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Selvi\Documents\kleines-Rezeptpaket-schnelle-rezepte-on-the-run.pdf:$CmdZnID [26]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-453909624-3209935802-3352585122-1001\...\sharepoint.com -> hxxps://umuenster-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-453909624-3209935802-3352585122-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05072017221043482\...\sharepoint.com -> hxxps://umuenster-files.sharepoint.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2015-08-06 20:54 - 00000826 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05072017221043170\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05072017221043311\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-453909624-3209935802-3352585122-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Selvi\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img9.jpg
HKU\S-1-5-21-453909624-3209935802-3352585122-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05072017221043482\Control Panel\Desktop\\Wallpaper -> C:\Users\Selvi\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img9.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{C26461E9-3139-463D-A858-D618E9455F6B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{1BA9EFFA-47BE-4265-A7EF-E4E69578A699}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{2DC121A1-1287-487F-BCE6-61CF64A62940}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8BFAF11C-95EB-43A2-9EC4-F38552E0E128}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{7DBD37D6-9576-42D3-9E62-47B3505A8C6F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{21CCFA82-C52B-49DB-9D91-AB49D25EC881}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{4020BB82-4C31-4844-8CA1-8D2EB928E89B}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{4F251087-CCCE-4422-A60A-D8099B34832A}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{656CD836-1500-41B6-B2BF-8589F95F5949}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{764CDA3D-52DA-4BB6-9D55-9C2F36C3FAA6}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{3CFD7C84-560E-4467-9654-E7980FD10FAD}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{105C79DE-E043-4DDB-9384-F8D42FE80346}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{46D6702A-A31F-4C84-AD1E-588559D559BA}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{C38E2627-AE7D-4AD7-BC51-C73BDBC52988}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{58FF3BB1-9AB5-435E-9997-793E3AB0F1A2}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [UDP Query User{89007AA3-0868-43DB-B246-C2A0BDEF564F}C:\users\selvi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\selvi\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{39D79BAC-0637-4A93-9563-3DCB3F76BB94}C:\users\selvi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\selvi\appdata\roaming\spotify\spotify.exe
FirewallRules: [{73D1A40B-3492-4A0F-AEB0-86F20BA38EDF}] => (Allow) LPort=5353
FirewallRules: [{F1A0269C-BB46-4BDD-B5AF-AEAB38865041}] => (Allow) LPort=9322
FirewallRules: [{EA2DEC50-059D-4112-8093-4CB0B4DC7711}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{C7E64231-E5F7-4936-8228-DC1C80EAE0A4}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{9618F554-ED0C-43B6-973A-FF42A26405A2}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{55387B8A-6E86-4A45-9BE1-B75AB30CB580}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{A7E62EB4-A4C3-43DB-8DDA-1A4611CCFA62}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{1E74D4B0-E097-46FE-BEED-A9955B7AE3BF}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{94169512-6385-420D-868E-8F38DA334497}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{6BA3CD82-A010-45D7-95A3-363068D053AC}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{D2571A98-E903-4911-8EFF-F68F4B37AEC7}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{FBEFD6CB-96CD-41F9-9468-A54BE50D5B4D}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{5A35CBCA-930C-4E45-8333-5B53D1916ED6}] => (Allow) LPort=5353
FirewallRules: [{6793377C-DE0C-4449-906B-8F570FB8B037}] => (Allow) LPort=9322
FirewallRules: [{077F5A76-0634-40F2-B529-D889624E404A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{336E698C-7EDF-4435-B18F-B4D0349F9ACC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{592286F8-6891-4B24-A4A3-FE8D6C83E9AA}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{5A2EB6A4-2117-4340-B7B4-C19032C0B8DC}] => (Allow) LPort=55100
FirewallRules: [{7A5892AC-2593-4E48-9FC5-40A6068339CF}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{97FE75DA-50B1-4E57-8259-DDD23B48E73E}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe
FirewallRules: [{1D344ED5-2EFA-46D3-82E3-2F54A8857377}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{AAD6D337-AD5C-413D-A1BE-2C66C8975F78}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{8ADE6E87-42CF-47FD-B2EC-81114D3148CB}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{4BFA0D74-22CE-4038-B734-698C2C3EE22C}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{FF2B0067-2D8B-4171-BF77-D017D912F78E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{4ACCB284-6D0F-4F77-A983-9525B465FA22}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{1D227BCA-0DF6-4FFA-85FB-9F7503A7C1A5}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{A3865932-FB93-4B84-9AB8-0EEAD0E6AEE4}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{D6D9F9BB-EF5E-4BF9-B7A9-D720F3D023D6}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{1C96F01A-35A4-43B6-9392-99E6D0EF9BFC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{69DFCBDB-72C3-424A-8F23-5ABF1A096C5A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EC8C2ECF-C554-465B-B656-687630E78ABD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E11E6FFC-EC65-4832-8CC8-1F5C072CF6EC}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Wiederherstellungspunkte =========================
24-04-2017 17:53:37 Windows Update
02-05-2017 15:16:00 Windows Update
05-05-2017 17:26:07 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/07/2017 10:12:50 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (05/07/2017 10:10:33 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/07/2017 10:10:33 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/07/2017 10:10:33 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/07/2017 10:10:33 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/07/2017 10:10:33 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/07/2017 10:10:33 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/07/2017 10:10:33 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/07/2017 10:10:33 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (05/07/2017 10:10:33 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Systemfehler:
=============
Error: (05/07/2017 10:13:52 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (05/07/2017 10:10:51 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/07/2017 10:09:41 PM) (Source: DCOM) (EventID: 10010) (User: SELVI-PC)
Description: Der Server "CortanaUI.AppX1g2fzdjyfpzhgqwsaajfp6hm53qh64kg.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (05/07/2017 10:09:33 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/07/2017 09:36:32 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (05/07/2017 09:33:31 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/07/2017 09:32:43 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/07/2017 09:30:06 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/07/2017 09:29:27 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/07/2017 09:26:37 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2017-05-07 22:10:46.813
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-07 22:10:39.651
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-07 22:10:39.636
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-07 22:10:35.388
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-07 21:33:35.435
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-07 21:33:27.809
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-07 21:33:27.798
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-07 21:33:25.444
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-07 17:50:37.963
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-07 17:50:32.937
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 61%
Installierter physikalischer RAM: 4019.27 MB
Verfügbarer physikalischer RAM: 1558.89 MB
Summe virtueller Speicher: 4723.27 MB
Verfügbarer virtueller Speicher: 1653.47 MB
==================== Laufwerke ================================
Drive c: (Windows8_OS) (Fixed) (Total:424.25 GB) (Free:357.89 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.39 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 0DC5A29F)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
08.05.2017, 13:29
| #12 |
| /// TB-Ausbilder | WEB.de E-Mail-Account: Mail delivery failed Nachrichten, obwohl ich selber keine E-Mails geschrieben habe Servus, wir entfernen noch ein bisschen was und kontrollieren nochmal alles. Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1
Schritt 2 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 3 ESET Online Scanner
Schritt 4
Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?Bitte poste mit deiner nächsten Antwort
|
|
09.05.2017, 17:25
| #13 |
| | WEB.de E-Mail-Account: Mail delivery failed Nachrichten, obwohl ich selber keine E-Mails geschrieben habe Hallo, hier die Logdatei des FRST-Fix Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-05-2017
durchgeführt von Selvi (09-05-2017 17:30:03) Run:1
Gestartet von C:\Users\Selvi\Desktop
Geladene Profile: Selvi & (Verfügbare Profile: Selvi)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
CloseProcesses:
FF SearchPlugin: C:\Users\Selvi\AppData\Roaming\Mozilla\Firefox\Profiles\vwrlke5b.default\searchplugins\AdTrustMediaGeekbuddy.xml [2016-10-29]
Task: {0C5B71D1-BE52-48D7-9641-C3B18298ACF5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {3F63CB59-A13C-4DAC-BF99-6DA6DFC2773A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {515B696F-7CAB-477A-8C11-79A224B55FCC} - \WPD\SqmUpload_S-1-5-21-453909624-3209935802-3352585122-1001 -> Keine Datei <==== ACHTUNG
Task: {5F191795-AC39-41EE-80A8-AA8AB5363A9A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {6C9BF9A8-40EE-44E0-9E4D-5A8628A2E6DF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {966D3805-9DB1-4C65-9C80-5ACB4ACA0120} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {A6B795F3-CC09-43FF-9D5A-957D2C48E6F4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {B476C716-D342-4477-B06C-6D0CEFC8C12B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {CF3FE135-B1B3-484D-998A-4564AFEDFBA7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {E77FC924-86BC-4A67-8DA5-05F0B3350185} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {F8A28044-9DF3-4701-804A-8F6337405927} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
CMD: dir "%UserProfile%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
*****************
Prozesse erfolgreich geschlossen.
C:\Users\Selvi\AppData\Roaming\Mozilla\Firefox\Profiles\vwrlke5b.default\searchplugins\AdTrustMediaGeekbuddy.xml => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C5B71D1-BE52-48D7-9641-C3B18298ACF5} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C5B71D1-BE52-48D7-9641-C3B18298ACF5} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F63CB59-A13C-4DAC-BF99-6DA6DFC2773A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F63CB59-A13C-4DAC-BF99-6DA6DFC2773A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{515B696F-7CAB-477A-8C11-79A224B55FCC} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{515B696F-7CAB-477A-8C11-79A224B55FCC} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-453909624-3209935802-3352585122-1001 => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F191795-AC39-41EE-80A8-AA8AB5363A9A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F191795-AC39-41EE-80A8-AA8AB5363A9A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C9BF9A8-40EE-44E0-9E4D-5A8628A2E6DF} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C9BF9A8-40EE-44E0-9E4D-5A8628A2E6DF} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{966D3805-9DB1-4C65-9C80-5ACB4ACA0120} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{966D3805-9DB1-4C65-9C80-5ACB4ACA0120} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A6B795F3-CC09-43FF-9D5A-957D2C48E6F4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6B795F3-CC09-43FF-9D5A-957D2C48E6F4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B476C716-D342-4477-B06C-6D0CEFC8C12B} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B476C716-D342-4477-B06C-6D0CEFC8C12B} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CF3FE135-B1B3-484D-998A-4564AFEDFBA7} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF3FE135-B1B3-484D-998A-4564AFEDFBA7} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E77FC924-86BC-4A67-8DA5-05F0B3350185} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E77FC924-86BC-4A67-8DA5-05F0B3350185} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F8A28044-9DF3-4701-804A-8F6337405927} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8A28044-9DF3-4701-804A-8F6337405927} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => Schlüssel erfolgreich entfernt
========= dir "%ProgramFiles%" =========
Datentr„ger in Laufwerk C: ist Windows8_OS
Volumeseriennummer: 940E-59A8
Verzeichnis von C:\Program Files
07.05.2017 21:37 <DIR> .
07.05.2017 21:37 <DIR> ..
26.01.2015 03:48 <DIR> Adobe Photo
06.06.2015 21:29 <DIR> Classic Shell
04.11.2016 19:44 <DIR> Common Files
11.12.2016 16:44 <DIR> COMODO
26.01.2015 03:42 <DIR> CyberLink
26.01.2015 03:48 <DIR> DIFX
09.09.2015 21:05 <DIR> Dolby Digital Plus
01.03.2016 17:48 <DIR> FileOpen
26.01.2015 03:38 <DIR> Google Play Music
26.01.2015 03:38 <DIR> Hightail
04.11.2016 19:44 <DIR> Intel
21.03.2017 18:59 <DIR> Internet Explorer
09.09.2015 21:00 <DIR> lenovo
26.01.2015 03:46 <DIR> Lenovo PhotoMasterImport
07.05.2017 21:37 <DIR> Malwarebytes
06.08.2015 20:51 <DIR> mcafee
26.01.2015 03:40 <DIR> mcafee.com
20.06.2016 16:21 <DIR> Microsoft Office 15
04.11.2016 19:02 <DIR> MSBuild
04.11.2015 19:32 <DIR> PDFCreator
04.11.2016 19:36 <DIR> Realtek
04.11.2016 19:02 <DIR> Reference Assemblies
04.11.2016 19:37 <DIR> Synaptics
13.04.2017 08:56 <DIR> Windows Defender
21.03.2017 18:59 <DIR> Windows Mail
05.11.2016 21:31 <DIR> Windows Media Player
16.07.2016 13:47 <DIR> Windows Multimedia Platform
04.11.2016 20:12 <DIR> Windows NT
13.04.2017 08:56 <DIR> Windows Photo Viewer
16.07.2016 13:47 <DIR> Windows Portable Devices
16.07.2016 13:47 <DIR> WindowsPowerShell
0 Datei(en), 0 Bytes
33 Verzeichnis(se), 383.904.296.960 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramFiles(x86)%" =========
Datentr„ger in Laufwerk C: ist Windows8_OS
Volumeseriennummer: 940E-59A8
Verzeichnis von C:\Program Files (x86)
07.05.2017 21:32 <DIR> .
07.05.2017 21:32 <DIR> ..
17.06.2015 11:02 <DIR> Adobe
24.10.2015 15:28 <DIR> Anki
06.11.2016 14:17 <DIR> bin
26.01.2015 03:00 <DIR> Cisco
19.04.2017 09:03 <DIR> Common Files
07.12.2016 21:57 <DIR> Comodo
26.01.2015 03:42 <DIR> Cyberlink
06.11.2016 14:19 <DIR> dict
03.05.2017 15:42 <DIR> Dropbox
14.05.2016 14:16 <DIR> Free PDF to Word Doc Converter
26.01.2015 03:38 <DIR> Hightail
06.11.2016 14:19 <DIR> hilfe
18.09.2016 19:45 <DIR> images
09.09.2015 21:00 <DIR> Intel
21.03.2017 18:59 <DIR> Internet Explorer
14.04.2016 11:15 <DIR> Kodak
09.09.2015 21:00 <DIR> Lenovo
13.10.2016 15:55 285.510 lizenzvertrag.pdf
26.01.2015 03:39 <DIR> Maxthon
06.08.2015 20:51 <DIR> McAfee
26.01.2015 03:40 <DIR> mcafee.com
19.04.2017 09:01 <DIR> Microsoft Office
04.11.2016 19:45 <DIR> Microsoft.NET
07.05.2017 17:50 <DIR> Mozilla Firefox
07.05.2017 17:50 <DIR> Mozilla Maintenance Service
04.11.2016 19:02 <DIR> MSBuild
26.01.2015 03:44 <DIR> New Folder
26.01.2015 03:37 <DIR> Nitro
20.07.2015 17:38 <DIR> PrintProjects
26.01.2015 03:11 <DIR> Realtek
04.11.2016 19:02 <DIR> Reference Assemblies
17.04.2016 14:53 <DIR> Skype
13.04.2017 08:56 <DIR> Windows Defender
21.03.2017 18:59 <DIR> Windows Mail
05.11.2016 21:31 <DIR> Windows Media Player
16.07.2016 13:47 <DIR> Windows Multimedia Platform
16.07.2016 13:47 <DIR> Windows NT
13.04.2017 08:56 <DIR> Windows Photo Viewer
16.07.2016 13:47 <DIR> Windows Portable Devices
16.07.2016 13:47 <DIR> WindowsPowerShell
1 Datei(en), 285.510 Bytes
41 Verzeichnis(se), 383.904.227.328 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramData%" =========
Datentr„ger in Laufwerk C: ist Windows8_OS
Volumeseriennummer: 940E-59A8
Verzeichnis von C:\ProgramData
17.06.2015 11:04 <DIR> Adobe
16.07.2016 13:47 <DIR> Comms
31.03.2017 16:43 <DIR> Comodo
06.06.2015 20:43 <DIR> CyberLink
26.01.2015 03:47 <DIR> Downloaded Installations
11.06.2015 11:02 <DIR> Dropbox
06.11.2016 14:19 <DIR> elsterformular
12.09.2015 00:12 <DIR> Energy Manager
01.03.2016 17:48 <DIR> FileOpen
06.06.2015 20:34 <DIR> HP
26.01.2015 03:46 <DIR> install_clap
26.01.2015 03:14 <DIR> Intel
26.01.2015 03:00 <DIR> Intel.sav
08.05.2017 18:48 <DIR> Kodak
09.09.2015 21:00 <DIR> Lenovo
07.05.2017 21:37 <DIR> Malwarebytes
16.06.2016 13:43 <DIR> McAfee
04.11.2016 21:09 <DIR> Microsoft OneDrive
07.06.2015 11:10 <DIR> Mozilla
26.01.2015 03:37 <DIR> Nitro
26.01.2015 03:47 <DIR> OneKey Recovery
26.01.2015 03:45 <DIR> Package Cache
04.11.2015 19:21 <DIR> PDF Architect 4
20.07.2015 17:38 <DIR> PrintProjects
19.04.2017 09:03 <DIR> regid.1991-06.com.microsoft
26.01.2015 03:00 <DIR> Roaming
06.08.2015 20:47 <DIR> Shared Space
17.04.2016 14:53 <DIR> Skype
16.07.2016 13:47 <DIR> SoftwareDistribution
26.01.2015 03:47 <DIR> Temp
04.11.2016 20:12 <DIR> USOPrivate
04.11.2016 20:12 <DIR> USOShared
20.07.2015 17:38 <DIR> Visan
0 Datei(en), 0 Bytes
33 Verzeichnis(se), 383.904.174.080 Bytes frei
========= Ende von CMD: =========
========= dir "%Appdata%" =========
Datentr„ger in Laufwerk C: ist Windows8_OS
Volumeseriennummer: 940E-59A8
Verzeichnis von C:\Users\Selvi\AppData\Roaming
04.11.2016 19:43 <DIR> .
04.11.2016 19:43 <DIR> ..
07.02.2017 12:35 <DIR> Adobe
06.06.2015 21:29 <DIR> ClassicShell
11.06.2015 11:04 <DIR> Dropbox
18.09.2016 19:45 <DIR> elsterformular
01.03.2016 17:48 <DIR> FileOpen
07.06.2015 11:24 <DIR> Hightail for Lenovo
08.06.2015 20:50 <DIR> Identities
06.06.2015 20:28 <DIR> Intel
06.06.2015 20:30 <DIR> Macromedia
21.12.2015 19:35 <DIR> Maxthon3
07.06.2015 11:11 <DIR> Mozilla
11.06.2015 14:29 <DIR> Nitro
09.05.2017 10:42 <DIR> Nitro PDF
07.06.2015 11:45 <DIR> OpenOffice
04.11.2015 19:31 <DIR> PDF Architect 4
12.06.2016 18:20 <DIR> Skype
04.05.2017 12:06 <DIR> Spotify
20.07.2015 17:30 <DIR> Temp
0 Datei(en), 0 Bytes
20 Verzeichnis(se), 383.904.096.256 Bytes frei
========= Ende von CMD: =========
========= dir "%LocalAppdata%" =========
Datentr„ger in Laufwerk C: ist Windows8_OS
Volumeseriennummer: 940E-59A8
Verzeichnis von C:\Users\Selvi\AppData\Local
09.05.2017 17:25 <DIR> .
09.05.2017 17:25 <DIR> ..
04.02.2016 14:58 <DIR> ActiveSync
21.07.2015 22:34 <DIR> Adobe
14.08.2015 22:22 <DIR> CEF
12.04.2017 08:34 <DIR> ClassicShell
14.04.2016 10:34 16.084 clear.log
05.11.2015 23:23 <DIR> Comms
06.08.2015 20:46 <DIR> Comodo
05.11.2016 01:41 <DIR> ConnectedDevicesPlatform
11.09.2015 11:09 <DIR> CrashDumps
06.06.2015 20:43 <DIR> CyberLink
10.04.2017 17:11 <DIR> Diagnostics
14.05.2016 14:15 <DIR> Downloaded Installations
11.03.2017 11:07 <DIR> Dropbox
20.07.2015 17:35 <DIR> Eastman Kodak Company
14.04.2016 11:19 <DIR> Eastman_Kodak_Company
01.03.2017 15:11 <DIR> ElevatedDiagnostics
15.06.2015 13:33 <DIR> GWX
06.06.2015 22:00 <DIR> Intel_Corporation
14.04.2016 11:41 236 LaunchHomeCenter.log
06.06.2015 20:35 <DIR> Lenovo
21.07.2015 22:34 <DIR> Macromedia
04.11.2016 21:16 <DIR> Microsoft
07.08.2015 10:23 <DIR> Microsoft Help
28.12.2015 15:36 <DIR> MicrosoftEdge
07.06.2015 11:11 <DIR> Mozilla
09.05.2017 10:43 <DIR> Packages
04.11.2015 19:18 <DIR> Programs
09.09.2015 23:32 <DIR> Publishers
04.05.2017 12:06 <DIR> Spotify
09.05.2017 17:29 <DIR> Temp
15.04.2016 15:26 <DIR> TempTaskUpdateDetection69DAD50F-66E1-48E8-B42E-41D4D7BBEB8F
09.09.2015 23:30 <DIR> TileDataLayer
04.11.2015 19:08 <DIR> VirtualStore
18.12.2015 19:58 0 {A0359E3F-99E8-48D5-A237-82810DA8B900}
18.12.2015 20:04 0 {BB34A00B-2C5B-4C00-9298-0DE81EC8170A}
21.12.2015 18:49 0 {EF70DC41-1585-486E-BFB5-C6A6B2553D3B}
5 Datei(en), 16.320 Bytes
33 Verzeichnis(se), 383.904.018.432 Bytes frei
========= Ende von CMD: =========
========= dir "%CommonProgramFiles(x86)%" =========
Datentr„ger in Laufwerk C: ist Windows8_OS
Volumeseriennummer: 940E-59A8
Verzeichnis von C:\Program Files (x86)\Common Files
19.04.2017 09:03 <DIR> .
19.04.2017 09:03 <DIR> ..
17.06.2015 11:02 <DIR> Adobe
07.05.2017 22:09 <DIR> COMODO
19.04.2017 09:03 <DIR> DESIGNER
26.01.2015 03:10 <DIR> InstallShield
04.11.2016 19:37 <DIR> Intel
26.01.2015 02:58 <DIR> Intel Corporation
26.01.2015 03:39 <DIR> LENOVO
26.01.2015 03:40 <DIR> McAfee
19.04.2017 09:03 <DIR> Microsoft Shared
26.01.2015 03:46 <DIR> Nikon
26.01.2015 03:37 <DIR> Nitro
26.01.2015 02:58 <DIR> postureAgent
16.07.2016 13:47 <DIR> Services
17.04.2016 14:53 <DIR> Skype
17.07.2016 00:50 <DIR> System
0 Datei(en), 0 Bytes
17 Verzeichnis(se), 383.903.895.552 Bytes frei
========= Ende von CMD: =========
========= dir "%CommonProgramW6432%" =========
Datentr„ger in Laufwerk C: ist Windows8_OS
Volumeseriennummer: 940E-59A8
Verzeichnis von C:\Program Files\Common Files
04.11.2016 19:44 <DIR> .
04.11.2016 19:44 <DIR> ..
26.01.2015 03:00 <DIR> Intel
06.08.2015 20:51 <DIR> McAfee
04.11.2016 19:44 <DIR> microsoft shared
26.01.2015 03:37 <DIR> Nitro
16.07.2016 13:47 <DIR> Services
17.07.2016 00:50 <DIR> System
0 Datei(en), 0 Bytes
8 Verzeichnis(se), 383.903.817.728 Bytes frei
========= Ende von CMD: =========
========= dir "%UserProfile%" =========
Datentr„ger in Laufwerk C: ist Windows8_OS
Volumeseriennummer: 940E-59A8
Verzeichnis von C:\Users\Selvi
13.04.2017 09:15 <DIR> .
13.04.2017 09:15 <DIR> ..
05.11.2015 23:47 <DIR> .android
10.09.2015 11:32 <DIR> 3D Objects
13.04.2017 09:16 <DIR> Contacts
09.05.2017 17:30 <DIR> Desktop
13.04.2017 09:16 <DIR> Documents
13.04.2017 09:16 <DIR> Downloads
03.05.2017 15:42 <DIR> Dropbox
13.04.2017 09:16 <DIR> Favorites
13.04.2017 09:16 <DIR> Links
13.04.2017 09:16 <DIR> Music
18.04.2017 10:39 <DIR> OneDrive
13.04.2017 09:16 <DIR> Pictures
26.01.2015 03:00 <DIR> Roaming
13.04.2017 09:16 <DIR> Saved Games
13.04.2017 09:16 <DIR> Searches
17.01.2016 14:15 <DIR> Tracing
13.04.2017 09:16 <DIR> Videos
0 Datei(en), 0 Bytes
19 Verzeichnis(se), 383.903.756.288 Bytes frei
========= Ende von CMD: =========
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-453909624-3209935802-3352585122-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-453909624-3209935802-3352585122-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-453909624-3209935802-3352585122-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05072017221043482\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-453909624-3209935802-3352585122-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05072017221043482\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
========= Ende von CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 35992 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 529261958 B
Java, Flash, Steam htmlcache => 4346 B
Windows/system/drivers => 122478571 B
Edge => 20480 B
Chrome => 0 B
Firefox => 382974610 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 7704832 B
LocalService => 0 B
NetworkService => 12576348 B
Selvi => 1144995007 B
RecycleBin => 446600273 B
EmptyTemp: => 2.5 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 17:33:35 ====
Code:
ATTFilter
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=0c3c013d33aed1468d69d7353004c5f6
# end=init
# utc_time=2017-05-09 03:49:13
# local_time=2017-05-09 05:49:13 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 33325
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=0c3c013d33aed1468d69d7353004c5f6
# end=updated
# utc_time=2017-05-09 03:53:03
# local_time=2017-05-09 05:53:03 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=0c3c013d33aed1468d69d7353004c5f6
# engine=33325
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-05-09 04:11:53
# local_time=2017-05-09 06:11:53 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 1834 25676927 0 0
# scanned=55019
# found=0
# cleaned=0
# scan_time=1128
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-05-2017
durchgeführt von Selvi (Administrator) auf SELVI-PC (09-05-2017 18:21:11)
Gestartet von C:\Users\Selvi\Desktop
Geladene Profile: Selvi (Verfügbare Profile: Selvi)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManager64.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Windows\System32\igfxTray.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenBroker64.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-10-19] (Realtek semiconductor)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [401896 2016-11-05] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2015-01-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2015-01-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [164112 2015-05-16] (IvoSoft)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1487552 2017-04-23] (COMODO)
HKLM\...\Run: [FileOpenBroker] => C:\Program Files\FileOpen\Services\FileOpenBroker64.exe [1566200 2016-03-01] (FileOpen Systems Inc.)
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2045440 2016-07-07] (Eastman Kodak Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-09-09] (Synaptics Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-03-28] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28432392 2017-05-01] (Dropbox, Inc.)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3386576 2017-03-31] (COMODO)
HKLM-x32\...\Run: [EKIJ5000StatusMonitor] => C:\WINDOWS\System32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2045440 2016-07-07] (Eastman Kodak Company)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-05-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2015-01-26]
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 128.176.0.28 128.176.0.30
Tcpip\..\Interfaces\{daa1c4ef-0097-428d-8227-ae1d84ec2e63}: [DhcpNameServer] 128.176.0.28 128.176.0.30
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-453909624-3209935802-3352585122-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.netflix.de/
HKU\S-1-5-21-453909624-3209935802-3352585122-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-453909624-3209935802-3352585122-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-04-02] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-04-02] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-04-02] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-04-02] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-04-02] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: vwrlke5b.default
FF ProfilePath: C:\Users\Selvi\AppData\Roaming\Mozilla\Firefox\Profiles\vwrlke5b.default [2017-05-09]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\vwrlke5b.default -> Ecosia
FF Homepage: Mozilla\Firefox\Profiles\vwrlke5b.default -> hxxps://www.ecosia.org/
FF Extension: (Ecosia — The search engine that plants trees!) - C:\Users\Selvi\AppData\Roaming\Mozilla\Firefox\Profiles\vwrlke5b.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2016-10-14]
FF Extension: (Adblock Plus) - C:\Users\Selvi\AppData\Roaming\Mozilla\Firefox\Profiles\vwrlke5b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-29]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-11-02] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-11-02] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-04-02] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-04-02] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-12] (Nitro PDF)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ChromodoUpdater; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [2304184 2016-04-11] (Comodo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3294920 2017-04-03] (Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10512032 2017-04-23] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-04-23] (COMODO)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-17] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-17] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [48944 2017-05-01] (Dropbox, Inc.)
R2 FileOpenManager; C:\Program Files\FileOpen\Services\FileOpenManager64.exe [380920 2016-03-01] (FileOpen Systems Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-05] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] ()
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [118480 2017-03-31] (COMODO)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-01-26] (Lenovo(beijing) Limited)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872808 2015-12-03] (Maxthon)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-12] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-12] (Nitro PDF Software)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [161072 2013-08-07] (PointGrab LTD)
S4 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [345408 2013-08-07] (PointGrab LTD)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-25] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-09-09] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 CFRMD; C:\WINDOWS\System32\DRIVERS\CFRMD.sys [40224 2015-08-07] (Windows (R) Win 7 DDK provider)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [40960 2017-03-31] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [831504 2017-03-31] (COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-03-31] (COMODO)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-06-08] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-03-22] ()
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230656 2017-02-02] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 INETMON; C:\WINDOWS\System32\Drivers\INETMON.sys [29088 2013-08-13] ()
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [129200 2017-03-31] (COMODO)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-05-07] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-05-09] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-09] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-09] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92096 2017-05-09] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)
R0 mfedisk; C:\WINDOWS\System32\DRIVERS\mfedisk.sys [101872 2015-04-08] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2016-07-16] (Intel Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8876248 2013-10-19] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-06-08] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-09 17:38 - 2017-05-09 17:47 - 00000000 ____D C:\ProgramData\HitmanPro
2017-05-09 17:38 - 2017-05-09 17:38 - 11583584 _____ (SurfRight B.V.) C:\Users\Selvi\Desktop\HitmanPro_x64.exe
2017-05-09 17:30 - 2017-05-09 17:33 - 00022528 _____ C:\Users\Selvi\Desktop\Fixlog.txt
2017-05-07 22:19 - 2017-05-09 17:29 - 00000000 ____D C:\Users\Selvi\Desktop\FRST-OlderVersion
2017-05-07 22:15 - 2017-05-07 22:15 - 00002508 _____ C:\Users\Selvi\Desktop\mbam.txt
2017-05-07 21:38 - 2017-05-09 17:38 - 00092096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-07 21:38 - 2017-05-09 17:34 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-07 21:38 - 2017-05-09 17:34 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-07 21:38 - 2017-05-09 17:34 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-07 21:38 - 2017-05-07 21:38 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-07 21:38 - 2017-05-07 21:38 - 00001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-07 21:38 - 2017-05-07 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-07 21:38 - 2017-03-22 11:02 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-07 21:37 - 2017-05-07 21:37 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-07 21:37 - 2017-05-07 21:37 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-07 21:35 - 2017-05-07 21:37 - 60107896 _____ (Malwarebytes ) C:\Users\Selvi\Desktop\mb3-setup-consumer-3.0.6.1469-10103.exe
2017-05-07 21:32 - 2017-05-07 21:32 - 00566128 _____ (Malwarebytes) C:\Users\Selvi\Desktop\mbam-clean-2.3.0.1001(1).exe
2017-05-07 21:29 - 2017-05-07 21:29 - 00005384 _____ C:\Users\Selvi\Desktop\AdwCleaner[C0].txt
2017-05-07 17:44 - 2017-05-07 17:48 - 00000000 ____D C:\AdwCleaner
2017-05-07 17:44 - 2017-05-07 17:44 - 04102600 _____ C:\Users\Selvi\Desktop\AdwCleaner_6.046.exe
2017-05-07 17:23 - 2017-05-07 17:23 - 00072162 _____ C:\Users\Selvi\Desktop\business-visa-form.pdf
2017-05-05 22:54 - 2017-05-05 22:55 - 00281134 _____ C:\TDSSKiller.3.1.0.15_05.05.2017_22.54.03_log.txt
2017-05-05 22:53 - 2017-05-05 22:53 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Selvi\Desktop\tdsskiller.exe
2017-05-05 18:35 - 2017-05-07 22:22 - 00128017 _____ C:\Users\Selvi\Desktop\Addition.txt
2017-05-05 18:33 - 2017-05-09 18:22 - 00026672 _____ C:\Users\Selvi\Desktop\FRST.txt
2017-05-05 18:32 - 2017-05-09 18:21 - 00000000 ____D C:\FRST
2017-05-05 18:32 - 2017-05-09 17:29 - 02429440 _____ (Farbar) C:\Users\Selvi\Desktop\FRST64.exe
2017-05-03 15:42 - 2017-05-03 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-05-01 16:49 - 2017-05-01 16:49 - 00048944 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-04-25 17:37 - 2017-05-07 17:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-12 17:18 - 2017-03-28 08:05 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-12 17:18 - 2017-03-28 08:04 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-04-12 17:18 - 2017-03-28 08:04 - 02262776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-04-12 17:18 - 2017-03-28 07:59 - 06667520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-12 17:18 - 2017-03-28 07:58 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-04-12 17:18 - 2017-03-28 07:58 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-04-12 17:18 - 2017-03-28 07:58 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-04-12 17:18 - 2017-03-28 07:58 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-04-12 17:18 - 2017-03-28 07:58 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-04-12 17:18 - 2017-03-28 07:58 - 00961192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-12 17:18 - 2017-03-28 07:53 - 01414728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-04-12 17:18 - 2017-03-28 07:24 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-04-12 17:18 - 2017-03-28 07:20 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-04-12 17:18 - 2017-03-28 07:17 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-04-12 17:18 - 2017-03-28 07:11 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-04-12 17:18 - 2017-03-28 07:11 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-04-12 17:17 - 2017-03-28 09:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-04-12 17:17 - 2017-03-28 09:10 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-12 17:17 - 2017-03-28 08:32 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-04-12 17:17 - 2017-03-28 08:29 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-04-12 17:17 - 2017-03-28 08:28 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-04-12 17:17 - 2017-03-28 08:26 - 00218520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2017-04-12 17:17 - 2017-03-28 08:21 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-04-12 17:17 - 2017-03-28 08:20 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-04-12 17:17 - 2017-03-28 08:19 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-04-12 17:17 - 2017-03-28 08:18 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-04-12 17:17 - 2017-03-28 08:15 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-04-12 17:17 - 2017-03-28 08:11 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-04-12 17:17 - 2017-03-28 08:11 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-04-12 17:17 - 2017-03-28 08:10 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-04-12 17:17 - 2017-03-28 08:10 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-04-12 17:17 - 2017-03-28 08:09 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2017-04-12 17:17 - 2017-03-28 08:07 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-04-12 17:17 - 2017-03-28 08:06 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 22221368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 08168512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-04-12 17:17 - 2017-03-28 08:05 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-04-12 17:17 - 2017-03-28 08:04 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-04-12 17:17 - 2017-03-28 08:04 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-04-12 17:17 - 2017-03-28 08:04 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-04-12 17:17 - 2017-03-28 08:04 - 00277344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-04-12 17:17 - 2017-03-28 08:04 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-04-12 17:17 - 2017-03-28 08:04 - 00116568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-04-12 17:17 - 2017-03-28 08:02 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-04-12 17:17 - 2017-03-28 08:02 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-04-12 17:17 - 2017-03-28 08:02 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-04-12 17:17 - 2017-03-28 07:59 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-04-12 17:17 - 2017-03-28 07:59 - 02533728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-04-12 17:17 - 2017-03-28 07:58 - 01851688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-04-12 17:17 - 2017-03-28 07:58 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-04-12 17:17 - 2017-03-28 07:58 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-04-12 17:17 - 2017-03-28 07:53 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-04-12 17:17 - 2017-03-28 07:52 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-04-12 17:17 - 2017-03-28 07:48 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-04-12 17:17 - 2017-03-28 07:42 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-04-12 17:17 - 2017-03-28 07:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-04-12 17:17 - 2017-03-28 07:41 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-04-12 17:17 - 2017-03-28 07:40 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-04-12 17:17 - 2017-03-28 07:40 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2017-04-12 17:17 - 2017-03-28 07:40 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-12 17:17 - 2017-03-28 07:39 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-04-12 17:17 - 2017-03-28 07:39 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-04-12 17:17 - 2017-03-28 07:38 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-04-12 17:17 - 2017-03-28 07:38 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-12 17:17 - 2017-03-28 07:38 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-04-12 17:17 - 2017-03-28 07:37 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apds.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-04-12 17:17 - 2017-03-28 07:37 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-12 17:17 - 2017-03-28 07:36 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsecsnp.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-04-12 17:17 - 2017-03-28 07:36 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys
2017-04-12 17:17 - 2017-03-28 07:35 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-04-12 17:17 - 2017-03-28 07:35 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-04-12 17:17 - 2017-03-28 07:35 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-04-12 17:17 - 2017-03-28 07:35 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-04-12 17:17 - 2017-03-28 07:35 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-04-12 17:17 - 2017-03-28 07:35 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-04-12 17:17 - 2017-03-28 07:34 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-04-12 17:17 - 2017-03-28 07:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-04-12 17:17 - 2017-03-28 07:34 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-04-12 17:17 - 2017-03-28 07:34 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsmsnap.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-04-12 17:17 - 2017-03-28 07:33 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-04-12 17:17 - 2017-03-28 07:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-04-12 17:17 - 2017-03-28 07:32 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-04-12 17:17 - 2017-03-28 07:31 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-04-12 17:17 - 2017-03-28 07:31 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-04-12 17:17 - 2017-03-28 07:31 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-04-12 17:17 - 2017-03-28 07:31 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-04-12 17:17 - 2017-03-28 07:31 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-04-12 17:17 - 2017-03-28 07:30 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-04-12 17:17 - 2017-03-28 07:29 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-04-12 17:17 - 2017-03-28 07:28 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-04-12 17:17 - 2017-03-28 07:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-04-12 17:17 - 2017-03-28 07:27 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-04-12 17:17 - 2017-03-28 07:27 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2017-04-12 17:17 - 2017-03-28 07:27 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-04-12 17:17 - 2017-03-28 07:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-04-12 17:17 - 2017-03-28 07:26 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-04-12 17:17 - 2017-03-28 07:26 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-04-12 17:17 - 2017-03-28 07:26 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-04-12 17:17 - 2017-03-28 07:26 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-04-12 17:17 - 2017-03-28 07:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-04-12 17:17 - 2017-03-28 07:26 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-04-12 17:17 - 2017-03-28 07:25 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-04-12 17:17 - 2017-03-28 07:25 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-04-12 17:17 - 2017-03-28 07:25 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-04-12 17:17 - 2017-03-28 07:25 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-04-12 17:17 - 2017-03-28 07:24 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-04-12 17:17 - 2017-03-28 07:24 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-04-12 17:17 - 2017-03-28 07:24 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-04-12 17:17 - 2017-03-28 07:24 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-04-12 17:17 - 2017-03-28 07:23 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-04-12 17:17 - 2017-03-28 07:23 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-04-12 17:17 - 2017-03-28 07:23 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-04-12 17:17 - 2017-03-28 07:23 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-04-12 17:17 - 2017-03-28 07:22 - 00516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2017-04-12 17:17 - 2017-03-28 07:22 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-04-12 17:17 - 2017-03-28 07:22 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-04-12 17:17 - 2017-03-28 07:22 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2017-04-12 17:17 - 2017-03-28 07:21 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-04-12 17:17 - 2017-03-28 07:21 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-04-12 17:17 - 2017-03-28 07:21 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-04-12 17:17 - 2017-03-28 07:21 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-04-12 17:17 - 2017-03-28 07:20 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-04-12 17:17 - 2017-03-28 07:20 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 07655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-04-12 17:17 - 2017-03-28 07:19 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-04-12 17:17 - 2017-03-28 07:18 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-04-12 17:17 - 2017-03-28 07:18 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-04-12 17:17 - 2017-03-28 07:17 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-04-12 17:17 - 2017-03-28 07:17 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-04-12 17:17 - 2017-03-28 07:17 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-04-12 17:17 - 2017-03-28 07:16 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-04-12 17:17 - 2017-03-28 07:16 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-04-12 17:17 - 2017-03-28 07:16 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-04-12 17:17 - 2017-03-28 07:16 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-04-12 17:17 - 2017-03-28 07:15 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-04-12 17:17 - 2017-03-28 07:15 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-04-12 17:17 - 2017-03-28 07:14 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-04-12 17:17 - 2017-03-28 07:14 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-04-12 17:17 - 2017-03-28 07:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-04-12 17:17 - 2017-03-28 07:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-04-12 17:17 - 2017-03-28 07:12 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-04-12 17:17 - 2017-03-28 07:11 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-04-12 17:17 - 2017-03-28 07:11 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-04-12 17:17 - 2017-03-28 07:11 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-04-12 17:17 - 2017-03-28 07:11 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-04-12 17:17 - 2017-03-28 07:11 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-04-12 17:17 - 2017-03-28 07:11 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-04-12 17:17 - 2017-03-28 07:10 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-04-12 17:17 - 2017-03-28 07:10 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-04-12 17:17 - 2017-03-28 07:10 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-04-12 17:17 - 2017-03-28 07:10 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-04-12 17:17 - 2017-03-28 07:10 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-04-12 17:17 - 2017-03-28 07:10 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-04-12 17:17 - 2017-03-28 07:09 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-04-12 17:17 - 2017-03-28 07:09 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-04-12 17:17 - 2017-03-28 07:09 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-04-12 17:17 - 2017-03-28 07:08 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-12 17:17 - 2017-03-28 07:08 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-04-12 17:17 - 2017-03-28 07:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-04-12 17:17 - 2017-03-28 07:06 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-04-12 17:17 - 2017-03-28 06:48 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-04-12 17:17 - 2017-03-16 06:38 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-04-12 17:16 - 2017-03-28 08:28 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-04-12 17:16 - 2017-03-28 08:26 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-04-12 17:16 - 2017-03-28 08:22 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-12 17:16 - 2017-03-28 08:12 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-04-12 17:16 - 2017-03-28 08:11 - 02187616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-12 17:16 - 2017-03-28 08:11 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-12 17:16 - 2017-03-28 08:11 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-12 17:16 - 2017-03-28 08:10 - 02758648 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-12 17:16 - 2017-03-28 08:10 - 01157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-04-12 17:16 - 2017-03-28 08:04 - 01276760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-12 17:16 - 2017-03-28 08:04 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-04-12 17:16 - 2017-03-28 08:04 - 00160088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-04-12 17:16 - 2017-03-28 08:00 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-04-12 17:16 - 2017-03-28 08:00 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-12 17:16 - 2017-03-28 07:41 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-04-12 17:16 - 2017-03-28 07:38 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-04-12 17:16 - 2017-03-28 07:37 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-12 17:16 - 2017-03-28 07:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll
2017-04-12 17:16 - 2017-03-28 07:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-04-12 17:16 - 2017-03-28 07:36 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-04-12 17:16 - 2017-03-28 07:35 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-04-12 17:16 - 2017-03-28 07:35 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-04-12 17:16 - 2017-03-28 07:34 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-04-12 17:16 - 2017-03-28 07:34 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-04-12 17:16 - 2017-03-28 07:33 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-04-12 17:16 - 2017-03-28 07:33 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-04-12 17:16 - 2017-03-28 07:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-04-12 17:16 - 2017-03-28 07:32 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-04-12 17:16 - 2017-03-28 07:31 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-04-12 17:16 - 2017-03-28 07:31 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-04-12 17:16 - 2017-03-28 07:31 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-04-12 17:16 - 2017-03-28 07:30 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-04-12 17:16 - 2017-03-28 07:30 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-04-12 17:16 - 2017-03-28 07:30 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-04-12 17:16 - 2017-03-28 07:30 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-04-12 17:16 - 2017-03-28 07:30 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2017-04-12 17:16 - 2017-03-28 07:29 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-04-12 17:16 - 2017-03-28 07:29 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-12 17:16 - 2017-03-28 07:29 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-04-12 17:16 - 2017-03-28 07:29 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-04-12 17:16 - 2017-03-28 07:29 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-04-12 17:16 - 2017-03-28 07:29 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-04-12 17:16 - 2017-03-28 07:28 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-04-12 17:16 - 2017-03-28 07:28 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-04-12 17:16 - 2017-03-28 07:28 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-04-12 17:16 - 2017-03-28 07:28 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-04-12 17:16 - 2017-03-28 07:28 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-04-12 17:16 - 2017-03-28 07:27 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-04-12 17:16 - 2017-03-28 07:27 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-04-12 17:16 - 2017-03-28 07:27 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-04-12 17:16 - 2017-03-28 07:26 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-04-12 17:16 - 2017-03-28 07:26 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-04-12 17:16 - 2017-03-28 07:25 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-04-12 17:16 - 2017-03-28 07:25 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-04-12 17:16 - 2017-03-28 07:25 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-12 17:16 - 2017-03-28 07:24 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-12 17:16 - 2017-03-28 07:24 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-04-12 17:16 - 2017-03-28 07:23 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-04-12 17:16 - 2017-03-28 07:23 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-04-12 17:16 - 2017-03-28 07:21 - 23681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-12 17:16 - 2017-03-28 07:21 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-04-12 17:16 - 2017-03-28 07:21 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2017-04-12 17:16 - 2017-03-28 07:20 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-04-12 17:16 - 2017-03-28 07:20 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-12 17:16 - 2017-03-28 07:19 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-04-12 17:16 - 2017-03-28 07:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2017-04-12 17:16 - 2017-03-28 07:18 - 12181504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-12 17:16 - 2017-03-28 07:18 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-12 17:16 - 2017-03-28 07:18 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-04-12 17:16 - 2017-03-28 07:17 - 13087232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-12 17:16 - 2017-03-28 07:17 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-04-12 17:16 - 2017-03-28 07:15 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-04-12 17:16 - 2017-03-28 07:15 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-12 17:16 - 2017-03-28 07:15 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-04-12 17:16 - 2017-03-28 07:15 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-04-12 17:16 - 2017-03-28 07:15 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-04-12 17:16 - 2017-03-28 07:15 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-04-12 17:16 - 2017-03-28 07:14 - 08126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-12 17:16 - 2017-03-28 07:14 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-04-12 17:16 - 2017-03-28 07:14 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-04-12 17:16 - 2017-03-28 07:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-04-12 17:16 - 2017-03-28 07:14 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-12 17:16 - 2017-03-28 07:13 - 06045184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-04-12 17:16 - 2017-03-28 07:13 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-12 17:16 - 2017-03-28 07:13 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-12 17:16 - 2017-03-28 07:13 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-04-12 17:16 - 2017-03-28 07:13 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-04-12 17:16 - 2017-03-28 07:13 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-12 17:16 - 2017-03-28 07:13 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-04-12 17:16 - 2017-03-28 07:12 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-04-12 17:16 - 2017-03-28 07:12 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-04-12 17:16 - 2017-03-28 07:12 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-04-12 17:16 - 2017-03-28 07:12 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-04-12 17:16 - 2017-03-28 07:11 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-04-12 17:16 - 2017-03-28 07:10 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-12 17:16 - 2017-03-28 07:10 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-12 17:16 - 2017-03-28 07:10 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-12 17:16 - 2017-03-28 07:10 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-04-12 17:16 - 2017-03-28 07:10 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-04-12 17:16 - 2017-03-28 07:10 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-04-12 17:16 - 2017-03-28 07:09 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-04-12 17:16 - 2017-03-28 07:09 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-04-12 17:16 - 2017-03-28 07:09 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-04-12 17:16 - 2017-03-28 07:08 - 03612672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-12 17:16 - 2017-03-28 07:08 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-04-12 17:16 - 2017-03-28 07:08 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-12 17:16 - 2017-03-28 07:07 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-04-12 17:16 - 2017-03-28 07:07 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-04-12 17:16 - 2017-03-28 07:07 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2017-04-12 17:16 - 2017-03-28 07:06 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-04-12 17:16 - 2017-03-28 07:06 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-04-12 17:16 - 2017-03-28 07:05 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-12 17:16 - 2017-03-18 18:35 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-04-12 17:15 - 2017-03-28 08:36 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-04-12 17:15 - 2017-03-28 08:36 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-04-12 17:15 - 2017-03-28 08:36 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-04-12 17:15 - 2017-03-28 08:36 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-04-12 17:15 - 2017-03-28 08:36 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-04-12 17:15 - 2017-03-28 08:35 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-12 17:15 - 2017-03-28 08:20 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-04-12 17:15 - 2017-03-28 08:10 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-04-12 17:15 - 2017-03-28 08:10 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-04-12 17:15 - 2017-03-28 08:09 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-04-12 17:15 - 2017-03-28 08:09 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-04-12 17:15 - 2017-03-28 08:09 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-04-12 17:15 - 2017-03-28 08:08 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-04-12 17:15 - 2017-03-28 08:08 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-04-12 17:15 - 2017-03-28 08:08 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-04-12 17:15 - 2017-03-28 08:04 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-04-12 17:15 - 2017-03-28 07:58 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-04-12 17:15 - 2017-03-28 07:44 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-04-12 17:15 - 2017-03-28 07:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-04-12 17:15 - 2017-03-28 07:37 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2017-04-12 17:15 - 2017-03-28 07:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-04-12 17:15 - 2017-03-28 07:36 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-12 17:15 - 2017-03-28 07:35 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-04-12 17:15 - 2017-03-28 07:35 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-04-12 17:15 - 2017-03-28 07:34 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-04-12 17:15 - 2017-03-28 07:34 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-04-12 17:15 - 2017-03-28 07:34 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-04-12 17:15 - 2017-03-28 07:34 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-04-12 17:15 - 2017-03-28 07:33 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-04-12 17:15 - 2017-03-28 07:33 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-04-12 17:15 - 2017-03-28 07:33 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-04-12 17:15 - 2017-03-28 07:33 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-04-12 17:15 - 2017-03-28 07:33 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-04-12 17:15 - 2017-03-28 07:32 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-04-12 17:15 - 2017-03-28 07:32 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-04-12 17:15 - 2017-03-28 07:31 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-04-12 17:15 - 2017-03-28 07:31 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-04-12 17:15 - 2017-03-28 07:31 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-04-12 17:15 - 2017-03-28 07:30 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-04-12 17:15 - 2017-03-28 07:30 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-04-12 17:15 - 2017-03-28 07:30 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-04-12 17:15 - 2017-03-28 07:29 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-04-12 17:15 - 2017-03-28 07:28 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-04-12 17:15 - 2017-03-28 07:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-04-12 17:15 - 2017-03-28 07:27 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-04-12 17:15 - 2017-03-28 07:27 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2017-04-12 17:15 - 2017-03-28 07:27 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-04-12 17:15 - 2017-03-28 07:26 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-04-12 17:15 - 2017-03-28 07:25 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-04-12 17:15 - 2017-03-28 07:25 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-04-12 17:15 - 2017-03-28 07:25 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-04-12 17:15 - 2017-03-28 07:24 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-04-12 17:15 - 2017-03-28 07:23 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-04-12 17:15 - 2017-03-28 07:23 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-04-12 17:15 - 2017-03-28 07:19 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-04-12 17:15 - 2017-03-28 07:17 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-04-12 17:15 - 2017-03-28 07:17 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-04-12 17:15 - 2017-03-28 07:16 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-04-12 17:15 - 2017-03-28 07:16 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-04-12 17:15 - 2017-03-28 07:15 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-04-12 17:15 - 2017-03-28 07:14 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-04-12 17:15 - 2017-03-28 07:14 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-04-12 17:15 - 2017-03-28 07:14 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-04-12 17:15 - 2017-03-28 07:13 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-04-12 17:15 - 2017-03-28 07:12 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-04-12 17:15 - 2017-03-28 07:11 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-04-12 17:15 - 2017-03-28 07:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-04-12 17:15 - 2017-03-28 07:09 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-04-12 17:15 - 2017-03-28 07:09 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-04-12 17:15 - 2017-03-28 07:08 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-04-12 17:15 - 2017-03-18 18:50 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-04-12 17:15 - 2017-03-16 06:47 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-04-12 11:52 - 2017-04-25 17:35 - 00002256 _____ C:\Users\Public\Desktop\COMODO Firewall 10.lnk
2017-04-12 08:31 - 2017-04-23 00:28 - 00230592 _____ (COMODO) C:\WINDOWS\system32\cmdshim64.dll
2017-04-12 08:31 - 2017-04-23 00:26 - 00194752 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdshim32.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-09 17:43 - 2016-11-04 19:32 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-09 17:36 - 2016-12-02 19:05 - 00000000 ____D C:\Users\Selvi\AppData\LocalLow\Mozilla
2017-05-09 17:35 - 2016-11-04 19:37 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-09 17:35 - 2015-09-09 23:33 - 00000000 __SHD C:\Users\Selvi\IntelGraphicsProfiles
2017-05-09 17:34 - 2016-11-04 20:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-09 17:34 - 2015-06-17 21:52 - 00000000 ____D C:\ProgramData\Kodak
2017-05-09 17:33 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-09 17:32 - 2015-06-06 20:28 - 00000000 ____D C:\Users\Selvi\AppData\Local\Packages
2017-05-09 17:28 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-09 17:28 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-09 17:27 - 2015-11-05 23:37 - 00000000 ____D C:\Users\Selvi\Documents\Outlook-Dateien
2017-05-09 10:42 - 2015-07-20 17:31 - 00000000 ____D C:\Users\Selvi\AppData\Roaming\Nitro PDF
2017-05-08 19:17 - 2017-03-01 17:08 - 00011400 _____ C:\Users\Selvi\Desktop\Lernplan.xlsx
2017-05-07 22:28 - 2015-08-18 12:22 - 00000000 ____D C:\Users\Selvi\Desktop\Ref
2017-05-07 22:09 - 2016-11-04 20:07 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-05-07 17:54 - 2016-07-17 00:51 - 01406972 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-07 17:54 - 2016-07-17 00:51 - 00361338 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-07 17:54 - 2015-09-09 21:12 - 02979870 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-07 17:50 - 2015-06-07 11:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-05 18:36 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-05-05 17:27 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-05 17:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-04 12:11 - 2017-03-28 08:48 - 00000000 ____D C:\Users\Selvi\Desktop\Unterlagen Daniel
2017-05-04 12:06 - 2015-08-14 22:22 - 00000000 ____D C:\Users\Selvi\AppData\Local\Spotify
2017-05-04 12:06 - 2015-08-14 22:21 - 00000000 ____D C:\Users\Selvi\AppData\Roaming\Spotify
2017-05-03 15:42 - 2015-06-11 11:05 - 00000000 ___RD C:\Users\Selvi\Dropbox
2017-05-03 15:42 - 2015-06-11 11:02 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-04-26 22:04 - 2015-08-10 15:27 - 00007926 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2017-04-23 00:31 - 2015-04-01 18:48 - 00051808 _____ (COMODO) C:\WINDOWS\system32\cmdcsr.dll
2017-04-23 00:30 - 2015-04-01 18:48 - 00942792 _____ (COMODO) C:\WINDOWS\system32\guard64.dll
2017-04-23 00:30 - 2015-04-01 18:48 - 00733456 _____ (COMODO) C:\WINDOWS\SysWOW64\guard32.dll
2017-04-23 00:28 - 2015-04-01 18:47 - 00457408 _____ (COMODO) C:\WINDOWS\system32\cmdvrt64.dll
2017-04-23 00:26 - 2015-04-01 18:45 - 00363200 _____ (COMODO) C:\WINDOWS\SysWOW64\cmdvrt32.dll
2017-04-22 19:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2017-04-19 11:16 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-04-19 09:03 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-04-19 09:01 - 2015-01-26 03:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-04-18 10:40 - 2016-12-18 19:35 - 00003276 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-18 10:39 - 2015-09-09 23:36 - 00002433 _____ C:\Users\Selvi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-18 10:39 - 2015-06-06 20:34 - 00000000 __RDO C:\Users\Selvi\OneDrive
2017-04-13 22:12 - 2015-06-17 11:02 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-04-13 09:16 - 2015-06-07 03:21 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-13 09:15 - 2016-11-04 19:41 - 00000000 ____D C:\Users\Selvi
2017-04-13 09:00 - 2016-11-04 19:31 - 00355608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-13 08:56 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-13 08:56 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-04-12 23:16 - 2015-06-08 00:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-12 23:11 - 2015-06-08 00:05 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-12 08:36 - 2016-11-04 20:07 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2017-04-12 08:34 - 2015-06-06 21:29 - 00000000 ____D C:\Users\Selvi\AppData\Local\ClassicShell
2017-04-12 08:31 - 2016-11-04 20:08 - 00003140 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-09-18 19:45 - 2016-10-13 15:55 - 0285510 _____ () C:\Program Files (x86)\lizenzvertrag.pdf
2016-04-14 10:33 - 2016-04-14 10:34 - 0016084 _____ () C:\Users\Selvi\AppData\Local\clear.log
2016-04-14 11:41 - 2016-04-14 11:41 - 0000236 _____ () C:\Users\Selvi\AppData\Local\LaunchHomeCenter.log
2015-12-18 19:58 - 2015-12-18 19:58 - 0000000 _____ () C:\Users\Selvi\AppData\Local\{A0359E3F-99E8-48D5-A237-82810DA8B900}
2015-12-18 20:04 - 2015-12-18 20:04 - 0000000 _____ () C:\Users\Selvi\AppData\Local\{BB34A00B-2C5B-4C00-9298-0DE81EC8170A}
2015-12-21 18:49 - 2015-12-21 18:49 - 0000000 _____ () C:\Users\Selvi\AppData\Local\{EF70DC41-1585-486E-BFB5-C6A6B2553D3B}
2016-11-04 19:36 - 2016-11-04 19:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-04 14:08
==================== Ende von FRST.txt ============================
|
|
09.05.2017, 17:26
| #14 |
| | WEB.de E-Mail-Account: Mail delivery failed Nachrichten, obwohl ich selber keine E-Mails geschrieben habe Logdatei Addition.txt Teil 1 Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-05-2017
durchgeführt von Selvi (09-05-2017 18:22:50)
Gestartet von C:\Users\Selvi\Desktop
Windows 10 Home Version 1607 (X64) (2016-11-04 18:13:02)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-453909624-3209935802-3352585122-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-453909624-3209935802-3352585122-503 - Limited - Disabled)
Gast (S-1-5-21-453909624-3209935802-3352585122-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-453909624-3209935802-3352585122-1003 - Limited - Enabled)
Selvi (S-1-5-21-453909624-3209935802-3352585122-1001 - Administrator - Enabled) => C:\Users\Selvi
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.20) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
Anki (HKLM-x32\...\Anki) (Version: - )
Benutzerhandbücher (x32 Version: 3.0.0.3 - Lenovo) Hidden
C4USelfUpdater (x32 Version: 1.00.0000 - Your Company Name) Hidden
Chromodo (HKLM-x32\...\Chromodo) (Version: 48.12.18.254 - Comodo)
Classic Shell (HKLM\...\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}) (Version: 4.2.1 - IvoSoft)
COMODO Firewall (HKLM\...\{73830292-868E-4C82-9AF5-CCFE2047B6A3}) (Version: 10.0.1.6223 - COMODO Security Solutions Inc.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 25.4.28 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.5.20601 - Landesfinanzdirektion Thüringen)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.32 - Lenovo)
Energy Manager (x32 Version: 1.0.0.32 - Lenovo) Hidden
essentials (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
FileOpen Client B969 (HKLM\...\FileOpenClient_is1) (Version: B969 - FileOpen Systems, Inc.)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{8B4EA042-9E21-46FB-8286-225F4D51CC52}) (Version: 4.2.41.2710 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{b9007812-6a61-4dfc-8a0c-4c726c7dc43f}) (Version: 17.0.1 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.1.413499.43 - Comodo)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{A7B68D5F-A468-493F-AD3D-625001293E19}) (Version: 2.0.0.0807 - Ihr Firmenname)
Lenovo Motion Control (x32 Version: 2.0.0.0807 - Ihr Firmenname) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo Photo Master (x32 Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.1.3000 - Maxthon International Limited)
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: - )
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7369.2127 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-453909624-3209935802-3352585122-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 53.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 de)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.2.6333 - Mozilla)
Nitro Pro 9 (HKLM\...\{4C32F7E8-A65F-4D3C-9153-9F3B57CB6872}) (Version: 9.0.5.9 - Nitro)
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7369.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7369.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7369.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7369.2127 - Microsoft Corporation) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7133 - Realtek Semiconductor Corp.)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-453909624-3209935802-3352585122-1001\...\Spotify) (Version: 1.0.47.13.gd8e05b1f - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0415E40A-0BF0-4EBF-B86C-B93E132421EE} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-23] (COMODO)
Task: {1FD70C55-96E8-4153-93A9-061A25DEA311} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {412BF28B-AA9E-4731-B0C8-017F3F775ED4} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {511D110D-0F01-43F9-929E-965D70AE91D8} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2014-07-31] (Maxthon International ltd.)
Task: {56DA2173-AFA1-450A-A178-6D8396056013} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] ()
Task: {6892257B-F709-4145-8298-AE3457DF6566} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {68C321D3-599C-4F73-BA68-E66EDAC8DF05} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-03] (Microsoft Corporation)
Task: {7A0A4FFF-177A-4538-96DD-460319E5E44C} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {7B9BAA7A-2B49-4B3A-A64E-607902BF68F9} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-23] (COMODO)
Task: {7DC58543-A034-4E3B-9DB6-46BFB86BFC46} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Selvi\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {970C4222-CE49-4DE3-9893-882709250672} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-17] (Dropbox, Inc.)
Task: {AB401EE7-0F94-4ABC-BE37-EFAA1CFECADA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-04-03] (Microsoft Corporation)
Task: {BBC84000-857E-4266-ACDF-47BF38A0733F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-04-04] (Microsoft Corporation)
Task: {BE40754E-FBB7-43DB-9BDF-6FB53CCC826D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {C6267AD8-DD18-43BD-91BD-5E6D3CFB77D2} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {D21325B7-E8A1-45D0-AFED-211F5223FEA0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-04-04] (Microsoft Corporation)
Task: {E6DC53C2-E80A-4F61-BD13-2BA7228EFF7F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-17] (Dropbox, Inc.)
Task: {F0A66EE3-9411-480A-9E8A-AC6B955C9FC6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-04-04] (Microsoft Corporation)
Task: {F4830ECB-2621-432D-8DD8-CDE2ECAAF893} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {FC1B9B7D-9F6C-4F2B-A0BC-40133EBE6D84} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {FEDA3E07-44AA-4212-986C-AE1848A6331F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-02] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job =>
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-12 17:16 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-12 08:31 - 2017-04-23 00:28 - 00156352 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
2015-04-01 18:46 - 2017-04-23 00:27 - 00107200 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2015-04-01 18:46 - 2017-04-23 00:27 - 00244928 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2013-12-04 09:44 - 2013-12-04 09:44 - 00200168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-12-04 09:44 - 2013-12-04 09:44 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-12-04 09:44 - 2013-12-04 09:44 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2015-01-26 03:43 - 2012-04-25 04:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2017-05-07 21:38 - 2017-03-22 10:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-05-07 21:38 - 2017-03-23 19:40 - 02267600 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-04-12 17:16 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-11-04 19:23 - 2016-11-04 19:23 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-16 18:36 - 2017-03-16 18:36 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-16 18:37 - 2017-03-16 18:37 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-16 18:37 - 2017-03-16 18:37 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-16 18:37 - 2017-03-16 18:37 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-12 17:16 - 2017-03-28 07:07 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-04-12 17:16 - 2017-03-28 07:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-12 17:16 - 2017-03-28 07:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-05-09 17:27 - 2017-05-09 17:28 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-09 17:27 - 2017-05-09 17:28 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-09 17:27 - 2017-05-09 17:28 - 43195904 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-09 17:27 - 2017-05-09 17:28 - 02457088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
2016-05-27 15:50 - 2016-11-05 20:11 - 00401896 _____ () C:\Windows\System32\igfxTray.exe
2017-04-17 10:20 - 2017-04-13 01:50 - 00018904 _____ () C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
2017-05-03 15:42 - 2017-05-01 16:44 - 00870720 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-04-17 10:20 - 2017-04-13 01:43 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-04-17 10:20 - 2017-04-13 01:43 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-04-17 10:20 - 2017-04-13 01:43 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-04-17 10:20 - 2017-05-01 16:48 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-04-17 10:20 - 2017-04-13 01:44 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-04-17 10:20 - 2017-04-13 01:43 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-05-03 15:42 - 2017-04-13 01:43 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-05-03 15:42 - 2017-04-13 01:44 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-05-03 15:42 - 2017-04-13 01:43 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-04-17 10:20 - 2017-04-13 01:46 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-05-03 15:42 - 2017-04-13 01:43 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-05-03 15:42 - 2017-04-13 01:46 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-04-17 10:20 - 2017-04-13 01:45 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-04-17 10:20 - 2017-04-13 01:44 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-04-17 10:20 - 2017-04-13 01:46 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-05-03 15:42 - 2017-04-13 01:37 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-05-03 15:42 - 2017-05-01 16:48 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-05-03 15:42 - 2017-03-22 03:42 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-05-03 15:42 - 2017-05-01 16:48 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-04-17 10:20 - 2017-05-01 16:49 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-05-03 15:42 - 2017-04-13 01:50 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-05-03 15:42 - 2017-04-13 01:50 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-05-03 15:42 - 2017-05-01 16:48 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-04-17 10:20 - 2017-05-01 16:49 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.pyd
2017-05-03 15:42 - 2017-05-01 16:48 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2015-01-26 02:58 - 2013-09-04 17:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\WINDOWS\explorer.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\regedit.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\splwow64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\accountaccessor.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aclui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ActionCenter.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ActionCenterCPL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ActivationManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ActiveSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aepic.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\aitstatic.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppCapture.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\appinfo.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ApplicationFrame.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppointmentApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppReadiness.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\appwiz.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppXApplicabilityBlob.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AppxPackaging.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AudioEndpointBuilder.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AudioEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AudioSes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\audiosrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AudioSrvPolicyManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\AuthHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\authui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\autoplay.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BackgroundMediaPolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\basecsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bcastdvr.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BcastDVRHelper.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bcdedit.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bcrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bdesvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bdeui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bdeunlock.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\BingMaps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bisrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BitLockerDeviceEncryption.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\biwinrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BluetoothApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BluetoothDesktopHandlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BootMenuUX.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\bootux.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\browserbroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BrowserSettingSync.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BthRadioMedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CameraCaptureUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpusersvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cemapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\certprop.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CfgSPCellular.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\chartv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ChatApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ci.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ClipUp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cloudAP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CloudBackupSettings.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CloudStorageWizard.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\clusapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cmifw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cmintegrator.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\combase.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\comdlg32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\common_clang64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CompatTelRunner.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ConsoleLogon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ContactApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CredProvDataModel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\credprovhost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\credprovs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\credprovslegacy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\crypt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cryptngc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CspCellularSettings.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3d10warp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3d11.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\D3D12.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\d3d9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dab.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dafBth.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DafPrintProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DataExchange.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DataSenseHandlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DavSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\daxexec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dbgeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dcntel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ddraw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ddrawex.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DeviceCensus.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DeviceCenter.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DeviceEnroller.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DeviceFlows.DataModel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DevicePairing.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DevicePairingFolder.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DeviceReactivation.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dhcpcore6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dialclient.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dialserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\difx64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\discan.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Display.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dmenrollengine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DMRServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dnsapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dnsrslvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DolbyDecMFT.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\domgmt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dpapisrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyAppv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\drvstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dsreg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dsregcmd.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DuCsps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dui70.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\dwmcore.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\DWrite.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\dxgi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DXP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EAMProgressHandler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\easwrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EditBufferTestHook.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EditionUpgradeHelper.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EditionUpgradeManagerObj.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EDPCleanup.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\efsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EKIJ5000MON.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EKIJCOINST09.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EncDec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\energy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EnterpriseAPNCsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ErrorDetailsUpdate.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\esent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\esentutl.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ExplorerFrame.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ExSMime.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\facecredentialprovider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Family.Authentication.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ffbroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fhcfg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fhcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fhsettingsprovider.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\FntCache.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fontext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FrameServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FSClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fveapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fveapibase.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fvecpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fvenotify.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fveui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\fvewiz.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\GamePanelExternalHook.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\gameux.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\gdi32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\GdiPlus.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\generaltel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GfxResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GfxUIEx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv4_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GlobCollationHost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\gpapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\gpsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hal.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hevcdecoder.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hgcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hpovst11.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hppldcoi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hpwtiop4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hpwwiax5.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\HttpsDataSource.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hvloader.efi:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\hvloader.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\ibtproppage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\icfupgd.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\icm32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\icsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\icsvcext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IdCtrls.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iepeers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ieproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ig75icd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10idpp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10iumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd11dxva64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd12umd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdail64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdbcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdde64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\igdfcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdrcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdumdim64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdusc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfx11cmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmjit64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v4531.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCPL.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIServicePS.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDH.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDTCM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxexps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxext.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxOSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDK.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhcp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhsip64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\imapi2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\imapi2fs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ImplatSetup.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\inetcomm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\input.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\InputLocaleManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\InputService.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelCpHDCPSvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelOpenCL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCComp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\internetmail.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IPHLPAPI.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iphlpsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ipnathlp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iprtrmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iscsiwmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\JpMapControl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\jscript9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KnobsCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\KnobsCsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\LaunchWinApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ListSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\LocationFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\LockAppBroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\LockAppHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\LogonController.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\lpremove.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\lsasrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\lsm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\main.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\manage-bde.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MapConfiguration.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MapControlCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MapGeocoder.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\MapRouter.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MapsBtSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MapsStore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MCCSEngineShared.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MDMAppInstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mdmregistration.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfaudiocnv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MFCaptureEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfds.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfksproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfmkvsrcsnk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfnetsrc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MFPlay.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfreadwrite.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfsensorgroup.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mfsvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\microsoft-windows-system-events.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\migisol.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mispace.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mmc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MMDevAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\modernexecserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\moshost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\moshostcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MosStorage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mprapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mprddm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mprdim.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MPSSVC.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MrmCoreR.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MSAC3ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MSAudDecMFT.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mscandui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msctf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msctfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msctfui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msdtcprx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msdtcuiu.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msftedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msinfo32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mspaint.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MSPhotography.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mssitlb.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mssph.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mssphtb.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mssrch.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\mssvp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\mstsc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msutb.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msv1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MSVidCtl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MSVideoDSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msvproc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MSVPXENC.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\msxml3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MultiDigiMon.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ncsi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\netiohlp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\netiougc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\netplwiz.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\NetSetupApi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetSetupEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetSetupShim.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetSetupSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\netshell.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nettrace.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\NetworkCollectionAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetworkDesktopSettings.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetworkMobileSettings.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NetworkUXBroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NfcRadioMedia.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ngccredprov.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NgcCtnr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NgcCtnrGidsHandler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NgcCtnrSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ngcsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nlasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nltest.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NMAA.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NotificationController.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NPSM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nshwfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ntshrui.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\offlinesam.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\offreg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OnDemandConnRouteHelper.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OpenCL.DLL:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\pcasvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PCPTpm12.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\pdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PhotoScreensaver.scr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PimIndexMaintenance.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Pimstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\pnidui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\policymanager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\powercfg.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PrintDialogs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PrintDialogs3D.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PrintRenderAPIHost.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PrintWSDAHost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\profsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\provengine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\provops.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ProvPluginEng.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ProvSysprep.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\PsmServiceExtHost.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\puiapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\pwrshplugin.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\qmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RADCUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\rasapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\rascustom.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\rasgcw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\rasmans.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\rdpcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ReAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ReAgentc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RelPost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\remoteaudioendpoint.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RemoteNaturalLanguage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ReportingCSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\reseteng.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ResetEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\resutils.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RjvMDMConfig.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RMapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\rshx32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkGuiCompLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTWorkQ.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\samsrv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ScDeviceEnum.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\scksp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sdengin2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sdshext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SearchFilterHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SearchFolder.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SearchIndexer.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SearchProtocolHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SecConfig.efi:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\securekernel.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\sendmail.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Sens.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SensorDataService.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SensorService.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\services.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SessEnv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_Flights.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingSync.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SettingSyncHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\setupugc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SHCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\shdocvw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\shutdownux.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\skci.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\smphost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SndVolSSO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SpaceAgent.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SpaceControl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\spaceman.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SpeechPal.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\spoolsv.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sppcext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sppnp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sppsvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sppwinob.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SRH.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SRHInproc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sspicli.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\stobject.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\storagewmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\StorSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\StructuredQuery.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\sud.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SyncCenter.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\systemreset.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SystemSettings.Handlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Tabbtn.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tabcal.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\TabletPC.cpl:$CmdTcID [32]
AlternateDataStreams: C:\WINDOWS\system32\tapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\taskbarcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tbauth.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\TextInputFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\themecpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\thumbcache.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\timedate.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\TokenBrokerCookies.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\TpmCoreProvisioning.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\TpmTasks.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tquery.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\TSpkg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\twinapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\twinui.appcore.dll:$CmdTcID [64]
|
|
09.05.2017, 17:29
| #15 |
| | WEB.de E-Mail-Account: Mail delivery failed Nachrichten, obwohl ich selber keine E-Mails geschrieben habe Logdatei Addition.txt Teil 2 Code:
ATTFilter AlternateDataStreams: C:\WINDOWS\system32\twinui.pcshell.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tzautoupdate.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ubpm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\uDWM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UIAnimation.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UIAutomationCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UIRibbon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\umpoext.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Unistore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\uReFS.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usbmon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usercpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UserDataService.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UserLanguagesCpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usermgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\usoapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\VCardParser.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vds.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\VEStoreEventHandlers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vmrdvcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vpnike.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\VPNv2CSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vssapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\VSSVC.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wbengine.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\wbiosrvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wcmsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wcnwiz.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wc_storage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\webio.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\werconcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\weretw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\werui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wevtsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wfdprov.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wifinetworkmanager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wifitask.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\win32k.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\win32spl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wincorlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Cortana.Desktop.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Cortana.OneCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Energy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Networking.HostName.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Networking.Vpn.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.StateRepository.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.Storage.Search.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.BioFeedback.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.CredDialogController.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Immersive.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Logon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Shell.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Xaml.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winhttp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wininetlui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winload.efi:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winload.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winlogon.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winresume.efi:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winresume.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WinSCard.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WinSetupUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\winspool.drv:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\wintrust.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wkssvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlanapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlancfg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WlanMediaManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlansec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlansvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlanui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlidprov.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wlidsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WMPDMC.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wmpdxm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wmpeffects.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wmpshell.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WMVDECOD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WordBreakers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WorkFolders.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WorkfoldersControl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WorkFoldersGPExt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WorkFoldersShell.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\workfolderssvc.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\wow64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Wpc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WpcMon.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WpcRefreshTask.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WpcTok.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wpncore.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\wpnprv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wpx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wscinterop.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wscsvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wsecedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WsmSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wsp_fs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wsp_health.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wsp_sr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wups.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WWAHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WWanAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wwanconn.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wwanmm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\wwansvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XblAuthManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XblGameSaveExt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XboxNetApiSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\XInputUap.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\zipfldr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\accountaccessor.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aclui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ActionCenterCPL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ActivationManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\adsmsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\aepic.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AppCapture.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AppointmentApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\appwiz.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AppxPackaging.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AUDIOKSE.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AuthExt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\authui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\autoplay.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\azroleui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BackgroundMediaPolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\basecsp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BcastDVRHelper.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\bcrypt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BingMaps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\biwinrt.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BluetoothApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BrowserSettingSync.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CameraCaptureUI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\cemapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Chakradiag.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\chartv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ChatApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ClipboardServer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CloudBackupSettings.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CloudStorageWizard.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\clusapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\cmifw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\combase.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\comctl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\comdlg32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\common_clang32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\comsvcs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ContactApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\CPFilters.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\credprovhost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\credprovs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\credprovslegacy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\crypt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\cryptngc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\cryptui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d2d1.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3d10warp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3d11.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3D12.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3d8.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3d9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DafPrintProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DataExchange.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DavSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\daxexec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dbgeng.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ddraw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ddrawex.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\devenum.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DevicePairing.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dhcpcore6.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dnsapi.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DolbyDecMFT.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\drvstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dsreg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dtdump.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dwmapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dwmcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\DWrite.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\dxgi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\EditBufferTestHook.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\efsext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\EmailApis.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\esent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\esentutl.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\evr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\explorer.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ExplorerFrame.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\findnetprinters.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\fontext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\FSClient.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GamePanelExternalHook.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\gameux.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\gdi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GdiPlus.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\GlobCollationHost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\gpapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\hevcdecoder.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\hgcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\icm32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iepeers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ig75icd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10idpp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10iumd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd11dxva32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd12umd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdail32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdbcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdde32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdfcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdrcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdumdim32.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdusc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfx11cmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmjit32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxexps32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhcp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhsip32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\imapi2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\imapi2fs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\inetcomm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\input.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\InputLocaleManager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelOpenCL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IPHLPAPI.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iprtrmgr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iscsiwmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ise_installer.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\JpMapControl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\jscript9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\jscript9diag.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LaunchWinApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LicenseManagerApi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LockAppBroker.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LockAppHost.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\LogonController.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\main.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MapConfiguration.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MapControlCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MapGeocoder.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MapRouter.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MapsBtSvc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MCCSEngineShared.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mdmregistration.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfaudiocnv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfds.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfksproxy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfplat.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MFPlay.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfreadwrite.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfsensorgroup.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfsvr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\migisol.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mispace.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mmc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MMDevAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MosStorage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mprapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mprddm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mprdim.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MrmCoreR.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MSAC3ENC.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mscandui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mscms.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msctf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msctfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msctfui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msdtcuiu.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msftedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msinfo32.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msmpeg2vdec.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MSPhotography.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mssitlb.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mssph.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mssphtb.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mssrch.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mssvp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msutb.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msv1_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MSVidCtl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MSVP9DEC.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msvproc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\MSVPXENC.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msxml3.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mtxclu.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\netiohlp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\netiougc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NetSetupApi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NetSetupEngine.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NetSetupShim.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NetworkCollectionAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ngccredprov.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NMAA.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NPSM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nshwfp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ntdll.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ntshrui.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\offlinesam.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\offreg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OneDriveSetup.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\OpenCL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PCPTpm12.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\pdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PhotoScreensaver.scr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Pimstore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\policymanager.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\poqexec.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\powercfg.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PrintDialogs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ProximityCommon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\puiapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\puiobj.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\pwrshplugin.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\rasapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\rasgcw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\rdpcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\rdpencom.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ReAgent.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ReAgentc.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\regedit.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\resutils.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RTWorkQ.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\schannel.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\scksp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SearchFilterHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SearchFolder.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SearchIndexer.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SearchProtocolHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\sendmail.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SessEnv.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSync.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SettingSyncHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\setupugc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SHCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\smphost.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SndVolSSO.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\sppcext.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\sspicli.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\stobject.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\storagewmi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\sud.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\systemcpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\tapi32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\tbauth.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\tcpipcfg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\tdh.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TempSignedLicenseExchangeTask.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TextInputFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\themecpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\thumbcache.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\tquery.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\tsmf.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TSpkg.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\twinapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\twinui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\UIAnimation.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\UIAutomationCore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\UIRibbon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Unistore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\uReFS.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\user32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\usercpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vbscript.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\VCardParser.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vssapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wcnwiz.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\webio.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\weretw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wfdprov.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\win32k.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wincorlib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Energy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Gaming.UI.GameBar.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.StateRepository.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Search.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\winhttp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wininetlui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\winmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WinSCard.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\winspool.drv:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wintrust.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wlanapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wlancfg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wlanui.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wlidprov.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wmp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WMPDMC.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wmpdxm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wmpeffects.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wmpmde.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wmpshell.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WMVSENCD.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WordBreakers.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Wpc.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WPDShServiceObj.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ws2_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wscinterop.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wsecedit.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WsmWmiPl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wsp_fs.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wsp_health.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\wsp_sr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WWAHost.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\WWanAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\XInputUap.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xolehlp.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\zipfldr.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\afd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ahcache.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bowser.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\BthLEEnum.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bthpan.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bthport.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\capimg.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\CFRMD.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Classpnp.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\clfs.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\cmimcext.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\crashdmp.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dam.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dfsc.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dumpsd.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\dxgmms2.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\fastfat.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\fvevol.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hidclass.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\http.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\hvsocket.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ibtusb.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\igdkmd64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\iorate.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IPMIDrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\kbdhid.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ks.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\MegaSas2i.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\modem.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxdav.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxsmb.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxsmb10.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mrxsmb20.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mskssrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ntfs.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nwifi.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\partmgr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\pci.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\pdc.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rdbss.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sdbus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\spaceport.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\srv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\srv2.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssudbus.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ssudmdm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\storahci.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\stornvme.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\storport.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tcpipreg.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tdx.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tpm.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbscan.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vhdmp.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vmbkmcl.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vmbkmclr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\vpci.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wcifs.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\WdiWiFi.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\winhvr.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\xboxgip.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Selvi\Desktop\aio_install(1).exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Selvi\Desktop\aio_install(1).exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Selvi\Desktop\ElsterFormular-17.4.37.20160609p.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Selvi\Desktop\ElsterFormular-17.4.37.20160609p.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Selvi\Desktop\FileOpenInstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Selvi\Desktop\FileOpenInstaller.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Selvi\Desktop\OneDriveSetup.exe:$CmdTcID [130]
AlternateDataStreams: C:\Users\Selvi\Desktop\OneDriveSetup.exe:$CmdZnID [26]
AlternateDataStreams: C:\Users\Selvi\Downloads\SpotifySetup_1.0.11.134.exe:$CmdTcID [64]
AlternateDataStreams: C:\Users\Selvi\Documents\514984_Con_gusto_A1_Loesungen_EB.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Selvi\Documents\514984_Con_gusto_A1_Loesungen_EB.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Selvi\Documents\freebie_ordneretiketten_dotsandstripesde.pdf:$CmdTcID [64]
AlternateDataStreams: C:\Users\Selvi\Documents\freebie_ordneretiketten_dotsandstripesde.pdf:$CmdZnID [26]
AlternateDataStreams: C:\Users\Selvi\Documents\kleines-Rezeptpaket-schnelle-rezepte-on-the-run.pdf:$CmdZnID [26]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-453909624-3209935802-3352585122-1001\...\sharepoint.com -> hxxps://umuenster-files.sharepoint.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2015-08-06 20:54 - 00000826 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-453909624-3209935802-3352585122-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Selvi\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img9.jpg
DNS Servers: 128.176.0.28 - 128.176.0.30
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{C26461E9-3139-463D-A858-D618E9455F6B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{1BA9EFFA-47BE-4265-A7EF-E4E69578A699}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{2DC121A1-1287-487F-BCE6-61CF64A62940}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{8BFAF11C-95EB-43A2-9EC4-F38552E0E128}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{7DBD37D6-9576-42D3-9E62-47B3505A8C6F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{21CCFA82-C52B-49DB-9D91-AB49D25EC881}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{4020BB82-4C31-4844-8CA1-8D2EB928E89B}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{4F251087-CCCE-4422-A60A-D8099B34832A}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{656CD836-1500-41B6-B2BF-8589F95F5949}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{764CDA3D-52DA-4BB6-9D55-9C2F36C3FAA6}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{3CFD7C84-560E-4467-9654-E7980FD10FAD}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{105C79DE-E043-4DDB-9384-F8D42FE80346}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{46D6702A-A31F-4C84-AD1E-588559D559BA}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{C38E2627-AE7D-4AD7-BC51-C73BDBC52988}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{58FF3BB1-9AB5-435E-9997-793E3AB0F1A2}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [UDP Query User{89007AA3-0868-43DB-B246-C2A0BDEF564F}C:\users\selvi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\selvi\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{39D79BAC-0637-4A93-9563-3DCB3F76BB94}C:\users\selvi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\selvi\appdata\roaming\spotify\spotify.exe
FirewallRules: [{73D1A40B-3492-4A0F-AEB0-86F20BA38EDF}] => (Allow) LPort=5353
FirewallRules: [{F1A0269C-BB46-4BDD-B5AF-AEAB38865041}] => (Allow) LPort=9322
FirewallRules: [{EA2DEC50-059D-4112-8093-4CB0B4DC7711}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{C7E64231-E5F7-4936-8228-DC1C80EAE0A4}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{9618F554-ED0C-43B6-973A-FF42A26405A2}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{55387B8A-6E86-4A45-9BE1-B75AB30CB580}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{A7E62EB4-A4C3-43DB-8DDA-1A4611CCFA62}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{1E74D4B0-E097-46FE-BEED-A9955B7AE3BF}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{94169512-6385-420D-868E-8F38DA334497}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{6BA3CD82-A010-45D7-95A3-363068D053AC}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{D2571A98-E903-4911-8EFF-F68F4B37AEC7}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{FBEFD6CB-96CD-41F9-9468-A54BE50D5B4D}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{5A35CBCA-930C-4E45-8333-5B53D1916ED6}] => (Allow) LPort=5353
FirewallRules: [{6793377C-DE0C-4449-906B-8F570FB8B037}] => (Allow) LPort=9322
FirewallRules: [{077F5A76-0634-40F2-B529-D889624E404A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{336E698C-7EDF-4435-B18F-B4D0349F9ACC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{592286F8-6891-4B24-A4A3-FE8D6C83E9AA}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{5A2EB6A4-2117-4340-B7B4-C19032C0B8DC}] => (Allow) LPort=55100
FirewallRules: [{7A5892AC-2593-4E48-9FC5-40A6068339CF}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{97FE75DA-50B1-4E57-8259-DDD23B48E73E}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe
FirewallRules: [{1D344ED5-2EFA-46D3-82E3-2F54A8857377}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{AAD6D337-AD5C-413D-A1BE-2C66C8975F78}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{8ADE6E87-42CF-47FD-B2EC-81114D3148CB}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{4BFA0D74-22CE-4038-B734-698C2C3EE22C}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{FF2B0067-2D8B-4171-BF77-D017D912F78E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{4ACCB284-6D0F-4F77-A983-9525B465FA22}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{1D227BCA-0DF6-4FFA-85FB-9F7503A7C1A5}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{A3865932-FB93-4B84-9AB8-0EEAD0E6AEE4}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{D6D9F9BB-EF5E-4BF9-B7A9-D720F3D023D6}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{1C96F01A-35A4-43B6-9392-99E6D0EF9BFC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{69DFCBDB-72C3-424A-8F23-5ABF1A096C5A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EC8C2ECF-C554-465B-B656-687630E78ABD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E11E6FFC-EC65-4832-8CC8-1F5C072CF6EC}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Wiederherstellungspunkte =========================
24-04-2017 17:53:37 Windows Update
02-05-2017 15:16:00 Windows Update
05-05-2017 17:26:07 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/09/2017 06:13:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
Error: (05/09/2017 06:12:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
Error: (05/09/2017 06:12:34 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (05/09/2017 06:12:29 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
Error: (05/09/2017 05:50:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
Error: (05/09/2017 05:49:53 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (05/09/2017 05:49:48 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
Error: (05/09/2017 05:49:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Selvi\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
Error: (05/09/2017 05:49:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\users\selvi\desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
Error: (05/09/2017 05:49:00 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Selvi\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
Systemfehler:
=============
Error: (05/09/2017 06:21:32 PM) (Source: DCOM) (EventID: 10010) (User: SELVI-PC)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (05/09/2017 06:21:01 PM) (Source: DCOM) (EventID: 10010) (User: SELVI-PC)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (05/09/2017 05:52:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (05/09/2017 05:52:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Selvi\AppData\Local\Temp\ehdrv.sys
Error: (05/09/2017 05:52:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (05/09/2017 05:52:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Selvi\AppData\Local\Temp\ehdrv.sys
Error: (05/09/2017 05:52:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (05/09/2017 05:52:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Selvi\AppData\Local\Temp\ehdrv.sys
Error: (05/09/2017 05:50:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (05/09/2017 05:50:43 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Selvi\AppData\Local\Temp\ehdrv.sys
CodeIntegrity:
===================================
Date: 2017-05-09 17:34:51.584
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-09 17:34:39.342
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-09 17:34:39.295
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-09 17:34:38.424
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-07 22:10:46.813
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-07 22:10:39.651
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-07 22:10:39.636
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-07 22:10:35.388
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-07 21:33:35.435
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-07 21:33:27.809
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 61%
Installierter physikalischer RAM: 4019.27 MB
Verfügbarer physikalischer RAM: 1557.43 MB
Summe virtueller Speicher: 4723.27 MB
Verfügbarer virtueller Speicher: 1703.1 MB
==================== Laufwerke ================================
Drive c: (Windows8_OS) (Fixed) (Total:424.25 GB) (Free:360.12 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.39 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 0DC5A29F)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
| Themen zu WEB.de E-Mail-Account: Mail delivery failed Nachrichten, obwohl ich selber keine E-Mails geschrieben habe |
| .dll, administrator, computer, defender, explorer, failed, firefox, firewall, home, homepage, mozilla, prozesse, realtek, registry, scan, security, services.exe, software, spam, svchost.exe, system, usb, virus, windows, windowsapps, winlogon.exe |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
