Ständige Pop-ups, nur für Splitsekunden zu sehen

Rakdos · 27.05.2017, 09:57

Seit circa 3 Tagen passiert es immer wieder das ein Pop-up in meinen Firefox-browser geöffnet wird und sich dann auch wieder genau so plötzlich schliesst. Das ist mir nicht geheuer, also habe ich ein Hijack scan laufen lassen, aber die Information sagen mir nichts.
Vornweggenohmen habe ich als Betriebssystem Windows 10, als Virenschutzprogramm benutze ich Antivir Connect, es ist Adblock Plus und Avira Browserschutz im Firefox installiert. Es folgt nun der Hijack-Report:

Zitat:

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 10:17:00, on 27.05.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0953)

FIREFOX: 53.0.3 (x86 de)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Avira\Antivirus\sched.exe
C:\Program Files (x86)\Avira\Antivirus\avguard.exe
C:\Windows\runSW.exe
D:\Origin\OriginWebHelperService.exe
C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
C:\Users\Floh\AppData\Local\Microsoft\OneDrive\OneDrive.exe
D:\Steam\Steam.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\program files (x86)\avira\antivirus\avscan.exe
C:\program files (x86)\avira\antivirus\avscan.exe
C:\Users\Floh\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\7b4e384f5b096b9656fee276ba88bb81\HijackThis_2.0.5.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Floh\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Steam] "D:\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Lokaler Dienst')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Netzwerkdienst')
O4 - Global Startup: phase6_18_erinnerung.lnk = D:\phase6\phase6_18\WinStart\WinStart.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Email-Schutz (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Echtzeit-Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Webschutz (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: chip 1-click download service (chip1click) - Chip Digital GmbH - C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
O23 - Service: Developer Tools Service (DeveloperToolsService) - Unknown owner - C:\Windows\System32\DeveloperToolsSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - D:\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - D:\Origin\OriginWebHelperService.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: RunSwUSB - Unknown owner - C:\Windows\runSW.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12653 bytes

Hoffentlich könnt ihr helfen...

M-K-D-B · 27.05.2017, 11:51

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.
Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

Rakdos · 27.05.2017, 12:20

Okay, hier ist es:
Schritt 1
FRST.txt

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2017
durchgeführt von Floh (Administrator) auf DESKTOP-TSI6RU0 (27-05-2017 13:07:36)
Gestartet von C:\Users\Floh\Desktop
Geladene Profile: Floh (Verfügbare Profile: defaultuser0 & Floh)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe
() C:\Windows\runSW.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Electronic Arts) D:\Origin\OriginWebHelperService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\SkypePlugin.exe
(Valve Corporation) D:\Steam\Steam.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16152792 2015-07-17] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [230104 2015-07-10] (Realtek Semiconductor Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110008 2016-01-20] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [499128 2016-01-20] (CyberLink Corp.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61944 2017-04-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [912768 2017-04-29] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-638367787-3787977131-1498176509-1001\...\Run: [Steam] => D:\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase6_18_erinnerung.lnk [2017-01-24]
ShortcutTarget: phase6_18_erinnerung.lnk -> D:\phase6\phase6_18\WinStart\WinStart.exe (phase6)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{6a5a4a31-f2ea-42a1-a9da-78fa0e3e2576}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{fe23c381-270f-46ce-be84-2e65f273da19}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-638367787-3787977131-1498176509-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-638367787-3787977131-1498176509-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: nsqq5y44.default
FF ProfilePath: C:\Users\Floh\AppData\Roaming\Mozilla\Firefox\Profiles\nsqq5y44.default [2017-05-27]
FF Homepage: Mozilla\Firefox\Profiles\nsqq5y44.default -> hxxps://duckduckgo.com/
FF Extension: (Avira Browser Safety) - C:\Users\Floh\AppData\Roaming\Mozilla\Firefox\Profiles\nsqq5y44.default\Extensions\abs@avira.com.xpi [2017-04-05]
FF Extension: (Racism Simulator) - C:\Users\Floh\AppData\Roaming\Mozilla\Firefox\Profiles\nsqq5y44.default\Extensions\{24966bf9-1f0a-48b0-8745-7a02dc5ff345}.xpi [2017-04-20]
FF Extension: (Adblock Plus) - C:\Users\Floh\AppData\Roaming\Mozilla\Firefox\Profiles\nsqq5y44.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-26] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-638367787-3787977131-1498176509-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-01-27] ()

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1119712 2017-04-29] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [488920 2017-04-29] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [488920 2017-04-29] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1520680 2017-04-29] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350120 2017-04-11] (Avira Operations GmbH & Co. KG)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [41176 2015-03-02] (Realtek Semiconductor Corporation)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [121560 2015-07-20] ()
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
S4 debugregsvc; C:\windows\System32\debugregsvc.dll [29184 2016-07-15] (Microsoft Corporation)
S3 DeveloperToolsService; C:\Windows\System32\DeveloperToolsSvc.exe [104448 2017-03-28] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-22] (Intel Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2147216 2017-05-05] (Electronic Arts)
R2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [3116440 2017-05-05] (Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] ()
S3 SshBroker; C:\windows\System32\SshBroker.dll [360960 2016-12-21] (Microsoft Corporation)
S3 SshProxy; C:\windows\System32\SshProxy.dll [275456 2016-12-21] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S4 WebManagement; C:\windows\system32\WebManagement.exe [1000448 2016-09-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\1.9.741.0\\McCSPServiceHost.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\windows\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\windows\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\windows\system32\drivers\AtihdWT6.sys [110104 2016-09-28] (Advanced Micro Devices)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [161824 2017-03-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\system32\DRIVERS\avipbb.sys [163976 2017-03-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [44488 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\system32\DRIVERS\avnetflt.sys [88488 2017-03-02] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\windows\System32\Drivers\avusbflt.sys [48584 2017-03-02] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics Co., Ltd.)
S3 NetAdapterCx; C:\windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\windows\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek                                            )
S3 RtkAvrcp; C:\windows\System32\drivers\RtkAvrcp.sys [67840 2015-09-09] (Realtek Semiconductor Corporation)
S3 RtkAvrcpCtrlr; C:\windows\System32\drivers\RtkAvrcpCtrlr.sys [70672 2015-05-12] (Realtek Semiconductor Corporation)
R3 RtkBtFilter; C:\windows\system32\DRIVERS\RtkBtfilter.sys [611096 2015-09-15] (Realtek Semiconductor Corporation)
R3 RtlWlanu; C:\windows\System32\drivers\rtwlanu.sys [5195776 2016-07-16] (Realtek Semiconductor Corporation                           )
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

NETSVC: debugregsvc -> C:\Windows\System32\debugregsvc.dll (Microsoft Corporation)

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-27 13:07 - 2017-05-27 13:07 - 00016065 _____ C:\Users\Floh\Desktop\FRST.txt
2017-05-27 13:07 - 2017-05-27 13:07 - 00000000 ____D C:\FRST
2017-05-27 13:06 - 2017-05-27 13:07 - 02429952 _____ (Farbar) C:\Users\Floh\Desktop\FRST64.exe
2017-05-27 10:16 - 2017-05-27 10:16 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2017-05-27 10:15 - 2017-05-27 10:15 - 01496584 _____ C:\Users\Floh\Downloads\HijackThis - CHIP-Installer.exe
2017-05-27 10:15 - 2017-05-27 10:15 - 00000000 ____D C:\Users\Floh\AppData\Local\Downloaded Installations
2017-05-25 07:55 - 2017-05-25 07:55 - 00000000 ____D C:\Users\Floh\AppData\Roaming\Google
2017-05-25 07:07 - 2017-05-25 09:50 - 00000000 ____D C:\Users\Floh\AppData\Local\Google
2017-05-25 07:07 - 2017-05-25 09:50 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-25 07:07 - 2017-05-25 07:07 - 01130328 _____ (Google Inc.) C:\Users\Floh\Downloads\ChromeSetup.exe
2017-05-24 07:56 - 2017-05-24 07:56 - 00000000 ____D C:\Users\Floh\Documents\Samsung
2017-05-24 07:55 - 2017-05-24 08:04 - 00000000 ____D C:\Users\Floh\AppData\Roaming\Samsung
2017-05-24 07:55 - 2017-05-24 08:04 - 00000000 ____D C:\Program Files (x86)\Samsung
2017-05-24 07:55 - 2017-05-24 07:56 - 00000000 ____D C:\ProgramData\Samsung
2017-05-24 07:55 - 2017-05-24 07:55 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2017-05-24 07:55 - 2017-01-16 08:26 - 00165504 _____ (Samsung Electronics Co., Ltd.) C:\windows\system32\Drivers\ssudmdm.sys
2017-05-24 07:55 - 2017-01-16 08:26 - 00131712 _____ (Samsung Electronics Co., Ltd.) C:\windows\system32\Drivers\ssudbus.sys
2017-05-24 07:55 - 2016-12-09 09:04 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\windows\SysWOW64\secman.dll
2017-05-17 15:26 - 2017-05-17 15:26 - 00003160 _____ C:\windows\System32\Tasks\StartCN
2017-05-17 15:26 - 2017-05-17 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-05-17 15:26 - 2017-05-17 15:26 - 00000000 ____D C:\Program Files (x86)\AMD
2017-05-16 18:06 - 2017-05-16 18:06 - 10320248 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdvlk64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 08479104 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdvlk32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 02536320 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amfrt64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 02198400 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amfrt32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atiadlxy.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atiadlxx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00924544 _____ (AMD) C:\windows\system32\coinst_17.10.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00864120 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amdlvr64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00696192 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amdlvr32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00551808 _____ C:\windows\system32\dgtrayicon.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00546688 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Rapidfire64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00531328 _____ C:\windows\system32\GameManager64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00514424 _____ C:\windows\system32\amdgfxinfo64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00483712 _____ C:\windows\system32\atieah64.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00478080 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\Rapidfire.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00467328 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atidemgy.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00411008 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atiapfxx.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00360312 _____ C:\windows\SysWOW64\amdgfxinfo32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00334208 _____ C:\windows\SysWOW64\atieah32.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00245112 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atig6txx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00242048 _____ C:\windows\SysWOW64\hsa-thunk.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00203648 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atigktxx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00167808 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atisamu64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00156704 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\aticfx64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00148440 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\aticfx32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00133504 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atisamu32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00122744 _____ (AMD) C:\windows\system32\atimuixx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00121208 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00115072 _____ C:\windows\system32\atidxx64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112512 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdxc64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112000 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00101760 _____ C:\windows\SysWOW64\atidxx32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00099192 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdxc32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00091520 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdmcl64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00075136 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdmcl32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00068992 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\ati2erec.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00044920 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\RapidFireServer64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00042368 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\RapidFireServer.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029056 _____ (Microsoft Corporation) C:\windows\system32\detoured.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00573800 _____ C:\windows\system32\amdmiracast.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00196176 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amdhcp64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00164400 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amdhcp32.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00139080 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdave64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atimpc64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdpcom64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00116072 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdave32.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00102520 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdpcom32.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00102512 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atimpc32.dll
2017-05-16 13:57 - 2017-05-16 13:57 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2017-05-15 15:29 - 2017-05-15 15:29 - 00000202 _____ C:\Users\Floh\Desktop\NOT A HERO.url
2017-05-15 15:23 - 2017-05-15 15:23 - 00000202 _____ C:\Users\Floh\Desktop\The Binding of Isaac.url
2017-05-15 15:21 - 2017-05-15 15:21 - 00000202 _____ C:\Users\Floh\Desktop\Binary Domain.url
2017-05-15 15:21 - 2017-05-15 15:21 - 00000202 _____ C:\Users\Floh\Desktop\Antichamber.url
2017-05-14 22:13 - 2017-05-14 22:13 - 00365636 _____ C:\windows\Minidump\051417-6718-01.dmp
2017-05-10 20:09 - 2017-04-28 03:28 - 00965472 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReAgent.dll
2017-05-10 20:09 - 2017-04-28 02:59 - 00601712 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2017-05-10 20:09 - 2017-04-28 02:56 - 02048488 _____ C:\windows\SysWOW64\CoreUIComponents.dll
2017-05-10 20:09 - 2017-04-28 02:55 - 00088416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\scmbus.sys
2017-05-10 20:09 - 2017-04-28 02:53 - 00616048 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2017-05-10 20:09 - 2017-04-28 02:48 - 00263472 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Storage.ApplicationData.dll
2017-05-10 20:09 - 2017-04-28 02:46 - 05722320 _____ (Microsoft Corporation) C:\windows\SysWOW64\windows.storage.dll
2017-05-10 20:09 - 2017-04-28 02:46 - 01504056 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2017-05-10 20:09 - 2017-04-28 02:46 - 01431232 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-10 20:09 - 2017-04-28 02:45 - 02263832 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2017-05-10 20:09 - 2017-04-28 02:45 - 00975744 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinapi.appcore.dll
2017-05-10 20:09 - 2017-04-28 02:45 - 00861024 _____ (Microsoft Corporation) C:\windows\SysWOW64\LicenseManager.dll
2017-05-10 20:09 - 2017-04-28 02:45 - 00781144 _____ (Microsoft Corporation) C:\windows\SysWOW64\WWAHost.exe
2017-05-10 20:09 - 2017-04-28 02:45 - 00493920 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncHost.exe
2017-05-10 20:09 - 2017-04-28 02:45 - 00116576 _____ (Microsoft Corporation) C:\windows\SysWOW64\CloudExperienceHostCommon.dll
2017-05-10 20:09 - 2017-04-28 02:43 - 02168288 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2017-05-10 20:09 - 2017-04-28 02:43 - 01980768 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2017-05-10 20:09 - 2017-04-28 02:43 - 01557224 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2017-05-10 20:09 - 2017-04-28 02:43 - 00846560 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinTypes.dll
2017-05-10 20:09 - 2017-04-28 02:42 - 00601952 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetSetupEngine.dll
2017-05-10 20:09 - 2017-04-28 02:41 - 00361104 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsmf.dll
2017-05-10 20:09 - 2017-04-28 02:40 - 06665952 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-10 20:09 - 2017-04-28 02:40 - 04023008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2017-05-10 20:09 - 2017-04-28 02:40 - 01851696 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmp4srcsnk.dll
2017-05-10 20:09 - 2017-04-28 02:40 - 01360456 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfnetsrc.dll
2017-05-10 20:09 - 2017-04-28 02:40 - 01277856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfasfsrcsnk.dll
2017-05-10 20:09 - 2017-04-28 02:40 - 01202936 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmpeg2srcsnk.dll
2017-05-10 20:09 - 2017-04-28 02:40 - 00981888 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfnetcore.dll
2017-05-10 20:09 - 2017-04-28 02:40 - 00352760 _____ (Microsoft Corporation) C:\windows\SysWOW64\MMDevAPI.dll
2017-05-10 20:09 - 2017-04-28 02:39 - 20967840 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2017-05-10 20:09 - 2017-04-28 02:39 - 04312248 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2017-05-10 20:09 - 2017-04-28 02:39 - 00962760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2017-05-10 20:09 - 2017-04-28 02:39 - 00715104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
2017-05-10 20:09 - 2017-04-28 02:38 - 00557408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2017-05-10 20:09 - 2017-04-28 02:35 - 01414208 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32full.dll
2017-05-10 20:09 - 2017-04-28 02:35 - 00276832 _____ (Microsoft Corporation) C:\windows\SysWOW64\input.dll
2017-05-10 20:09 - 2017-04-28 02:29 - 05685760 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2017-05-10 20:09 - 2017-04-28 02:23 - 01631232 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-10 20:09 - 2017-04-28 02:23 - 00095232 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserDataTimeUtil.dll
2017-05-10 20:09 - 2017-04-28 02:22 - 00165376 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReInfo.dll
2017-05-10 20:09 - 2017-04-28 02:22 - 00026112 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbcconf.dll
2017-05-10 20:09 - 2017-04-28 02:21 - 00224256 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExSMime.dll
2017-05-10 20:09 - 2017-04-28 02:21 - 00027648 _____ (Microsoft Corporation) C:\windows\SysWOW64\BthTelemetry.dll
2017-05-10 20:09 - 2017-04-28 02:20 - 00141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Radios.dll
2017-05-10 20:09 - 2017-04-28 02:20 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\virtdisk.dll
2017-05-10 20:09 - 2017-04-28 02:19 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserDeviceRegistration.dll
2017-05-10 20:09 - 2017-04-28 02:19 - 00138240 _____ (Microsoft Corporation) C:\windows\SysWOW64\DisplayManager.dll
2017-05-10 20:09 - 2017-04-28 02:18 - 00450560 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2017-05-10 20:09 - 2017-04-28 02:18 - 00285184 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-05-10 20:09 - 2017-04-28 02:18 - 00255488 _____ (Microsoft Corporation) C:\windows\SysWOW64\unimdm.tsp
2017-05-10 20:09 - 2017-04-28 02:17 - 00328192 _____ (Microsoft Corporation) C:\windows\SysWOW64\daxexec.dll
2017-05-10 20:09 - 2017-04-28 02:17 - 00142336 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.WiFi.dll
2017-05-10 20:09 - 2017-04-28 02:17 - 00136192 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinRtTracing.dll
2017-05-10 20:09 - 2017-04-28 02:17 - 00095232 _____ (Microsoft Corporation) C:\windows\SysWOW64\BluetoothApis.dll
2017-05-10 20:09 - 2017-04-28 02:17 - 00094208 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.StateRepositoryClient.dll
2017-05-10 20:09 - 2017-04-28 02:16 - 00392192 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Gaming.Input.dll
2017-05-10 20:09 - 2017-04-28 02:16 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.LowLevel.dll
2017-05-10 20:09 - 2017-04-28 02:16 - 00315904 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 20:09 - 2017-04-28 02:16 - 00231936 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-05-10 20:09 - 2017-04-28 02:16 - 00203776 _____ (Microsoft Corporation) C:\windows\SysWOW64\credprovhost.dll
2017-05-10 20:09 - 2017-04-28 02:16 - 00184320 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserMgrProxy.dll
2017-05-10 20:09 - 2017-04-28 02:16 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\InstallAgent.exe
2017-05-10 20:09 - 2017-04-28 02:16 - 00118272 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppointmentActivation.dll
2017-05-10 20:09 - 2017-04-28 02:16 - 00113152 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Lights.dll
2017-05-10 20:09 - 2017-04-28 02:15 - 00557568 _____ (Microsoft Corporation) C:\windows\SysWOW64\StoreAgent.dll
2017-05-10 20:09 - 2017-04-28 02:15 - 00404992 _____ (Microsoft Corporation) C:\windows\SysWOW64\dsreg.dll
2017-05-10 20:09 - 2017-04-28 02:15 - 00334848 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastlsext.dll
2017-05-10 20:09 - 2017-04-28 02:15 - 00237568 _____ (Microsoft Corporation) C:\windows\SysWOW64\SyncSettings.dll
2017-05-10 20:09 - 2017-04-28 02:15 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\bthprops.cpl
2017-05-10 20:09 - 2017-04-28 02:15 - 00117760 _____ (Microsoft Corporation) C:\windows\SysWOW64\AuthBroker.dll
2017-05-10 20:09 - 2017-04-28 02:15 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Core.dll
2017-05-10 20:09 - 2017-04-28 02:14 - 00670208 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.PointOfService.dll
2017-05-10 20:09 - 2017-04-28 02:14 - 00483840 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.AllJoyn.dll
2017-05-10 20:09 - 2017-04-28 02:14 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\InstallAgentUserBroker.exe
2017-05-10 20:09 - 2017-04-28 02:13 - 13873664 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 01755136 _____ (Microsoft Corporation) C:\windows\SysWOW64\DeviceFlows.DataModel.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 01243136 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00562176 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.SmartCards.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00506880 _____ (Microsoft Corporation) C:\windows\SysWOW64\DevicePairing.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00426496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00386048 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00332288 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Internal.Bluetooth.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00325120 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleacc.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00298496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Internal.Management.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00271360 _____ (Microsoft Corporation) C:\windows\SysWOW64\deviceaccess.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00218624 _____ (Microsoft Corporation) C:\windows\SysWOW64\WwaApi.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\vaultcli.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00202752 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00185856 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00175616 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Scanners.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00125952 _____ (Microsoft Corporation) C:\windows\SysWOW64\apprepapi.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00114176 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupugc.exe
2017-05-10 20:09 - 2017-04-28 02:12 - 00498688 _____ (Microsoft Corporation) C:\windows\SysWOW64\mbsmsapi.dll
2017-05-10 20:09 - 2017-04-28 02:12 - 00431616 _____ (Microsoft Corporation) C:\windows\SysWOW64\efswrt.dll
2017-05-10 20:09 - 2017-04-28 02:12 - 00284672 _____ (Microsoft Corporation) C:\windows\SysWOW64\apprepsync.dll
2017-05-10 20:09 - 2017-04-28 02:12 - 00262144 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Picker.dll
2017-05-10 20:09 - 2017-04-28 02:11 - 00846336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebcamUi.dll
2017-05-10 20:09 - 2017-04-28 02:11 - 00747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Ocr.dll
2017-05-10 20:09 - 2017-04-28 02:11 - 00075776 _____ (Microsoft Corporation) C:\windows\SysWOW64\updatepolicy.dll
2017-05-10 20:09 - 2017-04-28 02:10 - 00857600 _____ (Microsoft Corporation) C:\windows\SysWOW64\EmailApis.dll
2017-05-10 20:09 - 2017-04-28 02:10 - 00819200 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppContracts.dll
2017-05-10 20:09 - 2017-04-28 02:10 - 00816640 _____ (Microsoft Corporation) C:\windows\SysWOW64\NaturalLanguage6.dll
2017-05-10 20:09 - 2017-04-28 02:10 - 00764928 _____ (Microsoft Corporation) C:\windows\SysWOW64\mprddm.dll
2017-05-10 20:09 - 2017-04-28 02:10 - 00314368 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Usb.dll
2017-05-10 20:09 - 2017-04-28 02:10 - 00284672 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.dll
2017-05-10 20:09 - 2017-04-28 02:10 - 00238080 _____ (Microsoft Corporation) C:\windows\SysWOW64\AboveLockAppHost.dll
2017-05-10 20:09 - 2017-04-28 02:09 - 00584192 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-10 20:09 - 2017-04-28 02:09 - 00525824 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintDialogs.dll
2017-05-10 20:09 - 2017-04-28 02:09 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2017-05-10 20:09 - 2017-04-28 02:09 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll
2017-05-10 20:09 - 2017-04-28 02:09 - 00352256 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Enumeration.dll
2017-05-10 20:09 - 2017-04-28 02:08 - 07626752 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2017-05-10 20:09 - 2017-04-28 02:08 - 01534464 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-05-10 20:09 - 2017-04-28 02:08 - 01228288 _____ (Microsoft Corporation) C:\windows\SysWOW64\usercpl.dll
2017-05-10 20:09 - 2017-04-28 02:08 - 00653312 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.AccountsControl.dll
2017-05-10 20:09 - 2017-04-28 02:08 - 00288256 _____ (Microsoft Corporation) C:\windows\SysWOW64\CryptoWinRT.dll
2017-05-10 20:09 - 2017-04-28 02:07 - 03689984 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2017-05-10 20:09 - 2017-04-28 02:07 - 00525312 _____ (Microsoft Corporation) C:\windows\SysWOW64\LogonController.dll
2017-05-10 20:09 - 2017-04-28 02:07 - 00256512 _____ (Microsoft Corporation) C:\windows\SysWOW64\thumbcache.dll
2017-05-10 20:09 - 2017-04-28 02:06 - 04614656 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.dll
2017-05-10 20:09 - 2017-04-28 02:06 - 02333184 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2017-05-10 20:09 - 2017-04-28 02:06 - 00901120 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Bluetooth.dll
2017-05-10 20:09 - 2017-04-28 02:06 - 00675840 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.dll
2017-05-10 20:09 - 2017-04-28 02:05 - 03733504 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_47.dll
2017-05-10 20:09 - 2017-04-28 02:05 - 00886272 _____ (Microsoft Corporation) C:\windows\SysWOW64\aadtb.dll
2017-05-10 20:09 - 2017-04-28 02:05 - 00709120 _____ (Microsoft Corporation) C:\windows\SysWOW64\CPFilters.dll
2017-05-10 20:09 - 2017-04-28 02:05 - 00589312 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Sensors.dll
2017-05-10 20:09 - 2017-04-28 02:04 - 01323008 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsp_fs.dll
2017-05-10 20:09 - 2017-04-28 02:03 - 01137152 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsp_health.dll
2017-05-10 20:09 - 2017-04-28 02:03 - 01077760 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Editing.dll
2017-05-10 20:09 - 2017-04-28 02:03 - 00355328 _____ (Microsoft Corporation) C:\windows\SysWOW64\RTMediaFrame.dll
2017-05-10 20:09 - 2017-04-28 02:03 - 00318464 _____ (Microsoft Corporation) C:\windows\SysWOW64\LocationApi.dll
2017-05-10 20:09 - 2017-04-28 02:03 - 00291328 _____ (Microsoft Corporation) C:\windows\SysWOW64\adsnt.dll
2017-05-10 20:09 - 2017-04-28 02:03 - 00134656 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Energy.dll
2017-05-10 20:09 - 2017-04-28 02:02 - 03307008 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFMediaEngine.dll
2017-05-10 20:09 - 2017-04-28 02:02 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
2017-05-10 20:09 - 2017-04-28 02:01 - 00795648 _____ (Microsoft Corporation) C:\windows\SysWOW64\MiracastReceiver.dll
2017-05-10 20:09 - 2017-04-28 02:01 - 00713216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpnapps.dll
2017-05-10 20:09 - 2017-04-28 02:01 - 00343040 _____ (Microsoft Corporation) C:\windows\SysWOW64\PlayToDevice.dll
2017-05-10 20:09 - 2017-04-28 02:01 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\unimdm.tsp
2017-05-10 20:09 - 2017-04-28 02:01 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\dlnashext.dll
2017-05-10 20:09 - 2017-04-28 02:01 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\dialclient.dll
2017-05-10 20:09 - 2017-04-28 02:00 - 02749440 _____ (Microsoft Corporation) C:\windows\SysWOW64\mispace.dll
2017-05-10 20:09 - 2017-04-28 02:00 - 01255936 _____ (Microsoft Corporation) C:\windows\SysWOW64\AzureSettingSyncProvider.dll
2017-05-10 20:09 - 2017-04-28 02:00 - 00249856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BthLEEnum.sys
2017-05-10 20:09 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\WinRtTracing.dll
2017-05-10 20:09 - 2017-04-28 02:00 - 00149504 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Core.dll
2017-05-10 20:09 - 2017-04-28 01:59 - 02154496 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi.dll
2017-05-10 20:09 - 2017-04-28 01:59 - 00895488 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Streaming.dll
2017-05-10 20:09 - 2017-04-28 01:59 - 00467968 _____ (Microsoft Corporation) C:\windows\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 20:09 - 2017-04-28 01:59 - 00220672 _____ (Microsoft Corporation) C:\windows\SysWOW64\PlayToReceiver.dll
2017-05-10 20:09 - 2017-04-28 01:58 - 07468544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2017-05-10 20:09 - 2017-04-28 01:58 - 00546304 _____ (Microsoft Corporation) C:\windows\SysWOW64\uReFS.dll
2017-05-10 20:09 - 2017-04-28 01:58 - 00433664 _____ (Microsoft Corporation) C:\windows\SysWOW64\imapi2.dll
2017-05-10 20:09 - 2017-04-28 01:58 - 00134144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ErrorDetails.dll
2017-05-10 20:09 - 2017-04-28 01:58 - 00090624 _____ (Microsoft Corporation) C:\windows\SysWOW64\olepro32.dll
2017-05-10 20:09 - 2017-04-28 01:57 - 01247232 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2017-05-10 20:09 - 2017-04-28 01:57 - 01221120 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Audio.dll
2017-05-10 20:09 - 2017-04-28 01:57 - 00719872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsp_sr.dll
2017-05-10 20:09 - 2017-04-28 01:57 - 00641024 _____ (Microsoft Corporation) C:\windows\SysWOW64\MCRecvSrc.dll
2017-05-10 20:09 - 2017-04-28 01:57 - 00089600 _____ (Microsoft Corporation) C:\windows\SysWOW64\CameraCaptureUI.dll
2017-05-10 20:09 - 2017-04-28 01:56 - 00400384 _____ (Microsoft Corporation) C:\windows\SysWOW64\PlayToManager.dll
2017-05-10 20:09 - 2017-04-28 01:56 - 00358912 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.dll
2017-05-10 20:09 - 2017-04-28 01:56 - 00357376 _____ (Microsoft Corporation) C:\windows\SysWOW64\Geolocation.dll
2017-05-10 20:09 - 2017-04-28 01:56 - 00333312 _____ (Microsoft Corporation) C:\windows\SysWOW64\SensorsApi.dll
2017-05-10 20:09 - 2017-04-28 01:56 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Devices.dll
2017-05-10 20:09 - 2017-04-28 01:55 - 01993216 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2017-05-10 20:09 - 2017-04-28 01:55 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2017-05-10 20:09 - 2017-04-28 01:55 - 01656320 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Perception.dll
2017-05-10 20:09 - 2017-04-28 01:55 - 01413632 _____ (Microsoft Corporation) C:\windows\SysWOW64\OpcServices.dll
2017-05-10 20:09 - 2017-04-28 01:55 - 01232384 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-05-10 20:09 - 2017-04-28 01:55 - 01170944 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Speech.dll
2017-05-10 20:09 - 2017-04-28 01:55 - 01004544 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Input.Inking.dll
2017-05-10 20:09 - 2017-04-28 01:55 - 00561664 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Wallet.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 02747904 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpcore.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 02646528 _____ (Microsoft Corporation) C:\windows\SysWOW64\CertEnroll.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 02483200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 01883648 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Logon.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 01013248 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Web.Http.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 00967680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2017-05-10 20:09 - 2017-04-28 01:54 - 00654336 _____ (Microsoft Corporation) C:\windows\SysWOW64\MbaeApiPublic.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 00598528 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Web.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\ShareHost.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 00348160 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Midi.dll
2017-05-10 20:09 - 2017-04-28 01:53 - 01170944 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-05-10 20:09 - 2017-04-28 01:53 - 00798208 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2017-05-10 20:09 - 2017-04-28 01:53 - 00751104 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-10 20:09 - 2017-04-28 01:53 - 00621056 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.dll
2017-05-10 20:09 - 2017-04-28 01:53 - 00245760 _____ (Microsoft Corporation) C:\windows\system32\WwaApi.dll
2017-05-10 20:09 - 2017-04-28 01:52 - 03106304 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2017-05-10 20:09 - 2017-04-28 01:52 - 02994176 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32kfull.sys
2017-05-10 20:09 - 2017-04-28 01:52 - 02008576 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2017-05-10 20:09 - 2017-04-28 01:52 - 01600000 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2017-05-10 20:09 - 2017-04-28 01:50 - 00783360 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2017-05-10 20:09 - 2017-04-28 01:44 - 00548864 _____ (Microsoft Corporation) C:\windows\system32\usocore.dll
2017-05-10 20:09 - 2017-04-28 01:43 - 00963584 _____ (Microsoft Corporation) C:\windows\system32\WebcamUi.dll
2017-05-10 20:09 - 2017-04-28 01:41 - 01080320 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Ocr.dll
2017-05-10 20:09 - 2017-04-28 01:40 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.dll
2017-05-10 20:09 - 2017-04-28 01:39 - 04596224 _____ (Microsoft Corporation) C:\windows\system32\xpsrchvw.exe
2017-05-10 20:09 - 2017-04-28 01:38 - 02424320 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Perception.dll
2017-05-10 20:09 - 2017-04-28 01:37 - 02538496 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2017-05-10 20:09 - 2017-04-28 01:37 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.Maps.dll
2017-05-10 20:09 - 2017-04-28 01:37 - 01266176 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Input.Inking.dll
2017-05-10 20:09 - 2017-04-28 01:37 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\wuuhext.dll
2017-05-10 20:09 - 2017-04-28 01:30 - 00483840 _____ (Microsoft Corporation) C:\windows\SysWOW64\CoreMessaging.dll
2017-05-10 20:09 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2017-05-10 20:09 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Cred.dll
2017-05-10 20:09 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserDataAccountApis.dll
2017-05-10 20:09 - 2017-03-04 08:22 - 00265728 _____ C:\windows\SysWOW64\Windows.Perception.Stub.dll
2017-05-10 20:09 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2017-05-10 20:09 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Graphics.Printing.dll
2017-05-10 20:09 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.Phone.dll
2017-05-10 20:09 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\windows\SysWOW64\xpsrchvw.exe
2017-05-10 20:09 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.appcore.dll
2017-05-10 20:09 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\windows\SysWOW64\TokenBroker.dll
2017-05-10 20:08 - 2017-04-28 02:58 - 01706488 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2017-05-10 20:08 - 2017-04-28 02:57 - 00794928 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.Shell.Broker.dll
2017-05-10 20:08 - 2017-04-28 02:57 - 00603488 _____ (Microsoft Corporation) C:\windows\system32\ContentDeliveryManager.Utilities.dll
2017-05-10 20:08 - 2017-04-28 02:53 - 07784288 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2017-05-10 20:08 - 2017-04-28 02:53 - 02213760 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2017-05-10 20:08 - 2017-04-28 02:53 - 00774224 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2017-05-10 20:08 - 2017-04-28 02:52 - 02255712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2017-05-10 20:08 - 2017-04-28 02:49 - 02681200 _____ C:\windows\system32\CoreUIComponents.dll
2017-05-10 20:08 - 2017-04-28 02:49 - 00764392 _____ (Microsoft Corporation) C:\windows\system32\CoreMessaging.dll
2017-05-10 20:08 - 2017-04-28 02:46 - 00410464 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2017-05-10 20:08 - 2017-04-28 02:42 - 00328008 _____ (Microsoft Corporation) C:\windows\system32\Windows.Storage.ApplicationData.dll
2017-05-10 20:08 - 2017-04-28 02:40 - 07220184 _____ (Microsoft Corporation) C:\windows\system32\windows.storage.dll
2017-05-10 20:08 - 2017-04-28 02:40 - 02759704 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2017-05-10 20:08 - 2017-04-28 02:40 - 02187104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2017-05-10 20:08 - 2017-04-28 02:40 - 01860288 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2017-05-10 20:08 - 2017-04-28 02:40 - 01738560 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2017-05-10 20:08 - 2017-04-28 02:40 - 01157000 _____ (Microsoft Corporation) C:\windows\system32\twinapi.appcore.dll
2017-05-10 20:08 - 2017-04-28 02:40 - 00857440 _____ (Microsoft Corporation) C:\windows\system32\WWAHost.exe
2017-05-10 20:08 - 2017-04-28 02:40 - 00578400 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncHost.exe
2017-05-10 20:08 - 2017-04-28 02:40 - 00402784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2017-05-10 20:08 - 2017-04-28 02:40 - 00146784 _____ (Microsoft Corporation) C:\windows\system32\CloudExperienceHostCommon.dll
2017-05-10 20:08 - 2017-04-28 02:40 - 00026976 _____ (Microsoft Corporation) C:\windows\system32\browser_broker.exe
2017-05-10 20:08 - 2017-04-28 02:39 - 00624048 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2017-05-10 20:08 - 2017-04-28 02:38 - 02915704 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2017-05-10 20:08 - 2017-04-28 02:38 - 02446704 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2017-05-10 20:08 - 2017-04-28 02:38 - 01852200 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2017-05-10 20:08 - 2017-04-28 02:38 - 01267512 _____ (Microsoft Corporation) C:\windows\system32\WinTypes.dll
2017-05-10 20:08 - 2017-04-28 02:38 - 00847200 _____ (Microsoft Corporation) C:\windows\system32\NetSetupEngine.dll
2017-05-10 20:08 - 2017-04-28 02:38 - 00431968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdbss.sys
2017-05-10 20:08 - 2017-04-28 02:36 - 00408600 _____ (Microsoft Corporation) C:\windows\system32\tsmf.dll
2017-05-10 20:08 - 2017-04-28 02:36 - 00092512 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2017-05-10 20:08 - 2017-04-28 02:35 - 08170600 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Protection.PlayReady.dll
2017-05-10 20:08 - 2017-04-28 02:35 - 04260576 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2017-05-10 20:08 - 2017-04-28 02:35 - 01988048 _____ (Microsoft Corporation) C:\windows\system32\mfmp4srcsnk.dll
2017-05-10 20:08 - 2017-04-28 02:35 - 01702392 _____ (Microsoft Corporation) C:\windows\system32\mfasfsrcsnk.dll
2017-05-10 20:08 - 2017-04-28 02:35 - 01302136 _____ (Microsoft Corporation) C:\windows\system32\mfmpeg2srcsnk.dll
2017-05-10 20:08 - 2017-04-28 02:35 - 00596040 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2017-05-10 20:08 - 2017-04-28 02:34 - 22220856 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2017-05-10 20:08 - 2017-04-28 02:34 - 04674360 _____ (Microsoft Corporation) C:\windows\explorer.exe
2017-05-10 20:08 - 2017-04-28 02:34 - 01600624 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2017-05-10 20:08 - 2017-04-28 02:34 - 01277824 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2017-05-10 20:08 - 2017-04-28 02:34 - 01072248 _____ (Microsoft Corporation) C:\windows\system32\mfnetcore.dll
2017-05-10 20:08 - 2017-04-28 02:34 - 00443232 _____ (Microsoft Corporation) C:\windows\system32\MMDevAPI.dll
2017-05-10 20:08 - 2017-04-28 02:34 - 00244824 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2017-05-10 20:08 - 2017-04-28 02:34 - 00241504 _____ (Microsoft Corporation) C:\windows\system32\CloudExperienceHost.dll
2017-05-10 20:08 - 2017-04-28 02:30 - 01569184 _____ (Microsoft Corporation) C:\windows\system32\gdi32full.dll
2017-05-10 20:08 - 2017-04-28 02:28 - 00453536 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2017-05-10 20:08 - 2017-04-28 02:28 - 00387864 _____ (Microsoft Corporation) C:\windows\system32\wmpps.dll
2017-05-10 20:08 - 2017-04-28 02:21 - 00073728 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2017-05-10 20:08 - 2017-04-28 02:19 - 00584192 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIRibbonRes.dll
2017-05-10 20:08 - 2017-04-28 02:19 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2017-05-10 20:08 - 2017-04-28 02:15 - 00822784 _____ (Microsoft Corporation) C:\windows\SysWOW64\Chakradiag.dll
2017-05-10 20:08 - 2017-04-28 02:15 - 00126464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2017-05-10 20:08 - 2017-04-28 02:14 - 00306688 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieproxy.dll
2017-05-10 20:08 - 2017-04-28 02:14 - 00270336 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2017-05-10 20:08 - 2017-04-28 02:12 - 00635904 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2017-05-10 20:08 - 2017-04-28 02:12 - 00236544 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2017-05-10 20:08 - 2017-04-28 02:11 - 00340480 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2017-05-10 20:08 - 2017-04-28 02:10 - 07216640 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2017-05-10 20:08 - 2017-04-28 02:10 - 00661504 _____ (Microsoft Corporation) C:\windows\SysWOW64\WpcWebFilter.dll
2017-05-10 20:08 - 2017-04-28 02:08 - 18365440 _____ (Microsoft Corporation) C:\windows\SysWOW64\edgehtml.dll
2017-05-10 20:08 - 2017-04-28 02:07 - 00372736 _____ (Microsoft Corporation) C:\windows\system32\RDXTaskFactory.dll
2017-05-10 20:08 - 2017-04-28 02:06 - 22569472 _____ (Microsoft Corporation) C:\windows\system32\edgehtml.dll
2017-05-10 20:08 - 2017-04-28 02:06 - 00691712 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2017-05-10 20:08 - 2017-04-28 02:05 - 19414016 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2017-05-10 20:08 - 2017-04-28 02:05 - 01631232 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.Resources.dll
2017-05-10 20:08 - 2017-04-28 02:04 - 00119808 _____ (Microsoft Corporation) C:\windows\system32\UserDataTimeUtil.dll
2017-05-10 20:08 - 2017-04-28 02:03 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\UIRibbonRes.dll
2017-05-10 20:08 - 2017-04-28 02:03 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2017-05-10 20:08 - 2017-04-28 02:03 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\raspppoe.sys
2017-05-10 20:08 - 2017-04-28 02:03 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\odbcconf.dll
2017-05-10 20:08 - 2017-04-28 02:02 - 00115200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bridge.sys
2017-05-10 20:08 - 2017-04-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vwifimp.sys
2017-05-10 20:08 - 2017-04-28 02:01 - 00259072 _____ (Microsoft Corporation) C:\windows\system32\Family.SyncEngine.dll
2017-05-10 20:08 - 2017-04-28 02:01 - 00233472 _____ (Microsoft Corporation) C:\windows\system32\MusNotification.exe
2017-05-10 20:08 - 2017-04-28 02:01 - 00185344 _____ (Microsoft Corporation) C:\windows\system32\DisplayManager.dll
2017-05-10 20:08 - 2017-04-28 02:01 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\Family.Client.dll
2017-05-10 20:08 - 2017-04-28 02:01 - 00090624 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Printers.dll
2017-05-10 20:08 - 2017-04-28 02:00 - 12349440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2017-05-10 20:08 - 2017-04-28 02:00 - 00196096 _____ (Microsoft Corporation) C:\windows\system32\UserDeviceRegistration.dll
2017-05-10 20:08 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.WiFi.dll
2017-05-10 20:08 - 2017-04-28 02:00 - 00165376 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2017-05-10 20:08 - 2017-04-28 02:00 - 00101888 _____ (Microsoft Corporation) C:\windows\system32\UserDeviceRegistration.Ngc.dll
2017-05-10 20:08 - 2017-04-28 02:00 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\browserbroker.dll
2017-05-10 20:08 - 2017-04-28 01:59 - 12187136 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2017-05-10 20:08 - 2017-04-28 01:59 - 00635904 _____ (Microsoft Corporation) C:\windows\system32\FlightSettings.dll
2017-05-10 20:08 - 2017-04-28 01:59 - 00375296 _____ (Microsoft Corporation) C:\windows\system32\rastlsext.dll
2017-05-10 20:08 - 2017-04-28 01:59 - 00186368 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Radios.dll
2017-05-10 20:08 - 2017-04-28 01:59 - 00122880 _____ (Microsoft Corporation) C:\windows\system32\Windows.StateRepositoryClient.dll
2017-05-10 20:08 - 2017-04-28 01:58 - 00547840 _____ (Microsoft Corporation) C:\windows\system32\Windows.Gaming.Input.dll
2017-05-10 20:08 - 2017-04-28 01:58 - 00418304 _____ C:\windows\system32\Windows.Perception.Stub.dll
2017-05-10 20:08 - 2017-04-28 01:58 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.BlockedShutdown.dll
2017-05-10 20:08 - 2017-04-28 01:58 - 00360448 _____ (Microsoft Corporation) C:\windows\system32\rdpencom.dll
2017-05-10 20:08 - 2017-04-28 01:58 - 00289792 _____ (Microsoft Corporation) C:\windows\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-10 20:08 - 2017-04-28 01:58 - 00276992 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2017-05-10 20:08 - 2017-04-28 01:58 - 00231424 _____ (Microsoft Corporation) C:\windows\system32\shutdownux.dll
2017-05-10 20:08 - 2017-04-28 01:58 - 00211968 _____ (Microsoft Corporation) C:\windows\system32\InstallAgent.exe
2017-05-10 20:08 - 2017-04-28 01:58 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Lights.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 01507840 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.FaceAnalysis.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00651264 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.AllJoyn.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00568320 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.LowLevel.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00505856 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.WiFiDirect.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00502784 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00279552 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00268800 _____ (Microsoft Corporation) C:\windows\system32\UserMgrProxy.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\credprovhost.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00223744 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2017-05-10 20:08 - 2017-04-28 01:57 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Scanners.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00132096 _____ (Microsoft Corporation) C:\windows\system32\PrintWSDAHost.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00947712 _____ (Microsoft Corporation) C:\windows\system32\SystemSettings.Handlers.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00912384 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.SmartCards.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00748544 _____ (Microsoft Corporation) C:\windows\system32\StoreAgent.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00692224 _____ (Microsoft Corporation) C:\windows\system32\CellularAPI.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00691200 _____ (Microsoft Corporation) C:\windows\system32\ieproxy.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00590336 _____ (Microsoft Corporation) C:\windows\system32\efswrt.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00387584 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00379904 _____ (Microsoft Corporation) C:\windows\system32\apprepsync.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00324608 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00311296 _____ (Microsoft Corporation) C:\windows\system32\SyncSettings.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00293888 _____ (Microsoft Corporation) C:\windows\system32\updatehandlers.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00260608 _____ (Microsoft Corporation) C:\windows\system32\InstallAgentUserBroker.exe
2017-05-10 20:08 - 2017-04-28 01:56 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\AuthBroker.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00088576 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 06042624 _____ (Microsoft Corporation) C:\windows\SysWOW64\Chakra.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 02084352 _____ (Microsoft Corporation) C:\windows\system32\DeviceFlows.DataModel.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 00657920 _____ (Microsoft Corporation) C:\windows\system32\rasmans.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 00431616 _____ (Microsoft Corporation) C:\windows\system32\WpAXHolder.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 00407552 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.Management.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\oleacc.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Picker.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\PrintDialogs3D.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 00252416 _____ (Microsoft Corporation) C:\windows\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 00176128 _____ (Microsoft Corporation) C:\windows\system32\apprepapi.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 03664384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 02027008 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2017-05-10 20:08 - 2017-04-28 01:54 - 01509376 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 00949248 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.PointOfService.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 00472064 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.Bluetooth.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 00425984 _____ (Microsoft Corporation) C:\windows\system32\aadcloudap.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 00339456 _____ (Microsoft Corporation) C:\windows\system32\ConhostV2.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 00329728 _____ (Microsoft Corporation) C:\windows\system32\deviceaccess.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 00284160 _____ (Microsoft Corporation) C:\windows\system32\AboveLockAppHost.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\updatepolicy.dll
2017-05-10 20:08 - 2017-04-28 01:53 - 06288384 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.dll
2017-05-10 20:08 - 2017-04-28 01:53 - 03059200 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2017-05-10 20:08 - 2017-04-28 01:53 - 00671744 _____ (Microsoft Corporation) C:\windows\system32\mbsmsapi.dll
2017-05-10 20:08 - 2017-04-28 01:53 - 00579584 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-10 20:08 - 2017-04-28 01:53 - 00458752 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Enumeration.dll
2017-05-10 20:08 - 2017-04-28 01:53 - 00437248 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Usb.dll
2017-05-10 20:08 - 2017-04-28 01:51 - 02104320 _____ (Microsoft Corporation) C:\windows\system32\wlidsvc.dll
2017-05-10 20:08 - 2017-04-28 01:51 - 01913856 _____ (Microsoft Corporation) C:\windows\system32\wsp_fs.dll
2017-05-10 20:08 - 2017-04-28 01:51 - 01589760 _____ (Microsoft Corporation) C:\windows\system32\msdtctm.dll
2017-05-10 20:08 - 2017-04-28 01:51 - 01584128 _____ (Microsoft Corporation) C:\windows\system32\wsp_health.dll
2017-05-10 20:08 - 2017-04-28 01:51 - 00713216 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2017-05-10 20:08 - 2017-04-28 01:51 - 00458752 _____ (Microsoft Corporation) C:\windows\system32\RTMediaFrame.dll
2017-05-10 20:08 - 2017-04-28 01:51 - 00409600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2017-05-10 20:08 - 2017-04-28 01:51 - 00169984 _____ (Microsoft Corporation) C:\windows\system32\Windows.Energy.dll
2017-05-10 20:08 - 2017-04-28 01:50 - 03778048 _____ (Microsoft Corporation) C:\windows\system32\MFMediaEngine.dll
2017-05-10 20:08 - 2017-04-28 01:50 - 00329728 _____ (Microsoft Corporation) C:\windows\system32\fvecpl.dll
2017-05-10 20:08 - 2017-04-28 01:49 - 17198592 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2017-05-10 20:08 - 2017-04-28 01:49 - 01105408 _____ (Microsoft Corporation) C:\windows\system32\MiracastReceiver.dll
2017-05-10 20:08 - 2017-04-28 01:49 - 00864256 _____ (Microsoft Corporation) C:\windows\system32\wpnapps.dll
2017-05-10 20:08 - 2017-04-28 01:49 - 00442368 _____ (Microsoft Corporation) C:\windows\system32\PlayToDevice.dll
2017-05-10 20:08 - 2017-04-28 01:48 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dlnashext.dll
2017-05-10 20:08 - 2017-04-28 01:48 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\dialclient.dll
2017-05-10 20:08 - 2017-04-28 01:47 - 09131008 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2017-05-10 20:08 - 2017-04-28 01:47 - 03290112 _____ (Microsoft Corporation) C:\windows\system32\mispace.dll
2017-05-10 20:08 - 2017-04-28 01:47 - 01908224 _____ (Microsoft Corporation) C:\windows\system32\AzureSettingSyncProvider.dll
2017-05-10 20:08 - 2017-04-28 01:47 - 01790464 _____ (Microsoft Corporation) C:\windows\system32\LocationFramework.dll
2017-05-10 20:08 - 2017-04-28 01:47 - 01078784 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Streaming.dll
2017-05-10 20:08 - 2017-04-28 01:47 - 00942080 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2017-05-10 20:08 - 2017-04-28 01:47 - 00796672 _____ (Microsoft Corporation) C:\windows\system32\fvewiz.dll
2017-05-10 20:08 - 2017-04-28 01:47 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\SpaceControl.dll
2017-05-10 20:08 - 2017-04-28 01:46 - 02861056 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll
2017-05-10 20:08 - 2017-04-28 01:46 - 00279552 _____ (Microsoft Corporation) C:\windows\system32\PlayToReceiver.dll
2017-05-10 20:08 - 2017-04-28 01:46 - 00049664 _____ (Microsoft Corporation) C:\windows\system32\catsrvps.dll
2017-05-10 20:08 - 2017-04-28 01:45 - 23677440 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2017-05-10 20:08 - 2017-04-28 01:45 - 01217024 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Audio.dll
2017-05-10 20:08 - 2017-04-28 01:45 - 00946688 _____ (Microsoft Corporation) C:\windows\system32\wsp_sr.dll
2017-05-10 20:08 - 2017-04-28 01:45 - 00628736 _____ (Microsoft Corporation) C:\windows\system32\uReFS.dll
2017-05-10 20:08 - 2017-04-28 01:45 - 00411648 _____ (Microsoft Corporation) C:\windows\system32\SensorsApi.dll
2017-05-10 20:08 - 2017-04-28 01:45 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2017-05-10 20:08 - 2017-04-28 01:45 - 00167936 _____ (Microsoft Corporation) C:\windows\system32\ErrorDetails.dll
2017-05-10 20:08 - 2017-04-28 01:45 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\CameraCaptureUI.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 13091328 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 04749824 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_nt.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 01366016 _____ (Microsoft Corporation) C:\windows\system32\wpncore.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 01145344 _____ (Microsoft Corporation) C:\windows\system32\EmailApis.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 01010176 _____ (Microsoft Corporation) C:\windows\system32\enterprisecsps.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 00937984 _____ (Microsoft Corporation) C:\windows\system32\MCRecvSrc.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 00896512 _____ (Microsoft Corporation) C:\windows\system32\Windows.AccountsControl.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\GamePanel.exe
2017-05-10 20:08 - 2017-04-28 01:44 - 00583680 _____ (Microsoft Corporation) C:\windows\system32\PrintDialogs.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 00410112 _____ (Microsoft Corporation) C:\windows\system32\DevicesFlowBroker.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Devices.dll
2017-05-10 20:08 - 2017-04-28 01:43 - 01184256 _____ (Microsoft Corporation) C:\windows\system32\Unistore.dll
2017-05-10 20:08 - 2017-04-28 01:43 - 00646656 _____ (Microsoft Corporation) C:\windows\system32\wiaservc.dll
2017-05-10 20:08 - 2017-04-28 01:43 - 00634368 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2017-05-10 20:08 - 2017-04-28 01:43 - 00539136 _____ (Microsoft Corporation) C:\windows\system32\PlayToManager.dll
2017-05-10 20:08 - 2017-04-28 01:43 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\winspool.drv
2017-05-10 20:08 - 2017-04-28 01:43 - 00467968 _____ (Microsoft Corporation) C:\windows\system32\Geolocation.dll
2017-05-10 20:08 - 2017-04-28 01:43 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Midi.dll
2017-05-10 20:08 - 2017-04-28 01:43 - 00331264 _____ (Microsoft Corporation) C:\windows\system32\NgcCtnrSvc.dll
2017-05-10 20:08 - 2017-04-28 01:43 - 00320512 _____ (Microsoft Corporation) C:\windows\system32\thumbcache.dll
2017-05-10 20:08 - 2017-04-28 01:42 - 13441536 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2017-05-10 20:08 - 2017-04-28 01:42 - 08125440 _____ (Microsoft Corporation) C:\windows\system32\Chakra.dll
2017-05-10 20:08 - 2017-04-28 01:42 - 08076288 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2017-05-10 20:08 - 2017-04-28 01:42 - 02390016 _____ (Microsoft Corporation) C:\windows\system32\smartscreen.exe
2017-05-10 20:08 - 2017-04-28 01:42 - 01692160 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.onecore.dll
2017-05-10 20:08 - 2017-04-28 01:42 - 01021440 _____ (Microsoft Corporation) C:\windows\system32\usermgr.dll
2017-05-10 20:08 - 2017-04-28 01:42 - 00945664 _____ (Microsoft Corporation) C:\windows\system32\WpcWebFilter.dll
2017-05-10 20:08 - 2017-04-28 01:42 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-10 20:08 - 2017-04-28 01:41 - 01359872 _____ (Microsoft Corporation) C:\windows\system32\SharedStartModel.dll
2017-05-10 20:08 - 2017-04-28 01:41 - 00983040 _____ (Microsoft Corporation) C:\windows\system32\ngcsvc.dll
2017-05-10 20:08 - 2017-04-28 01:41 - 00860160 _____ (Microsoft Corporation) C:\windows\system32\mprddm.dll
2017-05-10 20:08 - 2017-04-28 01:41 - 00759296 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2017-05-10 20:08 - 2017-04-28 01:41 - 00650752 _____ (Microsoft Corporation) C:\windows\system32\RDXService.dll
2017-05-10 20:08 - 2017-04-28 01:41 - 00611328 _____ (Microsoft Corporation) C:\windows\system32\Windows.Graphics.Printing.dll
2017-05-10 20:08 - 2017-04-28 01:41 - 00591360 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2017-05-10 20:08 - 2017-04-28 01:41 - 00376832 _____ (Microsoft Corporation) C:\windows\system32\CryptoWinRT.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 04474368 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_47.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 02914816 _____ (Microsoft Corporation) C:\windows\system32\CertEnroll.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 02510848 _____ (Microsoft Corporation) C:\windows\system32\NetworkMobileSettings.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 02208768 _____ (Microsoft Corporation) C:\windows\system32\Windows.Graphics.Printing.3D.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 02096640 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2017-05-10 20:08 - 2017-04-28 01:40 - 01643008 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Speech.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 01586176 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 01040896 _____ (Microsoft Corporation) C:\windows\system32\NaturalLanguage6.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 00971264 _____ (Microsoft Corporation) C:\windows\system32\twinui.appcore.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 00913920 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.dll
2017-05-10 20:08 - 2017-04-28 01:39 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\MbaeApiPublic.dll
2017-05-10 20:08 - 2017-04-28 01:38 - 05611008 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2017-05-10 20:08 - 2017-04-28 01:38 - 01490432 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-05-10 20:08 - 2017-04-28 01:38 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\usercpl.dll
2017-05-10 20:08 - 2017-04-28 01:38 - 01275392 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Bluetooth.dll
2017-05-10 20:08 - 2017-04-28 01:38 - 00765440 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Sensors.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 04744192 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 04149248 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 03134976 _____ (Microsoft Corporation) C:\windows\system32\rdpcore.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 02895872 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 02316288 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 02286592 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 02216960 _____ (Microsoft Corporation) C:\windows\system32\OpcServices.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 01984000 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 01783296 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 01637888 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 00881664 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 00875520 _____ (Microsoft Corporation) C:\windows\system32\TokenBroker.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 03613184 _____ (Microsoft Corporation) C:\windows\system32\win32kfull.sys
2017-05-10 20:08 - 2017-04-28 01:36 - 02691072 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Logon.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 02478080 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 01844224 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 01513472 _____ (Microsoft Corporation) C:\windows\system32\win32kbase.sys
2017-05-10 20:08 - 2017-04-28 01:36 - 01328640 _____ (Microsoft Corporation) C:\windows\system32\Windows.Web.Http.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 01131008 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 00774656 _____ (Microsoft Corporation) C:\windows\system32\Windows.Web.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 00735744 _____ (Microsoft Corporation) C:\windows\system32\LogonController.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 00716800 _____ (Microsoft Corporation) C:\windows\system32\ShareHost.dll
2017-05-10 20:08 - 2017-04-28 01:35 - 03299840 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2017-05-10 20:08 - 2017-04-28 01:35 - 01121280 _____ (Microsoft Corporation) C:\windows\system32\aadtb.dll
2017-05-10 20:08 - 2017-04-28 01:35 - 00924672 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-10 20:08 - 2017-04-28 01:34 - 00999424 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2017-05-10 20:08 - 2017-04-28 01:34 - 00439296 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2017-05-10 20:08 - 2017-04-28 01:34 - 00394240 _____ (Microsoft Corporation) C:\windows\system32\rdpclip.exe
2017-05-10 20:08 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\windows\system32\LicenseManager.dll
2017-05-10 20:08 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2017-05-10 20:08 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\windows\system32\indexeddbserver.dll
2017-05-10 20:08 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\windows\system32\AppContracts.dll
2017-05-10 20:08 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Editing.dll
2017-05-10 20:08 - 2016-12-21 09:09 - 00368640 _____ (Microsoft Corporation) C:\windows\system32\OneBackupHandler.dll
2017-05-10 20:07 - 2017-04-28 02:56 - 01117024 _____ (Microsoft Corporation) C:\windows\system32\ReAgent.dll
2017-05-10 20:07 - 2017-04-28 02:49 - 00700936 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2017-05-10 20:07 - 2017-04-28 02:47 - 00699744 _____ (Microsoft Corporation) C:\windows\system32\wimgapi.dll
2017-05-10 20:07 - 2017-04-28 02:47 - 00501088 _____ (Microsoft Corporation) C:\windows\system32\spwizeng.dll
2017-05-10 20:07 - 2017-04-28 02:44 - 00062816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fsdepends.sys
2017-05-10 20:07 - 2017-04-28 02:42 - 00526176 _____ (Microsoft Corporation) C:\windows\system32\wimserv.exe
2017-05-10 20:07 - 2017-04-28 02:30 - 00322912 _____ (Microsoft Corporation) C:\windows\system32\input.dll
2017-05-10 20:07 - 2017-04-28 02:28 - 00455520 _____ (Microsoft Corporation) C:\windows\system32\securekernel.exe
2017-05-10 20:07 - 2017-04-28 02:03 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\BthTelemetry.dll
2017-05-10 20:07 - 2017-04-28 02:02 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2017-05-10 20:07 - 2017-04-28 02:01 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_ClosedCaptioning.dll
2017-05-10 20:07 - 2017-04-28 02:01 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\virtdisk.dll
2017-05-10 20:07 - 2017-04-28 02:00 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\Windows.System.Profile.RetailInfo.dll
2017-05-10 20:07 - 2017-04-28 02:00 - 00120832 _____ (Microsoft Corporation) C:\windows\system32\BluetoothApis.dll
2017-05-10 20:07 - 2017-04-28 02:00 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\Windows.StateRepositoryBroker.dll
2017-05-10 20:07 - 2017-04-28 01:59 - 00567296 _____ (Microsoft Corporation) C:\windows\system32\DevicePairing.dll
2017-05-10 20:07 - 2017-04-28 01:59 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2017-05-10 20:07 - 2017-04-28 01:58 - 00150016 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.AppDefaults.dll
2017-05-10 20:07 - 2017-04-28 01:58 - 00130560 _____ (Microsoft Corporation) C:\windows\system32\ConsentUX.dll
2017-05-10 20:07 - 2017-04-28 01:57 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\dafBth.dll
2017-05-10 20:07 - 2017-04-28 01:57 - 00157184 _____ (Microsoft Corporation) C:\windows\system32\bthserv.dll
2017-05-10 20:07 - 2017-04-28 01:56 - 00267264 _____ (Microsoft Corporation) C:\windows\system32\vaultcli.dll
2017-05-10 20:07 - 2017-04-28 01:55 - 00231424 _____ (Microsoft Corporation) C:\windows\system32\bthprops.cpl
2017-05-10 20:07 - 2017-04-28 01:50 - 01476608 _____ (Microsoft Corporation) C:\windows\system32\RecoveryDrive.exe
2017-05-10 20:07 - 2017-04-28 01:50 - 00380416 _____ (Microsoft Corporation) C:\windows\system32\LocationApi.dll
2017-05-10 20:07 - 2017-04-28 01:50 - 00338944 _____ (Microsoft Corporation) C:\windows\system32\adsnt.dll
2017-05-10 20:07 - 2017-04-28 01:48 - 00337920 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2017-05-10 20:07 - 2017-04-28 01:47 - 00649216 _____ (Microsoft Corporation) C:\windows\system32\vds.exe
2017-05-10 20:07 - 2017-04-28 01:46 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\wbengine.exe
2017-05-10 20:07 - 2017-04-28 01:46 - 01443328 _____ (Microsoft Corporation) C:\windows\system32\VSSVC.exe
2017-05-10 20:07 - 2017-04-28 01:46 - 00501248 _____ (Microsoft Corporation) C:\windows\system32\imapi2.dll
2017-05-10 20:07 - 2017-04-28 01:46 - 00374784 _____ (Microsoft Corporation) C:\windows\system32\resutils.dll
2017-05-10 20:07 - 2017-04-28 01:45 - 00130560 _____ (Microsoft Corporation) C:\windows\system32\SpaceAgent.exe
2017-05-10 20:07 - 2017-04-28 01:43 - 00600576 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2017-05-10 20:07 - 2017-04-28 01:43 - 00560128 _____ (Microsoft Corporation) C:\windows\system32\AppReadiness.dll
2017-05-10 20:07 - 2017-04-28 01:41 - 00890368 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2017-05-10 20:07 - 2017-04-28 01:41 - 00828416 _____ (Microsoft Corporation) C:\windows\system32\appwiz.cpl
2017-05-10 20:07 - 2017-04-28 01:40 - 00886784 _____ (Microsoft Corporation) C:\windows\system32\CPFilters.dll
2017-05-10 20:07 - 2017-04-28 01:40 - 00770560 _____ (Microsoft Corporation) C:\windows\system32\bisrv.dll
2017-05-10 20:07 - 2017-04-28 01:39 - 00673792 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2017-05-10 20:07 - 2017-04-28 01:34 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\spaceman.exe
2017-05-10 20:07 - 2017-04-28 01:33 - 01817088 _____ (Microsoft Corporation) C:\windows\system32\ResetEngine.dll
2017-05-08 06:36 - 2017-05-08 06:36 - 00001213 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-05-06 09:06 - 2017-05-06 09:06 - 00380724 _____ C:\windows\Minidump\050617-7000-01.dmp
2017-04-30 22:56 - 2017-05-13 21:32 - 00001753 _____ C:\Users\Floh\Desktop\Neues Textdokument.txt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-27 11:38 - 2016-12-30 15:10 - 00000000 ____D C:\Users\Floh\AppData\LocalLow\Mozilla
2017-05-27 11:37 - 2017-01-23 19:13 - 00000000 ____D C:\Users\Public\Documents\phase6_18_Daten
2017-05-27 11:37 - 2016-12-18 16:58 - 00000000 ____D C:\Users\Floh
2017-05-27 11:07 - 2016-12-18 16:59 - 00000000 ____D C:\Users\Floh\AppData\Local\Packages
2017-05-27 11:07 - 2016-07-16 13:47 - 00000000 ____D C:\windows\AppReadiness
2017-05-27 11:06 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-27 08:02 - 2016-12-30 20:26 - 00000000 ____D C:\Users\Floh\AppData\Local\Warframe
2017-05-26 22:36 - 2016-08-10 11:49 - 00000000 ____D C:\windows\system32\SleepStudy
2017-05-26 08:02 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-26 08:01 - 2016-08-11 11:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-25 18:32 - 2016-07-16 13:45 - 00000000 ____D C:\windows\INF
2017-05-24 20:26 - 2016-07-16 13:47 - 00000000 ____D C:\windows\system32\appraiser
2017-05-24 20:26 - 2016-07-16 13:36 - 00000000 ____D C:\windows\CbsTemp
2017-05-24 08:04 - 2016-08-11 14:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-23 20:13 - 2016-12-31 13:39 - 00000000 ____D C:\windows\system32\MRT
2017-05-23 20:12 - 2016-12-31 13:39 - 132223576 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-05-22 17:13 - 2016-12-30 15:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-22 17:13 - 2016-12-30 15:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-17 15:28 - 2016-08-10 16:29 - 01828542 _____ C:\windows\system32\perfh007.dat
2017-05-17 15:28 - 2016-08-10 16:29 - 00617140 _____ C:\windows\system32\perfc007.dat
2017-05-17 15:28 - 2016-08-10 11:57 - 04452372 _____ C:\windows\system32\PerfStringBackup.INI
2017-05-17 15:25 - 2017-03-06 18:26 - 00000000 ____D C:\ProgramData\AMD
2017-05-17 15:25 - 2017-03-01 09:15 - 00000000 ____D C:\Program Files\AMD
2017-05-17 15:25 - 2016-12-30 15:16 - 00000000 ____D C:\AMD
2017-05-16 18:06 - 2017-01-25 02:29 - 01516416 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atiadlxx.dll
2017-05-16 18:06 - 2017-01-25 02:29 - 00777088 _____ (AMD) C:\windows\system32\atieclxx.exe
2017-05-16 18:06 - 2017-01-25 02:29 - 00551808 _____ (AMD) C:\windows\system32\atiesrxx.exe
2017-05-16 18:06 - 2017-01-25 02:29 - 00278400 _____ C:\windows\system32\clinfo.exe
2017-05-16 18:06 - 2017-01-25 02:29 - 00029048 _____ (Microsoft Corporation) C:\windows\SysWOW64\detoured.dll
2017-05-16 18:06 - 2016-08-11 12:50 - 00365440 _____ C:\windows\SysWOW64\GameManager32.dll
2017-05-16 18:06 - 2016-08-11 12:50 - 00276352 _____ C:\windows\system32\hsa-thunk64.dll
2017-05-16 18:06 - 2016-08-11 12:50 - 00191360 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\mantle64.dll
2017-05-16 18:06 - 2016-08-11 12:50 - 00169856 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\mantleaxl64.dll
2017-05-16 18:06 - 2016-08-11 12:50 - 00150912 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\mantle32.dll
2017-05-16 18:06 - 2016-08-11 12:50 - 00135040 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\mantleaxl32.dll
2017-05-14 22:13 - 2017-01-22 14:50 - 858491974 _____ C:\windows\MEMORY.DMP
2017-05-14 22:13 - 2017-01-22 14:50 - 00000000 ____D C:\windows\Minidump
2017-05-14 22:13 - 2016-08-10 11:49 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-05-13 18:24 - 2016-07-16 13:47 - 00000000 ____D C:\windows\rescache
2017-05-13 15:22 - 2017-01-03 13:20 - 00000000 ____D C:\Users\Floh\AppData\Local\Adobe
2017-05-13 15:22 - 2016-07-16 13:47 - 00000000 ____D C:\windows\SysWOW64\Macromed
2017-05-13 15:22 - 2016-07-16 13:47 - 00000000 ____D C:\windows\system32\Macromed
2017-05-11 07:13 - 2016-08-10 11:52 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-11 07:07 - 2016-08-10 11:49 - 00358496 _____ C:\windows\system32\FNTCACHE.DAT
2017-05-10 22:37 - 2016-08-12 13:27 - 00065536 _____ C:\windows\system32\spu_storage.bin
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ___SD C:\windows\SysWOW64\F12
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ___SD C:\windows\system32\F12
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ___RD C:\windows\ImmersiveControlPanel
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ____D C:\windows\system32\SystemResetPlatform
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ____D C:\windows\system32\oobe
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ____D C:\windows\ShellExperiences
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ____D C:\windows\Provisioning
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ____D C:\windows\PolicyDefinitions
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-10 22:37 - 2016-07-16 08:04 - 00524288 _____ C:\windows\system32\config\BBI
2017-05-10 22:37 - 2016-07-16 08:04 - 00000000 ____D C:\windows\SysWOW64\Dism
2017-05-10 19:50 - 2016-07-16 13:42 - 00073728 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll
2017-05-08 06:36 - 2016-12-30 15:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-05-08 06:35 - 2016-08-11 14:14 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-05 22:39 - 2016-12-30 17:10 - 00000000 ____D C:\Users\Floh\AppData\Roaming\Origin
2017-05-05 22:39 - 2016-12-30 17:06 - 00000000 ____D C:\ProgramData\Origin
2017-04-29 02:59 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2017-04-29 02:59 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-28 03:01 - 2016-08-10 11:54 - 02717184 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-12-18 16:59 - 2017-05-27 11:37 - 16211409 _____ () C:\Users\Floh\AppData\Local\BTServer.log
2016-08-11 14:32 - 2016-08-11 14:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
2017-03-01 09:09 - 2017-03-01 09:09 - 1177480 _____ () C:\Users\Floh\AppData\Local\Temp\AMDCleanupUtility.exe
2017-03-01 09:09 - 2017-03-01 09:09 - 0250248 _____ () C:\Users\Floh\AppData\Local\Temp\Cleanup.dll
2017-03-01 09:09 - 2017-03-01 09:09 - 0065536 _____ (Windows (R) Server 2003 DDK provider) C:\Users\Floh\AppData\Local\Temp\ddu.exe
2017-01-23 19:13 - 2017-05-16 15:34 - 0196608 _____ (Sony DADC Austria AG) C:\Users\Floh\AppData\Local\Temp\drm_dyndata_7260005.dll
2017-03-01 09:09 - 2017-03-01 09:09 - 0516096 _____ (Microsoft Corporation) C:\Users\Floh\AppData\Local\Temp\msvcm80.dll
2017-03-01 09:09 - 2017-03-01 09:09 - 1061376 _____ (Microsoft Corporation) C:\Users\Floh\AppData\Local\Temp\msvcp80.dll
2017-03-01 09:09 - 2017-03-01 09:09 - 0796672 _____ (Microsoft Corporation) C:\Users\Floh\AppData\Local\Temp\msvcr80.dll
2017-01-21 20:54 - 2017-01-21 20:54 - 6441176 _____ (Black Tree Gaming                                           ) C:\Users\Floh\AppData\Local\Temp\Nexus Mod Manager-0.63.13.exe
2016-12-30 15:09 - 2016-12-30 15:10 - 54267784 _____ (SweetLabs,Inc.) C:\Users\Floh\AppData\Local\Temp\octE9AB.tmp.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-18 19:34

==================== Ende von FRST.txt ============================

Rakdos · 27.05.2017, 12:20

Jetzt noch Addition.txt

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-05-2017
durchgeführt von Floh (27-05-2017 13:08:01)
Gestartet von C:\Users\Floh\Desktop
Windows 10 Home Version 1607 (X64) (2016-12-18 14:51:20)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-638367787-3787977131-1498176509-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-638367787-3787977131-1498176509-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-638367787-3787977131-1498176509-1000 - Limited - Disabled) => C:\Users\defaultuser0
Floh (S-1-5-21-638367787-3787977131-1498176509-1001 - Administrator - Enabled) => C:\Users\Floh
Gast (S-1-5-21-638367787-3787977131-1498176509-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
Antichamber (HKLM\...\Steam App 219890) (Version:  - Alexander Bruce)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.26.48 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{0b46d918-af4f-4612-8076-5c0ae67cb2aa}) (Version: 1.2.81.41506 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{897e4d08-9554-48e9-ba07-ce6040867fa3}) (Version: 1.2.83.46341 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.83.46341 - Avira Operations GmbH & Co. KG) Hidden
Battlefleet Gothic: Armada (HKLM\...\Steam App 363680) (Version:  - Tindalos Interactive)
Binary Domain (HKLM\...\Steam App 203750) (Version:  - Devil's Details)
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.4118.0 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.5115 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.5115 - CyberLink Corp.) Hidden
Dishonored (HKLM\...\Steam App 205100) (Version:  - Arkane Studios)
FTL: Faster Than Light (HKLM\...\Steam App 212680) (Version:  - Subset Games)
Galactic Civilizations I: Ultimate Edition (HKLM\...\Steam App 214150) (Version:  - Stardock Entertainment)
Grey Goo (HKLM\...\Steam App 290790) (Version:  - Petroglyph)
Homeworld Remastered Collection (HKLM\...\Steam App 244160) (Version:  - Gearbox Software)
Hotline Miami (HKLM\...\Steam App 219150) (Version:  - Dennaton Games)
Hotline Miami 2: Wrong Number (HKLM\...\Steam App 274170) (Version:  - Dennaton Games)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1159 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
LIMBO (HKLM\...\Steam App 48000) (Version:  - Playdead)
LISA (HKLM\...\Steam App 335670) (Version:  - Dingaling)
LUFTRAUSERS (HKLM\...\Steam App 233150) (Version:  - Vlambeer)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
Metro 2033 (HKLM\...\Steam App 43110) (Version:  - 4A Games)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8067.2115 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-638367787-3787977131-1498176509-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 53.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 de)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.13 - Black Tree Gaming)
NOT A HERO (HKLM\...\Steam App 274270) (Version:  - Roll7)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7967.2073 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.9.38188 - Electronic Arts, Inc.)
phase6_18 (HKLM-x32\...\{20C3DEAF-801D-4C3E-9826-E62EE16DB7AB}) (Version: 1.80.0000 - phase6)
Prey (HKLM\...\Steam App 3970) (Version:  - Humanhead Studios)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.876.867.092115 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7564 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{B63CCD1C-A133-4DF8-8306-DA0387231152}) (Version: 1.00.0282 - REALTEK Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Skyrim Script Extender (SKSE) (HKLM\...\Steam App 365720) (Version:  - The SKSE Team)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sunless Sea (HKLM\...\Steam App 304650) (Version:  - Failbetter Games)
SUPERHOT (HKLM\...\Steam App 322500) (Version:  - SUPERHOT Team)
SupportAPP (HKLM\...\{0000A0AB-3A12-1EF4-A21C-9ADE1843AB04}) (Version: 1.1 - )
The Binding of Isaac (HKLM\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
This War of Mine (HKLM\...\Steam App 282070) (Version:  - 11 bit studios)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Valkyria Chronicles™ (HKLM\...\Steam App 294860) (Version:  - SEGA)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Warframe (HKLM\...\Steam App 230410) (Version:  - Digital Extremes)
Warhammer 40,000 Space Marine (HKLM\...\Steam App 55150) (Version:  - Relic)
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM\...\Steam App 20570) (Version:  - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM\...\Steam App 56400) (Version:  - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II (HKLM\...\Steam App 15620) (Version:  - Relic Entertainment)
XCOM: Enemy Unknown (HKLM\...\Steam App 200510) (Version:  - Firaxis Games)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {08665561-B73E-4DDE-B9E0-23B2F0F15EC6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {44454128-0EF9-421B-B0C2-F72969E18B9F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
Task: {629FC0E5-C039-4AFB-81A9-F344EE3FFF15} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-26] (Microsoft Corporation)
Task: {B0E03B1B-FD11-490D-BD08-D239308BD306} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {BD566748-CA6B-483B-8564-70DC1ADCDAA8} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [2016-01-08] (CyberLink Corp.)
Task: {BFBAD1DB-C5BA-4395-986E-275496DD9464} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-26] (Microsoft Corporation)
Task: {CF79F64E-8521-4785-844E-5FE4DEB30284} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {FE4C5C63-5759-49BD-B58D-488E475FE7D9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-26] (Microsoft Corporation)
Task: {FF2A155C-9513-47AE-9058-21F37DF00BAB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-08-11 15:25 - 2015-07-20 21:19 - 00121560 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2016-08-11 15:21 - 2014-12-12 19:24 - 00044760 _____ () C:\Windows\runSW.exe
2016-08-11 15:55 - 2014-04-14 20:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\windows\SYSTEM32\ism32k.dll
2017-05-10 20:08 - 2017-04-28 02:49 - 02681200 _____ () C:\windows\System32\CoreUIComponents.dll
2017-05-10 20:08 - 2017-04-28 02:49 - 02681200 _____ () C:\windows\system32\CoreUIComponents.dll
2017-05-10 20:08 - 2017-04-28 02:49 - 02681200 _____ () C:\windows\SYSTEM32\CoreUIComponents.dll
2016-12-31 13:36 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 18:59 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 19:00 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 19:00 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 19:00 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-08-11 15:25 - 2014-07-03 11:22 - 00277720 _____ () C:\Program Files (x86)\Realtek\Realtek Bluetooth\SkypePlugin.exe
2017-05-26 07:58 - 2017-05-26 07:58 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-26 07:58 - 2017-05-26 07:58 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-05 18:54 - 2017-05-05 18:54 - 02493440 _____ () D:\Origin\libGLESv2.dll
2015-07-22 02:18 - 2015-07-22 02:18 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-03-23 14:32 - 2017-03-10 02:13 - 00674592 _____ () D:\Steam\SDL2.dll
2016-12-30 16:50 - 2016-09-01 03:02 - 04969248 _____ () D:\Steam\v8.dll
2017-04-27 13:05 - 2017-04-26 01:55 - 02465056 _____ () D:\Steam\video.dll
2016-12-30 16:50 - 2016-01-27 09:49 - 02549760 _____ () D:\Steam\libavcodec-56.dll
2016-12-30 16:50 - 2016-01-27 09:49 - 00491008 _____ () D:\Steam\libavformat-56.dll
2016-12-30 16:50 - 2016-01-27 09:49 - 00332800 _____ () D:\Steam\libavresample-2.dll
2016-12-30 16:50 - 2016-01-27 09:49 - 00442880 _____ () D:\Steam\libavutil-54.dll
2016-12-30 16:50 - 2016-01-27 09:49 - 00485888 _____ () D:\Steam\libswscale-3.dll
2016-12-30 16:50 - 2016-09-01 03:02 - 01563936 _____ () D:\Steam\icui18n.dll
2016-12-30 16:50 - 2016-09-01 03:02 - 01195296 _____ () D:\Steam\icuuc.dll
2017-04-27 13:05 - 2017-04-26 01:55 - 00848672 _____ () D:\Steam\bin\chromehtml.DLL
2016-12-30 16:50 - 2016-07-05 00:17 - 00266560 _____ () D:\Steam\openvr_api.dll
2016-08-11 15:54 - 2014-12-08 09:28 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2014-12-08 17:28 - 2014-12-08 17:28 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2017-03-10 08:29 - 2017-01-30 23:41 - 68875552 _____ () D:\Steam\bin\cef\cef.win7\libcef.dll
2017-04-27 13:05 - 2017-04-26 01:55 - 00383776 _____ () D:\Steam\steam.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-638367787-3787977131-1498176509-1001\...\sharepoint.com -> hxxps://kettelerkolleg-files.sharepoint.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 13:47 - 2016-07-16 13:45 - 00000824 _____ C:\windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\DefaultProfile\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-638367787-3787977131-1498176509-1001\Control Panel\Desktop\\Wallpaper -> I:\General\Scenery\All+right+i+ll+give+you+this+instead+_40f57feac904ddf8eff0fa6b078fda87.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{8F92964E-0BD9-4497-A5B0-18F57A75EA9A}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{2D3F8735-B2F2-4BA5-A888-04ECEB1E559F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{FDDA359F-243C-49A0-AD05-A8E2FBAE7845}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B71B5B7C-7FA8-4075-B534-22405FD20D4F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FF52B7E9-FACF-4CF2-A977-A7AE19758B3C}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{77AB0D28-7AD2-4925-9B0A-2ED0B7D5F19F}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{12260319-4919-4FAB-875E-06FA1811BF76}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{32FA8048-3476-4993-AD2B-24C48B8B171C}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1927B711-471F-4338-B8BA-43052169A704}] => (Allow) D:\Steam\steamapps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{76D01136-9FB5-40DD-B75F-B0C384A0E18D}] => (Allow) D:\Steam\steamapps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{6A1622EE-671F-4BAB-ADBB-3E1F46AF5415}] => (Allow) D:\Steam\steamapps\common\Hotline Miami 2\HotlineMiami2.exe
FirewallRules: [{EA5C0784-3719-4B63-9B1E-A8DDAABC2700}] => (Allow) D:\Steam\steamapps\common\Hotline Miami 2\HotlineMiami2.exe
FirewallRules: [{36A0D77F-FF89-4A21-914A-FB04284F87B3}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{6E3321CC-EB6D-4424-AB72-A2929FDCE9C7}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{BF35BDF4-69FD-4D8F-8F0A-C2BF50BCEAE0}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{4EC3C625-B408-4EB8-94E4-23038878D764}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{61D18C55-4BA0-4BAE-9AD6-6D5A6E4E959F}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{98C74FE6-77B5-4EC8-B975-8A56E9BC8E2B}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{753D181E-4F58-46D4-A9E5-169DE95EBFCA}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{88EFCC6C-3049-4575-8875-59D387D32511}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{68302FC4-648B-4FA1-8215-C3F0E1972630}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{80879F01-892A-4AF9-A917-07015A761E0F}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{625493E0-F785-493E-8066-C4F1B9A9FD7D}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{4194FE06-1FE7-428C-94B8-0B46DE9C8E89}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{72EDBB47-7EFF-401E-9D0E-51F5EFEFEE1F}] => (Allow) D:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{772FFA01-7544-4CD0-9576-FF1788BB2B0A}] => (Allow) D:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{C46BC9B3-9F23-4962-9D3B-FC4C36207142}] => (Allow) D:\Steam\steamapps\common\Battlefleet Gothic Armada\BattleFleetGothic.exe
FirewallRules: [{19446A98-01CC-4FD5-BF15-8395C81947C5}] => (Allow) D:\Steam\steamapps\common\Battlefleet Gothic Armada\BattleFleetGothic.exe
FirewallRules: [{86ACDFEC-37D0-43DB-BBF1-87C42C059CAB}] => (Allow) D:\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{34E3533B-FDEC-4F0C-90F1-E1A6AFB912DD}] => (Allow) D:\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [TCP Query User{1AE9BFDE-4C01-4D89-82E0-8EE402FE0A5A}D:\steam\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [UDP Query User{69E92EB0-0BE6-46A8-9986-DDA32244D97E}D:\steam\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\battlefleet gothic armada\battlefleetgothic\binaries\win64\battlefleetgothic-win64-shipping.exe
FirewallRules: [{45722CD2-73A4-4463-B906-16F1A6968237}] => (Allow) D:\Steam\steamapps\common\SunlessSea\Sunless Sea.exe
FirewallRules: [{50861FA6-99F1-48B3-82F1-620466849C16}] => (Allow) D:\Steam\steamapps\common\SunlessSea\Sunless Sea.exe
FirewallRules: [{E546CDC4-08FF-42B2-8406-1615F2C7A605}] => (Allow) D:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{DA5FAA73-499B-481C-BB33-9303EB0D0B03}] => (Allow) D:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{B2064219-12E6-45E7-A8D3-774A70FB9A99}] => (Allow) D:\Steam\steamapps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{F0501281-3CFE-453A-BD88-C39DF6FABA4E}] => (Allow) D:\Steam\steamapps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{3A628EE4-D2DA-4AEC-A349-40D6B1D0B2A8}] => (Allow) D:\Steam\steamapps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [{3B46807C-BE55-4091-9C17-55F54BADD859}] => (Allow) D:\Steam\steamapps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [{FC99486B-8B02-4261-9ED5-5D4E7668003B}] => (Allow) D:\Steam\steamapps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe
FirewallRules: [{7A292461-2B9A-48DB-865D-1F42BC0EED4D}] => (Allow) D:\Steam\steamapps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe
FirewallRules: [{4571E820-CE93-44B6-AF1F-95306F189596}] => (Allow) D:\Steam\steamapps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{CD912B69-B341-4048-803D-ADBDD5024445}] => (Allow) D:\Steam\steamapps\common\Homeworld\HWLauncher\Launcher.exe
FirewallRules: [{44385493-641D-46F3-A652-2F27376495A4}] => (Allow) D:\Steam\steamapps\common\Luftrausers\bin\Luftrausers.exe
FirewallRules: [{A90F2DCB-810A-4D3A-A604-DF9E62E55D12}] => (Allow) D:\Steam\steamapps\common\Luftrausers\bin\Luftrausers.exe
FirewallRules: [{11996304-C00D-4BE4-8FA2-63A87D8796AF}] => (Allow) D:\Steam\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{F86BD033-1EC5-4027-BD57-695F2FE8D8EE}] => (Allow) D:\Steam\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{F9482779-C86F-4796-ADC5-B73C18B1A279}] => (Allow) D:\Steam\steamapps\common\Prey\prey.exe
FirewallRules: [{B9E6B756-C411-4E90-9996-A989E415F76B}] => (Allow) D:\Steam\steamapps\common\Prey\prey.exe
FirewallRules: [TCP Query User{48AE0171-27A1-4615-B1EB-693B35A6ACC7}D:\steam\steamapps\common\greygoo\goog.exe] => (Allow) D:\steam\steamapps\common\greygoo\goog.exe
FirewallRules: [UDP Query User{E51B0678-C9F8-433B-888B-E908F0D23A52}D:\steam\steamapps\common\greygoo\goog.exe] => (Allow) D:\steam\steamapps\common\greygoo\goog.exe
FirewallRules: [{516B16CA-5638-4267-972B-239ACAA74CFA}] => (Allow) D:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{EF654540-44BC-48A0-BB54-396AC5C9401B}] => (Allow) D:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{C7D101F7-FE35-42FE-BA36-E69C240BFC70}] => (Allow) D:\Steam\steamapps\common\LISA\mkxp\lisa.exe
FirewallRules: [{9B8CF8C4-A5E0-4E5B-88EB-040AE8078650}] => (Allow) D:\Steam\steamapps\common\LISA\mkxp\lisa.exe
FirewallRules: [{C528F37B-A3B5-4D0A-9130-07F36DA8069E}] => (Allow) D:\Steam\steamapps\common\LISA\Game.exe
FirewallRules: [{945BBD8E-B041-44EA-A463-4DEF4AC45E88}] => (Allow) D:\Steam\steamapps\common\LISA\Game.exe
FirewallRules: [{A44167CC-00E1-4A6D-9115-8AEA61FF71E5}] => (Allow) D:\Steam\steamapps\common\LISA\mkxp\lisa.exe
FirewallRules: [{8A0B615A-6D7B-4879-A6CF-3B347948F7D3}] => (Allow) D:\Steam\steamapps\common\LISA\mkxp\lisa.exe
FirewallRules: [{86630127-CD3C-4711-8DF2-BC09529BEDA2}] => (Allow) D:\Steam\steamapps\common\Limbo\limbo.exe
FirewallRules: [{1349DC96-C85C-4B9E-B5BB-FCC9927D83FB}] => (Allow) D:\Steam\steamapps\common\Limbo\limbo.exe
FirewallRules: [{3C3F3C66-0852-4B57-B9D2-DC4EBBD7F1C6}] => (Allow) D:\Steam\steamapps\common\SUPERHOT\SUPERHOT.exe
FirewallRules: [{C4F6D911-DD4D-4B4E-8150-73BDDE9DAEEB}] => (Allow) D:\Steam\steamapps\common\SUPERHOT\SUPERHOT.exe
FirewallRules: [{E13FC14C-C6CA-4B47-8030-16BD57F45A77}] => (Allow) D:\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{A64F6276-8235-49E9-B342-36D895B1F771}] => (Allow) D:\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{92A37655-FF62-4A55-B94A-6A90486C0257}] => (Allow) D:\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{9507015B-C26D-40C9-8164-F8C539900F6D}] => (Allow) D:\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{C70CDC7B-1270-4C48-AD0E-5E245AC32367}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{DCCBB712-41AC-4A1A-88DA-6A5FE07EC167}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{AECE1E83-0DFF-4CA5-9EA8-C48DFE199B40}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{B37931AC-D8DA-44FE-BBD4-8A9729C3F09E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{79CA432F-D0BE-4C6A-995D-D1B9C31689F0}] => (Allow) D:\Steam\steamapps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{FF8E9FDD-B3EB-40E4-8BB4-07D67FD2B84F}] => (Allow) D:\Steam\steamapps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{FC3F9F68-DE82-4871-A61C-CDF130D00326}] => (Allow) D:\Steam\steamapps\common\Valkyria Chronicles\Launcher.exe
FirewallRules: [{B9243B58-CA2F-4BC9-8CB7-B42A572A4A22}] => (Allow) D:\Steam\steamapps\common\Valkyria Chronicles\Launcher.exe
FirewallRules: [TCP Query User{8CAA880E-7C3A-4585-B3E2-9ACE0FCDDCBA}D:\steam\steamapps\common\greygoo\instanceserverg.exe] => (Allow) D:\steam\steamapps\common\greygoo\instanceserverg.exe
FirewallRules: [UDP Query User{6BACE671-3F49-4DA7-A245-EBAA8ECFF620}D:\steam\steamapps\common\greygoo\instanceserverg.exe] => (Allow) D:\steam\steamapps\common\greygoo\instanceserverg.exe
FirewallRules: [{48E314EA-EEA3-46CD-ABFA-DE9E22744AB0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{BDCCE436-0BA8-4CA6-A6E2-451532A3B495}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{29D37A4B-B3CD-4486-9AC9-9C74BFDBF912}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B72C64C5-471A-4E73-849A-F3580F652CD3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{16F95794-333B-4228-840C-A80E0B41E6FA}] => (Allow) D:\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{0C2BC47B-AD89-4C9B-A97B-5F321B632560}] => (Allow) D:\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{ABDB061C-03DB-451C-BBFD-A39B822D6AD7}] => (Allow) D:\Steam\steamapps\common\LISA\mkxp\lisa.exe
FirewallRules: [{57BB4DF4-F439-4767-A4BB-0ADE18EDDDD3}] => (Allow) D:\Steam\steamapps\common\LISA\mkxp\lisa.exe
FirewallRules: [{B4F4053C-62CB-4137-BCB3-E0E5FE349487}] => (Allow) D:\Steam\steamapps\common\LISA\JOYFUL\Game.exe
FirewallRules: [{B2C791FB-2A0E-49F5-829A-10E541F001A4}] => (Allow) D:\Steam\steamapps\common\LISA\JOYFUL\Game.exe
FirewallRules: [{5EFAE7E7-C113-43E8-BF76-BA888F60BEB6}] => (Allow) D:\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{CB747FD0-C915-4D58-A939-11FD2711FA5B}] => (Allow) D:\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{287D5B83-3F60-4E20-95A3-F044E4A88BC3}] => (Allow) D:\Steam\steamapps\common\Galactic Civilizations I Ultimate Edition\AltarianProphecy\GalCiv.exe
FirewallRules: [{D60F120F-7185-4A6B-8ACE-7B27B5C3A682}] => (Allow) D:\Steam\steamapps\common\Galactic Civilizations I Ultimate Edition\AltarianProphecy\GalCiv.exe
FirewallRules: [{1C1018CE-4885-4A4B-BA5B-9BEA0784B027}] => (Allow) D:\Steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{44859C28-FB7B-4BE8-89A1-0A85C4DC6080}] => (Allow) D:\Steam\steamapps\common\Antichamber\Binaries\Win32\UDK.exe
FirewallRules: [{15F4C67E-06DA-47FA-A717-1C87ECA05624}] => (Allow) D:\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{2942459C-5CC1-4937-A2EA-EFAD7936EECC}] => (Allow) D:\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{27B81C98-B5FC-43B5-B910-B352B8C94A39}] => (Allow) D:\Steam\steamapps\common\Binary Domain\BinaryDomain.exe
FirewallRules: [{50DE3A2B-B0ED-4480-B50D-8A3B6BA2A320}] => (Allow) D:\Steam\steamapps\common\Binary Domain\BinaryDomain.exe
FirewallRules: [{8C497D5B-BB75-4009-AADB-B34C28659255}] => (Allow) D:\Steam\steamapps\common\Binary Domain\BinaryDomainConfiguration.exe
FirewallRules: [{E2A0C288-C260-4931-A0AC-2AB6C92CA842}] => (Allow) D:\Steam\steamapps\common\Binary Domain\BinaryDomainConfiguration.exe
FirewallRules: [{0BEB31B3-02CC-4D70-B469-C5887E4FA8BE}] => (Allow) D:\Steam\steamapps\common\Not a Hero\NOT A HERO.exe
FirewallRules: [{84783B4F-AF92-46A2-879A-F6EBCCDFD492}] => (Allow) D:\Steam\steamapps\common\Not a Hero\NOT A HERO.exe
FirewallRules: [{FFD5C054-EDCD-4645-89E4-59DFCF182FF7}] => (Allow) D:\Steam\steamapps\common\Not a Hero\LEGACY.exe
FirewallRules: [{3DD7E870-72D1-4915-ABAC-0ABC80BFFCDE}] => (Allow) D:\Steam\steamapps\common\Not a Hero\LEGACY.exe
FirewallRules: [{51EA8B98-3D37-4533-985A-598580A478FB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{959FBE32-4964-4E8E-94A6-AD0ADC9F7E33}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/27/2017 10:21:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: consent.exe, Version: 10.0.14393.0, Zeitstempel: 0x57899acd
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.14393.1198, Zeitstempel: 0x5902836c
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000006d5eab
ID des fehlerhaften Prozesses: 0x122c
Startzeit der fehlerhaften Anwendung: 0x01d2d6c231a6649e
Pfad der fehlerhaften Anwendung: C:\windows\system32\consent.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\Windows.UI.Xaml.dll
Berichtskennung: 860b8c42-2b09-4da5-adec-cdfb3729e3cb
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/27/2017 07:16:25 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\cyberlink\photodirector6\kernel\ces\CES_CacheAgent.exe.Manifest".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/27/2017 07:16:25 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\cyberlink\photodirector6\kernel\ces\CES_AudioCacheAgent.exe.Manifest".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/27/2017 07:14:59 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (05/26/2017 07:57:45 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\cyberlink\photodirector6\kernel\ces\CES_CacheAgent.exe.Manifest".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/26/2017 07:57:45 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\cyberlink\photodirector6\kernel\ces\CES_AudioCacheAgent.exe.Manifest".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/26/2017 07:56:29 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (05/25/2017 06:53:20 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\cyberlink\photodirector6\kernel\ces\CES_CacheAgent.exe.Manifest".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/25/2017 06:53:20 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\cyberlink\photodirector6\kernel\ces\CES_AudioCacheAgent.exe.Manifest".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/25/2017 06:52:28 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.


Systemfehler:
=============
Error: (05/27/2017 11:37:33 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/27/2017 11:37:33 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/27/2017 11:37:32 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/27/2017 11:07:09 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/27/2017 10:16:00 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (05/27/2017 10:16:00 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (05/27/2017 07:12:26 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/27/2017 07:12:26 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/27/2017 07:12:26 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/26/2017 11:47:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-6402P CPU @ 2.80GHz
Prozentuale Nutzung des RAM: 38%
Installierter physikalischer RAM: 8146.64 MB
Verfügbarer physikalischer RAM: 5005.41 MB
Summe virtueller Speicher: 9426.64 MB
Verfügbarer virtueller Speicher: 5147.53 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:117.64 GB) (Free:76.58 GB) NTFS
Drive d: (Data) (Fixed) (Total:871.51 GB) (Free:665.87 GB) NTFS
Drive e: (Recover) (Fixed) (Total:60 GB) (Free:42.47 GB) NTFS
Drive g: (PHASE_6_18) (CDROM) (Total:0.18 GB) (Free:0 GB) CDFS
Drive h: (DOKUMENTE) (Removable) (Total:14.44 GB) (Free:12.06 GB) FAT32
Drive i: (BILDER) (Removable) (Total:28.89 GB) (Free:5.89 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8ABE4A17)

Partition: GPT.

========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: 8ABE4A28)

Partition: GPT.

========================================================
Disk: 2 (Size: 28.9 GB) (Disk ID: 1A4C74CE)
Partition 1: (Active) - (Size=28.9 GB) - (Type=0B)

========================================================
Disk: 3 (Size: 14.5 GB) (Disk ID: 547B7EC7)
Partition 1: (Not Active) - (Size=14.5 GB) - (Type=0B)

==================== Ende von Addition.txt ============================

Rakdos · 27.05.2017, 12:23

Schritt 2:
Ich bin gezwungen den Code aufzuteilen.

Code:

ATTFilter

13:10:27.0079 0x1e64  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
13:10:27.0079 0x1e64  UEFI system
13:10:55.0860 0x1e64  ============================================================
13:10:55.0860 0x1e64  Current date / time: 2017/05/27 13:10:55.0860
13:10:55.0863 0x1e64  SystemInfo:
13:10:55.0863 0x1e64  
13:10:55.0863 0x1e64  OS Version: 10.0.14393 ServicePack: 0.0
13:10:55.0863 0x1e64  Product type: Workstation
13:10:55.0863 0x1e64  ComputerName: DESKTOP-TSI6RU0
13:10:55.0863 0x1e64  UserName: Floh
13:10:55.0863 0x1e64  Windows directory: C:\windows
13:10:55.0863 0x1e64  System windows directory: C:\windows
13:10:55.0863 0x1e64  Running under WOW64
13:10:55.0863 0x1e64  Processor architecture: Intel x64
13:10:55.0863 0x1e64  Number of processors: 4
13:10:55.0863 0x1e64  Page size: 0x1000
13:10:55.0863 0x1e64  Boot type: Normal boot
13:10:55.0863 0x1e64  CodeIntegrityOptions = 0x0000C001
13:10:55.0863 0x1e64  ============================================================
13:10:55.0942 0x1e64  KLMD registered as C:\windows\system32\drivers\91216807.sys
13:10:55.0942 0x1e64  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1198, osProperties = 0x19
13:10:55.0996 0x1e64  System UUID: {05E70956-2A8E-91F0-C323-818A97935484}
13:10:56.0242 0x1e64  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:10:56.0243 0x1e64  Drive \Device\Harddisk1\DR1 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:10:56.0245 0x1e64  Drive \Device\Harddisk2\DR2 - Size: 0x73A000000 ( 28.91 Gb ), SectorSize: 0x200, Cylinders: 0xEBD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:10:56.0246 0x1e64  Drive \Device\Harddisk3\DR3 - Size: 0x39D000000 ( 14.45 Gb ), SectorSize: 0x200, Cylinders: 0x75E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:10:56.0251 0x1e64  ============================================================
13:10:56.0251 0x1e64  \Device\Harddisk0\DR0:
13:10:56.0251 0x1e64  GPT partitions:
13:10:56.0252 0x1e64  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {1C9A29F0-69F8-42FA-9932-565EB05765AD}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x6CF06000
13:10:56.0252 0x1e64  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {4B27BD56-CE6E-4449-8D64-6FFDD2E9555E}, Name: Basic data partition, StartLBA 0x6CF06800, BlocksNum 0x7800000
13:10:56.0252 0x1e64  MBR partitions:
13:10:56.0252 0x1e64  \Device\Harddisk1\DR1:
13:10:56.0252 0x1e64  GPT partitions:
13:10:56.0253 0x1e64  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {18524061-D299-4B55-95BA-8AF8F1C7905F}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
13:10:56.0253 0x1e64  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {DCF1CB38-C1BC-4C87-99D2-9BC72716023D}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x8000
13:10:56.0253 0x1e64  \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {542045F3-6019-4A4E-BAAA-0FEFA7750B36}, Name: Basic data partition, StartLBA 0x3A800, BlocksNum 0xEB48000
13:10:56.0253 0x1e64  \Device\Harddisk1\DR1\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {3A5ACBD8-EC76-4412-9D53-64DEA1C9A3EE}, Name: Basic data partition, StartLBA 0xEB82800, BlocksNum 0xF9800
13:10:56.0253 0x1e64  \Device\Harddisk1\DR1\Partition5: GPT, TypeGUID: {8D7F0CC6-879E-47F6-A767-0ED8FD3B0659}, UniqueGUID: {38A07336-7CCD-46AB-981D-B9BBDADDAA7D}, Name: Basic data partition, StartLBA 0xEC7C000, BlocksNum 0x200000
13:10:56.0253 0x1e64  MBR partitions:
13:10:56.0253 0x1e64  \Device\Harddisk2\DR2:
13:10:56.0253 0x1e64  MBR partitions:
13:10:56.0253 0x1e64  \Device\Harddisk2\DR2\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x39CF921
13:10:56.0253 0x1e64  \Device\Harddisk3\DR3:
13:10:56.0254 0x1e64  MBR partitions:
13:10:56.0254 0x1e64  \Device\Harddisk3\DR3\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x1CE7881
13:10:56.0254 0x1e64  ============================================================
13:10:56.0254 0x1e64  C: <-> \Device\Harddisk1\DR1\Partition3
13:10:56.0293 0x1e64  D: <-> \Device\Harddisk0\DR0\Partition1
13:10:56.0326 0x1e64  E: <-> \Device\Harddisk0\DR0\Partition2
13:10:56.0326 0x1e64  ============================================================
13:10:56.0326 0x1e64  Initialize success
13:10:56.0326 0x1e64  ============================================================
13:11:24.0094 0x2c24  ============================================================
13:11:24.0094 0x2c24  Scan started
13:11:24.0094 0x2c24  Mode: Manual; SigCheck; TDLFS; 
13:11:24.0094 0x2c24  ============================================================
13:11:24.0094 0x2c24  KSN ping started
13:11:24.0235 0x2c24  KSN ping finished: true
13:11:24.0563 0x2c24  ================ Scan system memory ========================
13:11:24.0563 0x2c24  System memory - ok
13:11:24.0563 0x2c24  ================ Scan services =============================
13:11:24.0609 0x2c24  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\windows\System32\drivers\1394ohci.sys
13:11:24.0641 0x2c24  1394ohci - ok
13:11:24.0641 0x2c24  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware           C:\windows\system32\drivers\3ware.sys
13:11:24.0656 0x2c24  3ware - ok
13:11:24.0672 0x2c24  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\windows\system32\drivers\ACPI.sys
13:11:24.0688 0x2c24  ACPI - ok
13:11:24.0688 0x2c24  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev         C:\windows\System32\drivers\AcpiDev.sys
13:11:24.0703 0x2c24  AcpiDev - ok
13:11:24.0703 0x2c24  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\windows\system32\Drivers\acpiex.sys
13:11:24.0719 0x2c24  acpiex - ok
13:11:24.0719 0x2c24  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\windows\System32\drivers\acpipagr.sys
13:11:24.0734 0x2c24  acpipagr - ok
13:11:24.0734 0x2c24  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi         C:\windows\System32\drivers\acpipmi.sys
13:11:24.0750 0x2c24  AcpiPmi - ok
13:11:24.0750 0x2c24  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\windows\System32\drivers\acpitime.sys
13:11:24.0750 0x2c24  acpitime - ok
13:11:24.0781 0x2c24  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX         C:\windows\system32\drivers\ADP80XX.SYS
13:11:24.0813 0x2c24  ADP80XX - ok
13:11:24.0828 0x2c24  [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD             C:\windows\system32\drivers\afd.sys
13:11:24.0844 0x2c24  AFD - ok
13:11:24.0859 0x2c24  [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache         C:\windows\system32\DRIVERS\ahcache.sys
13:11:24.0875 0x2c24  ahcache - ok
13:11:24.0875 0x2c24  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\windows\System32\AJRouter.dll
13:11:24.0891 0x2c24  AJRouter - ok
13:11:24.0891 0x2c24  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG             C:\windows\System32\alg.exe
13:11:24.0906 0x2c24  ALG - ok
13:11:24.0906 0x2c24  [ D3E9EEDC0128DD1FB9E45D85E7E21F0B, 73853DC77CCE335F1571DB31C6F7E97D71625DC6226089E8281F62020F58CB8F ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
13:11:24.0938 0x2c24  AMD External Events Utility - ok
13:11:24.0938 0x2c24  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8           C:\windows\System32\drivers\amdk8.sys
13:11:24.0953 0x2c24  AmdK8 - ok
13:11:24.0953 0x2c24  [ B28145E732EDEBBEDABC311DBA56D52A, 43745C17A3AC2A7A6FB0DBF1A2158C6B365198581E8E3B1F7E7E9EE9763A2735 ] amdkmafd        C:\windows\system32\drivers\amdkmafd.sys
13:11:24.0953 0x2c24  amdkmafd - ok
13:11:24.0969 0x2c24  amdkmdag - ok
13:11:24.0984 0x2c24  [ 0E2B0B8C871A4BDA103B857E07CAC833, 80A3DB55FEBD3C6FEC0C6078D998F2B3A802425569F57ABCB2AF0D5C37D4A280 ] amdkmdap        C:\windows\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys
13:11:25.0000 0x2c24  amdkmdap - ok
13:11:25.0000 0x2c24  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\windows\System32\drivers\amdppm.sys
13:11:25.0016 0x2c24  AmdPPM - ok
13:11:25.0016 0x2c24  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata         C:\windows\system32\drivers\amdsata.sys
13:11:25.0031 0x2c24  amdsata - ok
13:11:25.0031 0x2c24  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
13:11:25.0047 0x2c24  amdsbs - ok
13:11:25.0047 0x2c24  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata         C:\windows\system32\drivers\amdxata.sys
13:11:25.0063 0x2c24  amdxata - ok
13:11:25.0094 0x2c24  [ 0C891285258A793146DCF286BFEDFF20, 2BF060A4D1C26FBB99229DADFBDBE4C03DE3DE1FA6376948DEC257907CB83442 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
13:11:25.0110 0x2c24  AntiVirMailService - ok
13:11:25.0125 0x2c24  [ A92B5723DC25E9755C745F9946A2E2EA, 5C1994BB7BE36555AE43400E12A650B1AC4CC37E9765B3AB5A605AD13E0CE1CF ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
13:11:25.0141 0x2c24  AntiVirSchedulerService - ok
13:11:25.0156 0x2c24  [ A92B5723DC25E9755C745F9946A2E2EA, 5C1994BB7BE36555AE43400E12A650B1AC4CC37E9765B3AB5A605AD13E0CE1CF ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
13:11:25.0156 0x2c24  AntiVirService - ok
13:11:25.0188 0x2c24  [ 56B7AEE325CE5EA2BD854899E4E7123B, E25491348675939CB81C0E19A50473C8B13C1CFA1F84305478DD3403E1393800 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
13:11:25.0219 0x2c24  AntiVirWebService - ok
13:11:25.0219 0x2c24  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID           C:\windows\system32\drivers\appid.sys
13:11:25.0235 0x2c24  AppID - ok
13:11:25.0235 0x2c24  [ 0A7C202CDBFD295363A09DE1A2C05F45, AB516BB714CAD60994A42710E7747FB50A5890F71BD8880BF86096CC485DE393 ] AppIDSvc        C:\windows\System32\appidsvc.dll
13:11:25.0250 0x2c24  AppIDSvc - ok
13:11:25.0266 0x2c24  [ 79A87DD43331290A276C02DC396BF530, D0781DC027EE60C94831A2C9C3DD741F8F2100A253CD847E7FCFA59919014278 ] Appinfo         C:\windows\System32\appinfo.dll
13:11:25.0266 0x2c24  Appinfo - ok
13:11:25.0281 0x2c24  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr   C:\windows\system32\drivers\applockerfltr.sys
13:11:25.0281 0x2c24  applockerfltr - ok
13:11:25.0297 0x2c24  [ E2B0B9A477C169C466609F866311CD45, 26846DC6BF6ECFD97A7C0714160B870A733E1255779029327C1415D48AF133E6 ] AppReadiness    C:\windows\system32\AppReadiness.dll
13:11:25.0328 0x2c24  AppReadiness - ok
13:11:25.0360 0x2c24  [ 95415C7C5C43882F7163CA07D956ADA2, 5A082F36A39BE9ABC47AE8A72972554BA577EB04D8018EC862615EA2130FA0E3 ] AppXSvc         C:\windows\system32\appxdeploymentserver.dll
13:11:25.0422 0x2c24  AppXSvc - ok
13:11:25.0438 0x2c24  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\windows\system32\drivers\arcsas.sys
13:11:25.0438 0x2c24  arcsas - ok
13:11:25.0438 0x2c24  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\windows\System32\drivers\asyncmac.sys
13:11:25.0453 0x2c24  AsyncMac - ok
13:11:25.0453 0x2c24  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi           C:\windows\system32\drivers\atapi.sys
13:11:25.0469 0x2c24  atapi - ok
13:11:25.0469 0x2c24  [ 5903F7756DE3D71DF5094262B4FAAB3C, 78832A7438BCC910FC571CCC62EC03F5F54A6238544F3305CCB1295006F35859 ] AtiHDAudioService C:\windows\system32\drivers\AtihdWT6.sys
13:11:25.0485 0x2c24  AtiHDAudioService - ok
13:11:25.0485 0x2c24  [ 44D50F4B55BEE38C97A6CBECEBC59384, 43C35E5547E5180B25726F90E0B94149DE1099FD507A6357A6A284A2749433F3 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
13:11:25.0500 0x2c24  AudioEndpointBuilder - ok
13:11:25.0531 0x2c24  [ 36A9B38EA06A8C14CC82E0C8004A6635, 959E6B359D89E112976AF488F2756F770B491AE53ED07E9D31B4A3D8A7F33C80 ] Audiosrv        C:\windows\System32\Audiosrv.dll
13:11:25.0547 0x2c24  Audiosrv - ok
13:11:25.0563 0x2c24  [ 11F3AAFB5D279AFBCBB0AD9FF76A24F8, 06C5FA1BD64EB54691629363DD0771394F81E4EB216E489D5169395736E80D99 ] avgntflt        C:\windows\system32\DRIVERS\avgntflt.sys
13:11:25.0563 0x2c24  avgntflt - ok
13:11:25.0578 0x2c24  [ F8520E88246641E51108922944FB34A6, 326DCB8114439FB1F75E9DB6E5F7818654FAAC4CD957B80DEE17B850676A737F ] avipbb          C:\windows\system32\DRIVERS\avipbb.sys
13:11:25.0578 0x2c24  avipbb - ok
13:11:25.0594 0x2c24  [ 64943D597895DE755A58EE46402932F3, 11D6668F325A5C8343C533BC037AD38019EA6F8E84FB15639B16BD3113F73C8D ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
13:11:25.0610 0x2c24  Avira.ServiceHost - ok
13:11:25.0610 0x2c24  [ 2CBA09A7983B1D39531B768BCED08C20, B40968DFE1A648CCB9260033E1EA57B5D496274A335B000354156B0DB740EDE0 ] avkmgr          C:\windows\system32\DRIVERS\avkmgr.sys
13:11:25.0610 0x2c24  avkmgr - ok
13:11:25.0625 0x2c24  [ 8D18C6406FF8DC39028177E1E5675182, 44985DEE74F235567FB849350256F342BCE26EF66439D761FA3F6EDA22882092 ] avnetflt        C:\windows\system32\DRIVERS\avnetflt.sys
13:11:25.0625 0x2c24  avnetflt - ok
13:11:25.0625 0x2c24  [ 4B2469B9858FF03AA83947A05BE60447, ECA58D0DD3512251F1DB265B388E01923CDC87C5FB2521366004A637D7C93AAF ] AvrcpService    C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
13:11:25.0641 0x2c24  AvrcpService - ok
13:11:25.0641 0x2c24  [ D50D54178CA7BF63BD60ABEC8E7772CC, 19EFE0808C2660A22DD69158FEC30F8CB83167D832C3EBE12C99261C6FB79ADF ] avusbflt        C:\windows\system32\Drivers\avusbflt.sys
13:11:25.0641 0x2c24  avusbflt - ok
13:11:25.0656 0x2c24  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\windows\System32\AxInstSV.dll
13:11:25.0656 0x2c24  AxInstSV - ok
13:11:25.0672 0x2c24  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
13:11:25.0688 0x2c24  b06bdrv - ok
13:11:25.0703 0x2c24  [ 94D6B95485BFA35D81524B0EBA0F7569, 14A32CD501B1D816526A75A9EB3782E6C4FF78831628F257050AD2BA73733F57 ] BasicDisplay    C:\windows\System32\drivers\BasicDisplay.sys
13:11:25.0703 0x2c24  BasicDisplay - ok
13:11:25.0719 0x2c24  [ 2E78B31C90766FD086D2B766528E9AEA, D0D9ED8AD90E3D400DA4231AB313B4B2869930DADC3034D6FCDEA000E424F843 ] BasicRender     C:\windows\System32\drivers\BasicRender.sys
13:11:25.0719 0x2c24  BasicRender - ok
13:11:25.0719 0x2c24  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\windows\System32\drivers\bcmfn.sys
13:11:25.0735 0x2c24  bcmfn - ok
13:11:25.0735 0x2c24  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\windows\System32\drivers\bcmfn2.sys
13:11:25.0750 0x2c24  bcmfn2 - ok
13:11:25.0750 0x2c24  [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC          C:\windows\System32\bdesvc.dll
13:11:25.0781 0x2c24  BDESVC - ok
13:11:25.0781 0x2c24  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\windows\system32\drivers\Beep.sys
13:11:25.0781 0x2c24  Beep - ok
13:11:25.0813 0x2c24  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE             C:\windows\System32\bfe.dll
13:11:25.0828 0x2c24  BFE - ok
13:11:25.0860 0x2c24  [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS            C:\windows\System32\qmgr.dll
13:11:25.0891 0x2c24  BITS - ok
13:11:25.0891 0x2c24  [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
13:11:25.0906 0x2c24  bowser - ok
13:11:25.0922 0x2c24  [ 82A93A0772A29EB6E41438D9AE5ECDBD, 2C0EBA86DA33B763B6EBCF3D0A936FB92E0F36FD3D18D0812A33FC5FF1906C3C ] BrokerInfrastructure C:\windows\System32\bisrv.dll
13:11:25.0953 0x2c24  BrokerInfrastructure - ok
13:11:25.0953 0x2c24  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser         C:\windows\System32\browser.dll
13:11:25.0969 0x2c24  Browser - ok
13:11:25.0969 0x2c24  [ 2F860584C523300AEC6B22F1A46FF044, 803AFA0E6B957AEA9BBE7CC534E9576B9467B8FF9AE2479C3189D7BFC51E17A7 ] BTDevManager    C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
13:11:25.0985 0x2c24  BTDevManager - ok
13:11:25.0985 0x2c24  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\windows\System32\drivers\BthAvrcpTg.sys
13:11:26.0000 0x2c24  BthAvrcpTg - ok
13:11:26.0000 0x2c24  [ 77630A51FAF6A07922FEE835F4DED8F6, E096A9DC12885FD19575346A9693A66D0DDFF96C3155AD2040F2BF4249D1D609 ] BthEnum         C:\windows\System32\drivers\BthEnum.sys
13:11:26.0016 0x2c24  BthEnum - ok
13:11:26.0016 0x2c24  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum       C:\windows\System32\drivers\bthhfenum.sys
13:11:26.0031 0x2c24  BthHFEnum - ok
13:11:26.0031 0x2c24  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\windows\System32\drivers\BthHFHid.sys
13:11:26.0047 0x2c24  bthhfhid - ok
13:11:26.0047 0x2c24  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\windows\System32\BthHFSrv.dll
13:11:26.0063 0x2c24  BthHFSrv - ok
13:11:26.0078 0x2c24  [ 164C495A72CF56BE2E47C9FA455B57D1, 034EF89B04F639E2538BA85BB5262A2E230A4CE29E0CC982B6E014F0D299A88E ] BthLEEnum       C:\windows\System32\drivers\BthLEEnum.sys
13:11:26.0094 0x2c24  BthLEEnum - ok
13:11:26.0094 0x2c24  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\windows\System32\drivers\bthmodem.sys
13:11:26.0110 0x2c24  BTHMODEM - ok
13:11:26.0110 0x2c24  [ 224BA1CB1F3C702F0D001D2AFC9793B1, F139F6F78C716E1167E16530AE31E4A26C2A69467BCB08A9A52A101B31DF7771 ] BthPan          C:\windows\System32\drivers\bthpan.sys
13:11:26.0125 0x2c24  BthPan - ok
13:11:26.0141 0x2c24  [ 34C35293F5A3DEFEC59DBCD7BD4C17D0, B1F39B8E348BDF936ED4C9544712A8A103D02B039658A98C0C465249769C7D20 ] BTHPORT         C:\windows\System32\drivers\BTHport.sys
13:11:26.0172 0x2c24  BTHPORT - ok
13:11:26.0188 0x2c24  [ 577FFA2B0B8572587FEB825F42453E81, D1BA449B7A535D0F6BC2EDE75D2CBA585E3A00FE552E244F342FB4ACA029A9A5 ] bthserv         C:\windows\system32\bthserv.dll
13:11:26.0188 0x2c24  bthserv - ok
13:11:26.0203 0x2c24  [ DC5955E589C55E2313D69B64E1A183F3, 06D703246D0813DE53D62885C8B7381135783673FF4BDDD5CC38FEB54901BB76 ] BTHUSB          C:\windows\System32\drivers\BTHUSB.sys
13:11:26.0203 0x2c24  BTHUSB - ok
13:11:26.0219 0x2c24  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\windows\System32\drivers\buttonconverter.sys
13:11:26.0219 0x2c24  buttonconverter - ok
13:11:26.0235 0x2c24  [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg          C:\windows\System32\drivers\capimg.sys
13:11:26.0235 0x2c24  CapImg - ok
13:11:26.0250 0x2c24  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
13:11:26.0250 0x2c24  cdfs - ok
13:11:26.0266 0x2c24  [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc          C:\windows\System32\CDPSvc.dll
13:11:26.0281 0x2c24  CDPSvc - ok
13:11:26.0297 0x2c24  [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc      C:\windows\System32\CDPUserSvc.dll
13:11:26.0313 0x2c24  CDPUserSvc - ok
13:11:26.0313 0x2c24  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom           C:\windows\System32\drivers\cdrom.sys
13:11:26.0328 0x2c24  cdrom - ok
13:11:26.0344 0x2c24  [ E189727B3C9909A85B33A16B290E192E, 2C273A9F44EDC5E5435904E9681973854B2F3EBB6100021BB139FF0CCCE9BF20 ] CertPropSvc     C:\windows\System32\certprop.dll
13:11:26.0360 0x2c24  CertPropSvc - ok
13:11:26.0360 0x2c24  [ 59B4AB79011957DD3B83F0C2E63741BD, 5DE68785D701DBA0F98452B7D5CC407BEECD51685F39516157733CED2EF2FA19 ] chip1click      C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
13:11:26.0360 0x2c24  chip1click - detected UnsignedFile.Multi.Generic ( 1 )
13:11:26.0563 0x2c24  Detect skipped due to KSN trusted
13:11:26.0563 0x2c24  chip1click - ok
13:11:26.0563 0x2c24  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi       C:\windows\system32\drivers\cht4sx64.sys
13:11:26.0579 0x2c24  cht4iscsi - ok
13:11:26.0626 0x2c24  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd         C:\windows\System32\drivers\cht4vx64.sys
13:11:26.0672 0x2c24  cht4vbd - ok
13:11:26.0672 0x2c24  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\windows\System32\drivers\circlass.sys
13:11:26.0688 0x2c24  circlass - ok
13:11:26.0704 0x2c24  [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS            C:\windows\system32\drivers\CLFS.sys
13:11:26.0704 0x2c24  CLFS - ok
13:11:26.0782 0x2c24  [ F6ED2A874E4FC4FC95F544088F0523F4, F5F239A666288373ED93C6F13EC14FC4AC7257ABF117A7DD97F20070F8EC2205 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
13:11:26.0844 0x2c24  ClickToRunSvc - ok
13:11:26.0876 0x2c24  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC         C:\windows\System32\ClipSVC.dll
13:11:26.0891 0x2c24  ClipSVC - ok
13:11:26.0891 0x2c24  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg           C:\windows\System32\drivers\registry.sys
13:11:26.0907 0x2c24  clreg - ok
13:11:26.0922 0x2c24  [ 5C646CAC91E086F7FF53C7F2E857F263, 67AF6FBF88B7EE530A9BA53833EAFCC78BF8362E82BF81180858F1D17DFC73E6 ] CLVirtualDrive  C:\windows\system32\DRIVERS\CLVirtualDrive.sys
13:11:26.0922 0x2c24  CLVirtualDrive - ok
13:11:26.0922 0x2c24  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\windows\System32\drivers\CmBatt.sys
13:11:26.0938 0x2c24  CmBatt - ok
13:11:26.0954 0x2c24  [ D7D1A078B0CBC042ACE81E7B0B082994, 4DE92876176C2F82A59B74CA1FAAE7A5CE84C90A505A52A737C631D7120E31A4 ] CNG             C:\windows\system32\Drivers\cng.sys
13:11:26.0969 0x2c24  CNG - ok
13:11:26.0969 0x2c24  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist     C:\windows\system32\DRIVERS\cnghwassist.sys
13:11:26.0985 0x2c24  cnghwassist - ok
13:11:26.0985 0x2c24  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
13:11:27.0001 0x2c24  CompositeBus - ok
13:11:27.0001 0x2c24  COMSysApp - ok
13:11:27.0001 0x2c24  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\windows\system32\drivers\condrv.sys
13:11:27.0016 0x2c24  condrv - ok
13:11:27.0032 0x2c24  [ BE8478598F5D6FF600CC13DBA188F81C, 5D78E1F6F5F4AB77518F9B7DA904E6B97EA7B01D45B043939B048DF019FE49A6 ] CoreMessagingRegistrar C:\windows\system32\coremessaging.dll
13:11:27.0063 0x2c24  CoreMessagingRegistrar - ok
13:11:27.0063 0x2c24  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\windows\system32\cryptsvc.dll
13:11:27.0079 0x2c24  CryptSvc - ok
13:11:27.0079 0x2c24  [ 3BBD0073265DA6D3EFBA54B26E5D8236, 3C10C8BEC0D8AC41A3FBD589F41A83D6345C1FDD04B8B99063B2F5670CF10B18 ] dam             C:\windows\system32\drivers\dam.sys
13:11:27.0079 0x2c24  dam - ok
13:11:27.0110 0x2c24  [ 4A7015195E49A3BA7DB967B277B21E9D, 2EE10950BC0E2B13303491725FB3F0D3AF63518B7D1593BCC4BF503F4A11F408 ] DcomLaunch      C:\windows\system32\rpcss.dll
13:11:27.0141 0x2c24  DcomLaunch - ok
13:11:27.0141 0x2c24  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\windows\system32\dcpsvc.dll
13:11:27.0157 0x2c24  DcpSvc - ok
13:11:27.0172 0x2c24  [ 81E2868A789D9C96290240CC03A48E75, 2B57A4FD762601414CB99F942BF11CF43343220EF042A8A6182CEB655DFF076C ] debugregsvc     C:\windows\System32\debugregsvc.dll
13:11:27.0172 0x2c24  debugregsvc - ok
13:11:27.0188 0x2c24  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc       C:\windows\System32\defragsvc.dll
13:11:27.0204 0x2c24  defragsvc - ok
13:11:27.0219 0x2c24  [ 019DA7A799EC6044AF6AD4E6210C1B91, B897E068BC4A16E95E5355A51C577A27125F01432B5559993CEBEC68A94B6EA7 ] DeveloperToolsService C:\Windows\System32\DeveloperToolsSvc.exe
13:11:27.0219 0x2c24  DeveloperToolsService - ok
13:11:27.0235 0x2c24  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\windows\system32\das.dll
13:11:27.0266 0x2c24  DeviceAssociationService - ok
13:11:27.0266 0x2c24  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall   C:\windows\system32\umpnpmgr.dll
13:11:27.0282 0x2c24  DeviceInstall - ok
13:11:27.0282 0x2c24  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\windows\system32\DevQueryBroker.dll
13:11:27.0298 0x2c24  DevQueryBroker - ok
13:11:27.0298 0x2c24  [ 4BC21E937E9F9F408672D2C2CBE4A153, 2F27560D09D184ABB7B4415146F5B8DE56C84FF74A4042596635EF896E39CBC4 ] Dfsc            C:\windows\system32\Drivers\dfsc.sys
13:11:27.0313 0x2c24  Dfsc - ok
13:11:27.0313 0x2c24  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\windows\system32\DRIVERS\ssudbus.sys
13:11:27.0329 0x2c24  dg_ssudbus - ok
13:11:27.0329 0x2c24  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\windows\system32\dhcpcore.dll
13:11:27.0344 0x2c24  Dhcp - ok
13:11:27.0360 0x2c24  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
13:11:27.0360 0x2c24  diagnosticshub.standardcollector.service - ok
13:11:27.0391 0x2c24  [ 22391290BB9D3ED68950672E42B6F3F0, C4DC2DD3CF1564181377A67AB7E08DEFB377D4AE51956A4F27CE46C038D04AFE ] DiagTrack       C:\windows\system32\diagtrack.dll
13:11:27.0454 0x2c24  DiagTrack - ok
13:11:27.0454 0x2c24  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\windows\system32\drivers\disk.sys
13:11:27.0469 0x2c24  disk - ok
13:11:27.0485 0x2c24  [ 527CE76D1B0587A3F9156809B3E2275E, 6FAB680F73774F3FAA65258D53DC8ADCDAEE2ABDDF825ED79F9526DC3B9B7312 ] DmEnrollmentSvc C:\windows\system32\Windows.Internal.Management.dll
13:11:27.0501 0x2c24  DmEnrollmentSvc - ok
13:11:27.0501 0x2c24  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc           C:\windows\System32\drivers\dmvsc.sys
13:11:27.0516 0x2c24  dmvsc - ok
13:11:27.0516 0x2c24  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\windows\system32\dmwappushsvc.dll
13:11:27.0532 0x2c24  dmwappushservice - ok
13:11:27.0548 0x2c24  [ 86E507EE1457D7FA463BBF05BA76EB1E, 2D2D05CED57C22F41684DC6DD00ACECDF708407493286B2D4007068154E436FF ] Dnscache        C:\windows\System32\dnsrslvr.dll
13:11:27.0563 0x2c24  Dnscache - ok
13:11:27.0563 0x2c24  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc         C:\windows\System32\dot3svc.dll
13:11:27.0579 0x2c24  dot3svc - ok
13:11:27.0579 0x2c24  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS             C:\windows\system32\dps.dll
13:11:27.0594 0x2c24  DPS - ok
13:11:27.0594 0x2c24  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud         C:\windows\system32\DRIVERS\drmkaud.sys
13:11:27.0610 0x2c24  drmkaud - ok
13:11:27.0610 0x2c24  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\windows\System32\DeviceSetupManager.dll
13:11:27.0626 0x2c24  DsmSvc - ok
13:11:27.0641 0x2c24  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc           C:\windows\System32\DsSvc.dll
13:11:27.0657 0x2c24  DsSvc - ok
13:11:27.0688 0x2c24  [ 4CECF7C7BFBF95647FEC49475555BFB2, B914ADC19CA4A4EEE83AE560A5CCE2E21A3D9568E5961BEFAD7B455930FB0AB9 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
13:11:27.0735 0x2c24  DXGKrnl - ok
13:11:27.0751 0x2c24  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost         C:\windows\System32\eapsvc.dll
13:11:27.0766 0x2c24  EapHost - ok
13:11:27.0813 0x2c24  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv           C:\windows\system32\drivers\evbda.sys
13:11:27.0891 0x2c24  ebdrv - ok
13:11:27.0891 0x2c24  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS             C:\windows\System32\lsass.exe
13:11:27.0907 0x2c24  EFS - ok
13:11:27.0907 0x2c24  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass     C:\windows\system32\drivers\EhStorClass.sys
13:11:27.0923 0x2c24  EhStorClass - ok
13:11:27.0923 0x2c24  [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv    C:\windows\system32\drivers\EhStorTcgDrv.sys
13:11:27.0938 0x2c24  EhStorTcgDrv - ok
13:11:27.0938 0x2c24  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\windows\System32\embeddedmodesvc.dll
13:11:27.0954 0x2c24  embeddedmode - ok
13:11:27.0954 0x2c24  [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc       C:\windows\system32\EnterpriseAppMgmtSvc.dll
13:11:27.0969 0x2c24  EntAppSvc - ok
13:11:27.0985 0x2c24  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\windows\System32\drivers\errdev.sys
13:11:27.0985 0x2c24  ErrDev - ok
13:11:28.0001 0x2c24  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem     C:\windows\system32\es.dll
13:11:28.0016 0x2c24  EventSystem - ok
13:11:28.0032 0x2c24  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat           C:\windows\system32\drivers\exfat.sys
13:11:28.0048 0x2c24  exfat - ok
13:11:28.0063 0x2c24  [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat         C:\windows\system32\drivers\fastfat.sys
13:11:28.0079 0x2c24  fastfat - ok
13:11:28.0079 0x2c24  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax             C:\windows\system32\fxssvc.exe
13:11:28.0110 0x2c24  Fax - ok
13:11:28.0110 0x2c24  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc             C:\windows\System32\drivers\fdc.sys
13:11:28.0126 0x2c24  fdc - ok
13:11:28.0126 0x2c24  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost         C:\windows\system32\fdPHost.dll
13:11:28.0141 0x2c24  fdPHost - ok
13:11:28.0141 0x2c24  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\windows\system32\fdrespub.dll
13:11:28.0157 0x2c24  FDResPub - ok
13:11:28.0157 0x2c24  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc           C:\windows\system32\fhsvc.dll
13:11:28.0173 0x2c24  fhsvc - ok
13:11:28.0173 0x2c24  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt       C:\windows\system32\drivers\filecrypt.sys
13:11:28.0188 0x2c24  FileCrypt - ok
13:11:28.0188 0x2c24  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
13:11:28.0204 0x2c24  FileInfo - ok
13:11:28.0204 0x2c24  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace       C:\windows\system32\drivers\filetrace.sys
13:11:28.0219 0x2c24  Filetrace - ok
13:11:28.0219 0x2c24  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\windows\System32\drivers\flpydisk.sys
13:11:28.0219 0x2c24  flpydisk - ok
13:11:28.0235 0x2c24  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
13:11:28.0251 0x2c24  FltMgr - ok
13:11:28.0282 0x2c24  [ 81C8AA35C92D3A5E82477DF00DEDCBFD, F825641B3DD12C35657DC6F05C3A3CF2821D3525CF51E376E678B5FD45AD664E ] FontCache       C:\windows\system32\FntCache.dll
13:11:28.0329 0x2c24  FontCache - ok
13:11:28.0344 0x2c24  [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:11:28.0344 0x2c24  FontCache3.0.0.0 - ok
13:11:28.0360 0x2c24  [ CD7CD19E72EA2F597D01FC68ECD2F28E, 4E8BAA4AEF28B043780E2FEFFEB5E4DF4E2FB3211CE617D2DBAFB6C7B7DBBDFD ] FrameServer     C:\windows\system32\FrameServer.dll
13:11:28.0391 0x2c24  FrameServer - ok
13:11:28.0391 0x2c24  [ B07A40B5A7A58B8C75663A572A46084C, 01F34EAFD4A86FF6AFC015BE2D155A53ED8186BD6DA1A05CCEC8425417A8E320 ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
13:11:28.0407 0x2c24  FsDepends - ok
13:11:28.0407 0x2c24  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
13:11:28.0407 0x2c24  Fs_Rec - ok
13:11:28.0423 0x2c24  [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
13:11:28.0438 0x2c24  fvevol - ok
13:11:28.0454 0x2c24  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\windows\System32\drivers\vmgencounter.sys
13:11:28.0454 0x2c24  gencounter - ok
13:11:28.0454 0x2c24  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\windows\System32\drivers\genericusbfn.sys
13:11:28.0470 0x2c24  genericusbfn - ok
13:11:28.0470 0x2c24  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101     C:\windows\system32\Drivers\msgpioclx.sys
13:11:28.0485 0x2c24  GPIOClx0101 - ok
13:11:28.0501 0x2c24  [ 8997353398C8466ECD183942D5FCC65B, C73FD5FFD71003F7FDDC17F59812BD6860992FA35EC0ECC8DE37D935606B485B ] gpsvc           C:\windows\System32\gpsvc.dll
13:11:28.0548 0x2c24  gpsvc - ok
13:11:28.0548 0x2c24  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\windows\system32\drivers\gpuenergydrv.sys
13:11:28.0563 0x2c24  GpuEnergyDrv - ok
13:11:28.0563 0x2c24  [ 217230B984AB2954E2FA5E36578D7B08, BB7B79EA7501A28EB2A0303FDF66FB9D59D567994C25A1523CD6D2081C403AF6 ] HdAudAddService C:\windows\system32\DRIVERS\HdAudio.sys
13:11:28.0579 0x2c24  HdAudAddService - ok
13:11:28.0595 0x2c24  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\windows\System32\drivers\HDAudBus.sys
13:11:28.0595 0x2c24  HDAudBus - ok
13:11:28.0610 0x2c24  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt         C:\windows\System32\drivers\HidBatt.sys
13:11:28.0610 0x2c24  HidBatt - ok
13:11:28.0610 0x2c24  [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth          C:\windows\System32\drivers\hidbth.sys
13:11:28.0626 0x2c24  HidBth - ok
13:11:28.0626 0x2c24  [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c          C:\windows\System32\drivers\hidi2c.sys
13:11:28.0641 0x2c24  hidi2c - ok
13:11:28.0641 0x2c24  [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt    C:\windows\System32\drivers\hidinterrupt.sys
13:11:28.0657 0x2c24  hidinterrupt - ok
13:11:28.0657 0x2c24  [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr           C:\windows\System32\drivers\hidir.sys
13:11:28.0657 0x2c24  HidIr - ok
13:11:28.0673 0x2c24  [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv         C:\windows\system32\hidserv.dll
13:11:28.0673 0x2c24  hidserv - ok
13:11:28.0673 0x2c24  [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb          C:\windows\System32\drivers\hidusb.sys
13:11:28.0688 0x2c24  HidUsb - ok
13:11:28.0688 0x2c24  [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\windows\system32\ListSvc.dll
13:11:28.0704 0x2c24  HomeGroupListener - ok
13:11:28.0720 0x2c24  [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\windows\system32\provsvc.dll
13:11:28.0751 0x2c24  HomeGroupProvider - ok
13:11:28.0751 0x2c24  [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
13:11:28.0766 0x2c24  HpSAMD - ok
13:11:28.0782 0x2c24  [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP            C:\windows\system32\drivers\HTTP.sys
13:11:28.0813 0x2c24  HTTP - ok
13:11:28.0813 0x2c24  [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost          C:\windows\System32\hvhostsvc.dll
13:11:28.0829 0x2c24  HvHost - ok
13:11:28.0829 0x2c24  [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice       C:\windows\system32\drivers\hvservice.sys
13:11:28.0845 0x2c24  hvservice - ok
13:11:28.0845 0x2c24  [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
13:11:28.0860 0x2c24  hwpolicy - ok
13:11:28.0860 0x2c24  [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd        C:\windows\System32\drivers\hyperkbd.sys
13:11:28.0860 0x2c24  hyperkbd - ok
13:11:28.0876 0x2c24  [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt        C:\windows\System32\drivers\i8042prt.sys
13:11:28.0876 0x2c24  i8042prt - ok
13:11:28.0891 0x2c24  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\windows\System32\drivers\iagpio.sys
13:11:28.0891 0x2c24  iagpio - ok
13:11:28.0891 0x2c24  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\windows\System32\drivers\iai2c.sys
13:11:28.0907 0x2c24  iai2c - ok
13:11:28.0907 0x2c24  [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2  C:\windows\System32\drivers\iaLPSS2i_GPIO2.sys
13:11:28.0923 0x2c24  iaLPSS2i_GPIO2 - ok
13:11:28.0923 0x2c24  [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C    C:\windows\System32\drivers\iaLPSS2i_I2C.sys
13:11:28.0938 0x2c24  iaLPSS2i_I2C - ok
13:11:28.0938 0x2c24  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\windows\System32\drivers\iaLPSSi_GPIO.sys
13:11:28.0954 0x2c24  iaLPSSi_GPIO - ok
13:11:28.0954 0x2c24  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\windows\System32\drivers\iaLPSSi_I2C.sys
13:11:28.0970 0x2c24  iaLPSSi_I2C - ok
13:11:29.0001 0x2c24  [ 5C9AAE902452EF47D8C9EA5838E666B9, 9171558EE78B555312FD8D99EDF85849A4CDE87142EB91DB9E8AF92A1DDF664E ] iaStorA         C:\windows\system32\drivers\iaStorA.sys
13:11:29.0032 0x2c24  iaStorA - ok
13:11:29.0048 0x2c24  [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV        C:\windows\system32\drivers\iaStorAV.sys
13:11:29.0063 0x2c24  iaStorAV - ok
13:11:29.0063 0x2c24  [ 31BD488EE7F6ED608A7418F6A7C6948D, BB7DC889C0F73FDE089FC0E52D321F29CBB5A65A3D9F90B0B3A730EF938B6178 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
13:11:29.0079 0x2c24  IAStorDataMgrSvc - ok
13:11:29.0079 0x2c24  [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
13:11:29.0095 0x2c24  iaStorV - ok
13:11:29.0110 0x2c24  [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus           C:\windows\System32\drivers\ibbus.sys
13:11:29.0126 0x2c24  ibbus - ok
13:11:29.0141 0x2c24  [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc          C:\windows\System32\tetheringservice.dll
13:11:29.0157 0x2c24  icssvc - ok
13:11:29.0173 0x2c24  [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT          C:\windows\System32\ikeext.dll
13:11:29.0204 0x2c24  IKEEXT - ok
13:11:29.0204 0x2c24  [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd     C:\windows\System32\drivers\IndirectKmd.sys
13:11:29.0220 0x2c24  IndirectKmd - ok
13:11:29.0298 0x2c24  [ C6A9ED651EEE9D9847C3DF16A04D2555, F8DE509CF89FE3D0102CB583D1150A602E2C37F1277239CFC081EC1825864899 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
13:11:29.0376 0x2c24  IntcAzAudAddService - ok
13:11:29.0391 0x2c24  [ B63CF22D1AD2ABDC39D85851B2BEAA6D, 37E9043BABB5895BFD2B59AFB60C438B992C6EAA1B5FDE5B3445314343F4C406 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
13:11:29.0407 0x2c24  Intel(R) Capability Licensing Service TCP IP Interface - ok
13:11:29.0423 0x2c24  [ 8213094EA736A9C575AB0E22AD09B0BA, 12670A466B5AA37283BD4CB481D000DE3AE2A8D1BD159F67A41703A6FE5675EC ] Intel(R) Security Assist C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
13:11:29.0438 0x2c24  Intel(R) Security Assist - detected UnsignedFile.Multi.Generic ( 1 )
13:11:29.0563 0x2c24  Detect skipped due to KSN trusted
13:11:29.0563 0x2c24  Intel(R) Security Assist - ok
13:11:29.0563 0x2c24  [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide        C:\windows\system32\drivers\intelide.sys
13:11:29.0579 0x2c24  intelide - ok
13:11:29.0595 0x2c24  [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep        C:\windows\system32\drivers\intelpep.sys
13:11:29.0595 0x2c24  intelpep - ok
13:11:29.0595 0x2c24  [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm        C:\windows\System32\drivers\intelppm.sys
13:11:29.0610 0x2c24  intelppm - ok
13:11:29.0610 0x2c24  [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate          C:\windows\system32\drivers\iorate.sys
13:11:29.0626 0x2c24  iorate - ok
13:11:29.0626 0x2c24  [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
13:11:29.0642 0x2c24  IpFilterDriver - ok
13:11:29.0657 0x2c24  [ 68C50E8E4265698BE6835156F4DD5008, 5B9CBBCE99315E5569E6733F13E91A687A36F536A68A2B670CC24C4BCC4EAFF4 ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
13:11:29.0688 0x2c24  iphlpsvc - ok
13:11:29.0688 0x2c24  [ 10D01A3657AC8E8004C83D613163DE1E, F9389F1BF87A2D28899F50D270DA6F48B0912CFAF06CEE566697B041DBE92F9C ] IPMIDRV         C:\windows\System32\drivers\IPMIDrv.sys
13:11:29.0704 0x2c24  IPMIDRV - ok
13:11:29.0704 0x2c24  [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT           C:\windows\system32\drivers\ipnat.sys
13:11:29.0720 0x2c24  IPNAT - ok
13:11:29.0735 0x2c24  [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda            C:\windows\system32\drivers\irda.sys
13:11:29.0735 0x2c24  irda - ok
13:11:29.0751 0x2c24  [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM          C:\windows\system32\drivers\irenum.sys
13:11:29.0751 0x2c24  IRENUM - ok
13:11:29.0751 0x2c24  [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon           C:\windows\System32\irmon.dll
13:11:29.0767 0x2c24  irmon - ok
13:11:29.0767 0x2c24  [ 1DFC3CCA51785254C5604238BB1A5467, 31451A90A91AEE14C6B24F84CB9816E5C77179D411B8B3E8547F538235BEEFB0 ] isaHelperSvc    C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
13:11:29.0767 0x2c24  isaHelperSvc - detected UnsignedFile.Multi.Generic ( 1 )
13:11:29.0892 0x2c24  Detect skipped due to KSN trusted
13:11:29.0892 0x2c24  isaHelperSvc - ok
13:11:29.0892 0x2c24  [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp          C:\windows\system32\drivers\isapnp.sys
13:11:29.0907 0x2c24  isapnp - ok
13:11:29.0907 0x2c24  [ CA20F4621AB8CD3F69199DE21B5B41C4, 0AFFC66DD10D4D15139337E5ED343A2ABBB26CC8A83B3BDF6AD10C68B3931A7C ] iScsiPrt        C:\windows\System32\drivers\msiscsi.sys
13:11:29.0923 0x2c24  iScsiPrt - ok
13:11:29.0938 0x2c24  [ B880708020E0282C788288A4D5F70B22, 2A532804F22950B6A41BB34BF6C8BE4227A551ECF2E002E2BE0D94160C236DEB ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
13:11:29.0938 0x2c24  jhi_service - ok
13:11:29.0938 0x2c24  [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass        C:\windows\System32\drivers\kbdclass.sys
13:11:29.0954 0x2c24  kbdclass - ok
13:11:29.0954 0x2c24  [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid          C:\windows\System32\drivers\kbdhid.sys
13:11:29.0970 0x2c24  kbdhid - ok
13:11:29.0970 0x2c24  [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic           C:\windows\System32\drivers\kdnic.sys
13:11:29.0985 0x2c24  kdnic - ok
13:11:29.0985 0x2c24  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso          C:\windows\system32\lsass.exe
13:11:30.0001 0x2c24  KeyIso - ok
13:11:30.0001 0x2c24  [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
13:11:30.0017 0x2c24  KSecDD - ok
13:11:30.0017 0x2c24  [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
13:11:30.0032 0x2c24  KSecPkg - ok
13:11:30.0032 0x2c24  [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
13:11:30.0048 0x2c24  ksthunk - ok
13:11:30.0063 0x2c24  [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm           C:\windows\system32\msdtckrm.dll
13:11:30.0079 0x2c24  KtmRm - ok
13:11:30.0079 0x2c24  [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer    C:\windows\system32\srvsvc.dll
13:11:30.0110 0x2c24  LanmanServer - ok
13:11:30.0110 0x2c24  [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
13:11:30.0142 0x2c24  LanmanWorkstation - ok
13:11:30.0142 0x2c24  [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc           C:\windows\System32\lfsvc.dll
13:11:30.0157 0x2c24  lfsvc - ok
13:11:30.0157 0x2c24  [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager  C:\windows\system32\LicenseManagerSvc.dll
13:11:30.0157 0x2c24  LicenseManager - ok
13:11:30.0173 0x2c24  [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio          C:\windows\system32\drivers\lltdio.sys
13:11:30.0173 0x2c24  lltdio - ok
13:11:30.0188 0x2c24  [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc         C:\windows\System32\lltdsvc.dll
13:11:30.0204 0x2c24  lltdsvc - ok
13:11:30.0204 0x2c24  [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts         C:\windows\System32\lmhsvc.dll
13:11:30.0220 0x2c24  lmhosts - ok
13:11:30.0220 0x2c24  [ 4A99BAE8FE85FCD1F5AD4B0A4B38146A, 0F7F08614AF7C1E330FFE01F4546CA2E2E04F0FB49E813398A0C7939A7031684 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:11:30.0235 0x2c24  LMS - ok
13:11:30.0251 0x2c24  [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
13:11:30.0251 0x2c24  LSI_SAS - ok
13:11:30.0267 0x2c24  [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i       C:\windows\system32\drivers\lsi_sas2i.sys
13:11:30.0267 0x2c24  LSI_SAS2i - ok
13:11:30.0282 0x2c24  [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i       C:\windows\system32\drivers\lsi_sas3i.sys
13:11:30.0282 0x2c24  LSI_SAS3i - ok
13:11:30.0282 0x2c24  [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS         C:\windows\system32\drivers\lsi_sss.sys
13:11:30.0298 0x2c24  LSI_SSS - ok
13:11:30.0313 0x2c24  [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM             C:\windows\System32\lsm.dll
13:11:30.0345 0x2c24  LSM - ok
13:11:30.0345 0x2c24  [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv           C:\windows\system32\drivers\luafv.sys
13:11:30.0360 0x2c24  luafv - ok
13:11:30.0360 0x2c24  [ 9F699136FA1A8A170C2C05D7790A5FC0, 4363C527BD2FC9FD8937E9866CA200809AC87B64EA57084491BAB6DEB8ED9E87 ] MapsBroker      C:\windows\System32\moshost.dll
13:11:30.0376 0x2c24  MapsBroker - ok
13:11:30.0376 0x2c24  mccspsvc - ok
13:11:30.0376 0x2c24  [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas         C:\windows\system32\drivers\megasas.sys
13:11:30.0392 0x2c24  megasas - ok
13:11:30.0392 0x2c24  [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i       C:\windows\system32\drivers\MegaSas2i.sys
13:11:30.0407 0x2c24  megasas2i - ok
13:11:30.0423 0x2c24  [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr          C:\windows\system32\drivers\megasr.sys
13:11:30.0438 0x2c24  megasr - ok
13:11:30.0438 0x2c24  [ 48F64A35BA9F2E4AC0587DDA555FF951, 77FE2BE86ADCE103F4220A641139C42B1407CF8EFFEB66F841ABF9CFC3621558 ] MEIx64          C:\windows\System32\drivers\TeeDriverW8x64.sys
13:11:30.0454 0x2c24  MEIx64 - ok
13:11:30.0454 0x2c24  [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\windows\System32\MessagingService.dll
13:11:30.0470 0x2c24  MessagingService - ok
13:11:30.0485 0x2c24  [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus        C:\windows\System32\drivers\mlx4_bus.sys
13:11:30.0517 0x2c24  mlx4_bus - ok
13:11:30.0517 0x2c24  [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS           C:\windows\system32\drivers\mmcss.sys
13:11:30.0517 0x2c24  MMCSS - ok
13:11:30.0532 0x2c24  [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem           C:\windows\system32\drivers\modem.sys
13:11:30.0532 0x2c24  Modem - ok
13:11:30.0548 0x2c24  [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor         C:\windows\System32\drivers\monitor.sys
13:11:30.0548 0x2c24  monitor - ok
13:11:30.0548 0x2c24  [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass        C:\windows\System32\drivers\mouclass.sys
13:11:30.0563 0x2c24  mouclass - ok
13:11:30.0563 0x2c24  [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid          C:\windows\System32\drivers\mouhid.sys
13:11:30.0579 0x2c24  mouhid - ok
13:11:30.0579 0x2c24  [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
13:11:30.0595 0x2c24  mountmgr - ok
13:11:30.0595 0x2c24  [ 65C0F9AE99ECCCA7C5C3CEFA7ED80904, AABEBEAED256318B5B8C1BC36A2E365CB942ED591C78E78EC6C55EF94A522342 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:11:30.0595 0x2c24  MozillaMaintenance - ok
13:11:30.0610 0x2c24  [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
13:11:30.0610 0x2c24  mpsdrv - ok
13:11:30.0642 0x2c24  [ A231E1861F7AA9CCC24B97176BBA838D, CDAB9A25CC55B71E8A83E50504B12E948D7A88F035918E4F94E3624E4AA0A28D ] MpsSvc          C:\windows\system32\mpssvc.dll
13:11:30.0673 0x2c24  MpsSvc - ok
13:11:30.0673 0x2c24  [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
13:11:30.0688 0x2c24  MRxDAV - ok
13:11:30.0688 0x2c24  [ D559FF28B1AD9B1E15A4186E785E61F6, 4B22A740E86CA10B1B43E36CBE9A50B53D1E5504C25694C8FF3A514DF699E99C ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
13:11:30.0720 0x2c24  mrxsmb - ok
13:11:30.0720 0x2c24  [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
13:11:30.0735 0x2c24  mrxsmb10 - ok
13:11:30.0751 0x2c24  [ 0698B15E21EA1B8742F2E7BB3142B754, 0DB79841E863F08452F895DA47CEEF6CA4D527A616EB616FDFF5F7431487E5F7 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
13:11:30.0751 0x2c24  mrxsmb20 - ok
13:11:30.0767 0x2c24  [ BEF575A5A8EC38F3BA6DB68D3CFFBD9A, 86D0BDD22430092CE1E11A7A2948725746DD848F5DF6F94808D8F0919BDF787C ] MsBridge        C:\windows\system32\drivers\bridge.sys
13:11:30.0767 0x2c24  MsBridge - ok
13:11:30.0782 0x2c24  [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC           C:\windows\System32\msdtc.exe
13:11:30.0798 0x2c24  MSDTC - ok
13:11:30.0798 0x2c24  [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs            C:\windows\system32\drivers\Msfs.sys
13:11:30.0798 0x2c24  Msfs - ok
13:11:30.0814 0x2c24  [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32     C:\windows\System32\drivers\msgpiowin32.sys
13:11:30.0814 0x2c24  msgpiowin32 - ok
13:11:30.0814 0x2c24  [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
13:11:30.0829 0x2c24  mshidkmdf - ok
13:11:30.0829 0x2c24  [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf       C:\windows\System32\drivers\mshidumdf.sys
13:11:30.0845 0x2c24  mshidumdf - ok
13:11:30.0845 0x2c24  [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
13:11:30.0860 0x2c24  msisadrv - ok
13:11:30.0860 0x2c24  [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI         C:\windows\system32\iscsiexe.dll
13:11:30.0876 0x2c24  MSiSCSI - ok
13:11:30.0876 0x2c24  msiserver - ok
13:11:30.0876 0x2c24  [ 4586CDA25B7866DD9505CEECF9DB3C74, B94CE1A7C1B6FFEF7AA33AEC30C27E01E44E6E56A4274705684BFBB738F95BCF ] MSKSSRV         C:\windows\system32\DRIVERS\MSKSSRV.sys
13:11:30.0892 0x2c24  MSKSSRV - ok
13:11:30.0892 0x2c24  [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp          C:\windows\system32\drivers\mslldp.sys
13:11:30.0907 0x2c24  MsLldp - ok
13:11:30.0907 0x2c24  [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK        C:\windows\system32\DRIVERS\MSPCLOCK.sys
13:11:30.0923 0x2c24  MSPCLOCK - ok
13:11:30.0923 0x2c24  [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM           C:\windows\system32\DRIVERS\MSPQM.sys
13:11:30.0939 0x2c24  MSPQM - ok
13:11:30.0939 0x2c24  [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
13:11:30.0954 0x2c24  MsRPC - ok
13:11:30.0954 0x2c24  [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios        C:\windows\System32\drivers\mssmbios.sys
13:11:30.0970 0x2c24  mssmbios - ok
13:11:30.0970 0x2c24  [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE           C:\windows\system32\DRIVERS\MSTEE.sys
13:11:30.0985 0x2c24  MSTEE - ok
13:11:30.0985 0x2c24  [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig        C:\windows\System32\drivers\MTConfig.sys
13:11:31.0001 0x2c24  MTConfig - ok
13:11:31.0001 0x2c24  [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup             C:\windows\system32\Drivers\mup.sys
13:11:31.0017 0x2c24  Mup - ok
13:11:31.0017 0x2c24  [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis          C:\windows\system32\drivers\mvumis.sys
13:11:31.0032 0x2c24  mvumis - ok
13:11:31.0032 0x2c24  [ A5FA29F748BBF38FC3FAE4B54FA20A93, 8912F08967CFDD2A74593C9D23F43D6487D1920969C380B39BA8EA4672B24C3B ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
13:11:31.0064 0x2c24  NativeWifiP - ok
13:11:31.0064 0x2c24  [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc          C:\windows\System32\ncasvc.dll
13:11:31.0079 0x2c24  NcaSvc - ok
13:11:31.0095 0x2c24  [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService      C:\windows\System32\ncbservice.dll
13:11:31.0110 0x2c24  NcbService - ok
13:11:31.0110 0x2c24  [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup    C:\windows\System32\NcdAutoSetup.dll
13:11:31.0142 0x2c24  NcdAutoSetup - ok
13:11:31.0142 0x2c24  [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr          C:\windows\System32\drivers\ndfltr.sys
13:11:31.0142 0x2c24  ndfltr - ok
13:11:31.0173 0x2c24  [ 63560E6BC9BCA978A6B72DF65F7A8930, 278AAB22ED6001E7E336EFC027073EDA727A3D333FF2576D087C92F8E6D768B2 ] NDIS            C:\windows\system32\drivers\ndis.sys
13:11:31.0204 0x2c24  NDIS - ok
13:11:31.0204 0x2c24  [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap         C:\windows\system32\drivers\ndiscap.sys
13:11:31.0220 0x2c24  NdisCap - ok
13:11:31.0220 0x2c24  [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform  C:\windows\system32\drivers\NdisImPlatform.sys
13:11:31.0235 0x2c24  NdisImPlatform - ok
13:11:31.0235 0x2c24  [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
13:11:31.0251 0x2c24  NdisTapi - ok
13:11:31.0251 0x2c24  [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio         C:\windows\system32\drivers\ndisuio.sys
13:11:31.0267 0x2c24  Ndisuio - ok
13:11:31.0267 0x2c24  [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus  C:\windows\System32\drivers\NdisVirtualBus.sys
13:11:31.0282 0x2c24  NdisVirtualBus - ok
13:11:31.0282 0x2c24  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan         C:\windows\System32\drivers\ndiswan.sys
13:11:31.0298 0x2c24  NdisWan - ok
13:11:31.0314 0x2c24  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy   C:\windows\system32\DRIVERS\ndiswan.sys
13:11:31.0329 0x2c24  ndiswanlegacy - ok
13:11:31.0329 0x2c24  [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy         C:\windows\system32\DRIVERS\NDProxy.sys
13:11:31.0345 0x2c24  ndproxy - ok
13:11:31.0345 0x2c24  [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu             C:\windows\system32\drivers\Ndu.sys
13:11:31.0360 0x2c24  Ndu - ok
13:11:31.0360 0x2c24  [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx    C:\windows\system32\drivers\NetAdapterCx.sys
13:11:31.0376 0x2c24  NetAdapterCx - ok
13:11:31.0376 0x2c24  [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS         C:\windows\system32\drivers\netbios.sys
13:11:31.0392 0x2c24  NetBIOS - ok
13:11:31.0392 0x2c24  [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
13:11:31.0407 0x2c24  NetBT - ok
13:11:31.0407 0x2c24  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon        C:\windows\system32\lsass.exe
13:11:31.0423 0x2c24  Netlogon - ok
13:11:31.0439 0x2c24  [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman          C:\windows\System32\netman.dll
13:11:31.0454 0x2c24  Netman - ok
13:11:31.0454 0x2c24  [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm        C:\windows\System32\netprofmsvc.dll
13:11:31.0485 0x2c24  netprofm - ok
13:11:31.0485 0x2c24  [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc     C:\windows\System32\NetSetupSvc.dll
13:11:31.0501 0x2c24  NetSetupSvc - ok
13:11:31.0517 0x2c24  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:11:31.0532 0x2c24  NetTcpPortSharing - ok
13:11:31.0548 0x2c24  [ 589882D9779C262F10C509BA458746E4, 85A964D69C50602CEE86DA4523D635962DE6526BE425A940340039979D511BA0 ] NgcCtnrSvc      C:\windows\System32\NgcCtnrSvc.dll
13:11:31.0564 0x2c24  NgcCtnrSvc - ok
13:11:31.0579 0x2c24  [ 56D1846C49F2D2B0110535AD8C90C0E4, 33C59489919A334E18A971F983E93E4A69FCD243BD06B45BC9A4F5CA224A976B ] NgcSvc          C:\windows\system32\ngcsvc.dll
13:11:31.0610 0x2c24  NgcSvc - ok
13:11:31.0626 0x2c24  [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc          C:\windows\System32\nlasvc.dll
13:11:31.0642 0x2c24  NlaSvc - ok
13:11:31.0642 0x2c24  [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs            C:\windows\system32\drivers\Npfs.sys
13:11:31.0657 0x2c24  Npfs - ok
13:11:31.0657 0x2c24  [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig       C:\windows\System32\drivers\npsvctrig.sys
13:11:31.0673 0x2c24  npsvctrig - ok
13:11:31.0673 0x2c24  [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi             C:\windows\system32\nsisvc.dll
13:11:31.0689 0x2c24  nsi - ok
13:11:31.0689 0x2c24  [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
13:11:31.0689 0x2c24  nsiproxy - ok
13:11:31.0735 0x2c24  [ 8DB6A6B731CEC9046CD8CA0267EC5679, 1C9D826D41B6C069E557B9CBF8762AB02F3C3D817AFD4F9284CD73505477E87C ] NTFS            C:\windows\system32\drivers\NTFS.sys
13:11:31.0798 0x2c24  NTFS - ok
13:11:31.0798 0x2c24  [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null            C:\windows\system32\drivers\Null.sys
13:11:31.0814 0x2c24  Null - ok
13:11:31.0814 0x2c24  [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid          C:\windows\system32\drivers\nvraid.sys
13:11:31.0814 0x2c24  nvraid - ok
13:11:31.0829 0x2c24  [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor          C:\windows\system32\drivers\nvstor.sys
13:11:31.0845 0x2c24  nvstor - ok
13:11:31.0845 0x2c24  [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc      C:\windows\System32\APHostService.dll
13:11:31.0861 0x2c24  OneSyncSvc - ok
13:11:31.0986 0x2c24  [ D75A76EB38AD90E9AB34CAB1E50CE39E, 63345F673DD7CB590910C40C77D082EE47BF377F146E0C6D948E3CCD17512673 ] Origin Client Service D:\Origin\OriginClientService.exe
13:11:32.0017 0x2c24  Origin Client Service - ok
13:11:32.0095 0x2c24  [ 8901179D73E77060AD4EED7CB8924E10, 6ED27384A70499E3DF29ED43047E1D60E78F71D1A6820C5487C4621B42B0FFD5 ] Origin Web Helper Service D:\Origin\OriginWebHelperService.exe
13:11:32.0142 0x2c24  Origin Web Helper Service - ok
13:11:32.0157 0x2c24  [ CBC25009133730EB00BFAD4E37A6D387, AC93BEBD1E13336F9A6A4AB699A34127A31EC949A9EC5930B21BA80A3A6AF916 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:11:32.0157 0x2c24  ose - ok
13:11:32.0173 0x2c24  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
13:11:32.0189 0x2c24  p2pimsvc - ok
13:11:32.0204 0x2c24  [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc          C:\windows\system32\p2psvc.dll
13:11:32.0220 0x2c24  p2psvc - ok
13:11:32.0220 0x2c24  [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport         C:\windows\System32\drivers\parport.sys
13:11:32.0236 0x2c24  Parport - ok
13:11:32.0236 0x2c24  [ 0553ECB742278C8F4CFA28B43FF20EAD, ACD7F5BC36573BCEC2C3413DEA687034ECC101EDD3C1544B264BBA29EFCE3425 ] partmgr         C:\windows\system32\drivers\partmgr.sys
13:11:32.0251 0x2c24  partmgr - ok
13:11:32.0267 0x2c24  [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc          C:\windows\System32\pcasvc.dll
13:11:32.0282 0x2c24  PcaSvc - ok
13:11:32.0298 0x2c24  [ 29AF16726F4DD84376ECA85AB6AFF2C6, BEF9EA10637065365ED343C4EBA51191B9BEADD8F1F3362D3EFE75F40BE9A027 ] pci             C:\windows\system32\drivers\pci.sys
13:11:32.0314 0x2c24  pci - ok
13:11:32.0314 0x2c24  [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide          C:\windows\system32\drivers\pciide.sys
13:11:32.0314 0x2c24  pciide - ok
13:11:32.0329 0x2c24  [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
13:11:32.0329 0x2c24  pcmcia - ok
13:11:32.0329 0x2c24  [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw             C:\windows\system32\drivers\pcw.sys
13:11:32.0345 0x2c24  pcw - ok
13:11:32.0345 0x2c24  [ CA979960D3A580C78EDB4BBD6BD3ABCC, 2A136BC562235D26F6421027B158D406FB1D08FE7D70A50DD3E4D344B0E27205 ] pdc             C:\windows\system32\drivers\pdc.sys
13:11:32.0361 0x2c24  pdc - ok
13:11:32.0376 0x2c24  [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH          C:\windows\system32\drivers\peauth.sys
13:11:32.0407 0x2c24  PEAUTH - ok
13:11:32.0407 0x2c24  [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i       C:\windows\system32\drivers\percsas2i.sys
13:11:32.0423 0x2c24  percsas2i - ok
13:11:32.0423 0x2c24  [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i       C:\windows\system32\drivers\percsas3i.sys
13:11:32.0423 0x2c24  percsas3i - ok
13:11:32.0454 0x2c24  [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost        C:\windows\SysWow64\perfhost.exe
13:11:32.0470 0x2c24  PerfHost - ok
13:11:32.0486 0x2c24  [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc        C:\windows\System32\PhoneService.dll
13:11:32.0517 0x2c24  PhoneSvc - ok
13:11:32.0517 0x2c24  [ C7A94D99CDF054248EFBD9B93D096DA6, F59F0EB5B17DC078E47D044B1126A786D67DC149AC9614CDA6AA1226EEE3EF55 ] PimIndexMaintenanceSvc C:\windows\System32\PimIndexMaintenance.dll
13:11:32.0532 0x2c24  PimIndexMaintenanceSvc - ok
13:11:32.0564 0x2c24  [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla             C:\windows\system32\pla.dll
13:11:32.0611 0x2c24  pla - ok
13:11:32.0611 0x2c24  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay        C:\windows\system32\umpnpmgr.dll
13:11:32.0626 0x2c24  PlugPlay - ok
13:11:32.0642 0x2c24  [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
13:11:32.0642 0x2c24  PNRPAutoReg - ok
13:11:32.0657 0x2c24  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
13:11:32.0673 0x2c24  PNRPsvc - ok
13:11:32.0689 0x2c24  [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
13:11:32.0704 0x2c24  PolicyAgent - ok
13:11:32.0704 0x2c24  [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power           C:\windows\system32\umpo.dll
13:11:32.0720 0x2c24  Power - ok
13:11:32.0720 0x2c24  [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport    C:\windows\System32\drivers\raspptp.sys
13:11:32.0736 0x2c24  PptpMiniport - ok
13:11:32.0798 0x2c24  [ 30AA256A85C1A7B17A590B1C5244D28E, 2C1FB30DEF53C37CA0D0CA54B65CB8572C53DDFB430DE57F964253F1082ACEA0 ] PrintNotify     C:\windows\system32\spool\drivers\x64\3\PrintConfig.dll
13:11:32.0892 0x2c24  PrintNotify - ok
13:11:32.0907 0x2c24  [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor       C:\windows\System32\drivers\processr.sys
13:11:32.0907 0x2c24  Processor - ok
13:11:32.0923 0x2c24  [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc         C:\windows\system32\profsvc.dll
13:11:32.0939 0x2c24  ProfSvc - ok
13:11:32.0954 0x2c24  [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched          C:\windows\system32\drivers\pacer.sys
13:11:32.0954 0x2c24  Psched - ok
13:11:32.0970 0x2c24  [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE           C:\windows\system32\qwave.dll
13:11:32.0986 0x2c24  QWAVE - ok
13:11:32.0986 0x2c24  [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
13:11:33.0001 0x2c24  QWAVEdrv - ok
13:11:33.0001 0x2c24  [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
13:11:33.0017 0x2c24  RasAcd - ok
13:11:33.0017 0x2c24  [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn     C:\windows\System32\drivers\AgileVpn.sys
13:11:33.0017 0x2c24  RasAgileVpn - ok
13:11:33.0032 0x2c24  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto         C:\windows\System32\rasauto.dll
13:11:33.0048 0x2c24  RasAuto - ok
13:11:33.0048 0x2c24  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp         C:\windows\System32\drivers\rasl2tp.sys
13:11:33.0064 0x2c24  Rasl2tp - ok
13:11:33.0079 0x2c24  [ 28C80449AC9CA09A6DBADF4940C125A7, A827E3A2D7DF67073CCE63C63168B2F4067C7D36E89BB99D4C6F17E46BECEB56 ] RasMan          C:\windows\System32\rasmans.dll
13:11:33.0111 0x2c24  RasMan - ok
13:11:33.0111 0x2c24  [ 726857E441D1D67F57694A1B613ABD34, 564027EF2E80F99595282FF76B6D339045B7E9AFE72D8DDF2D6EB0D98C329834 ] RasPppoe        C:\windows\System32\drivers\raspppoe.sys
13:11:33.0126 0x2c24  RasPppoe - ok
13:11:33.0126 0x2c24  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp         C:\windows\System32\drivers\rassstp.sys
13:11:33.0142 0x2c24  RasSstp - ok
13:11:33.0142 0x2c24  [ 1A49C9F966A04D031DAD4C73C49D5288, 05C8690948EAA2A55A208D8D34118C27FD5C7D7AEEF4FAD1346E40BBE586946D ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
13:11:33.0157 0x2c24  rdbss - ok
13:11:33.0173 0x2c24  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\windows\System32\drivers\rdpbus.sys
13:11:33.0173 0x2c24  rdpbus - ok
13:11:33.0189 0x2c24  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
13:11:33.0189 0x2c24  RDPDR - ok
13:11:33.0204 0x2c24  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
13:11:33.0204 0x2c24  RdpVideoMiniport - ok
13:11:33.0220 0x2c24  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
13:11:33.0220 0x2c24  rdyboost - ok
13:11:33.0251 0x2c24  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\windows\system32\drivers\ReFSv1.sys
13:11:33.0267 0x2c24  ReFSv1 - ok
13:11:33.0283 0x2c24  [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess    C:\windows\System32\mprdim.dll
13:11:33.0298 0x2c24  RemoteAccess - ok
13:11:33.0314 0x2c24  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\windows\system32\regsvc.dll
13:11:33.0329 0x2c24  RemoteRegistry - ok
13:11:33.0345 0x2c24  [ 6FF3A30B1220D939D6120646BD5801F3, A526A24912FC5401E96796E41A4945D549486464067179201BCB25BF53049862 ] RetailDemo      C:\windows\system32\RDXService.dll
13:11:33.0376 0x2c24  RetailDemo - ok
13:11:33.0376 0x2c24  [ E82F3B1918C6A5FE6EB761CDF1E772AF, 0C993FCB7BFD6E01B70A1821E0DEAFA2CB241AF8C2E6D4CC120F59C1B5F6FF5F ] RFCOMM          C:\windows\System32\drivers\rfcomm.sys
13:11:33.0392 0x2c24  RFCOMM - ok
13:11:33.0408 0x2c24  [ 9E18DF158751CF968E7DF83256D70233, 89385DA5ABD283F289E37D7D9E33358B06216E9B3659B2E70F19FD5BA49C7F90 ] RichVideo64     C:\Program Files\CyberLink\Shared files\RichVideo64.exe
13:11:33.0423 0x2c24  RichVideo64 - ok
13:11:33.0423 0x2c24  [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc           C:\windows\System32\RMapi.dll
13:11:33.0439 0x2c24  RmSvc - ok
13:11:33.0454 0x2c24  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
13:11:33.0454 0x2c24  RpcEptMapper - ok
13:11:33.0470 0x2c24  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\windows\system32\locator.exe
13:11:33.0470 0x2c24  RpcLocator - ok
13:11:33.0486 0x2c24  [ 4A7015195E49A3BA7DB967B277B21E9D, 2EE10950BC0E2B13303491725FB3F0D3AF63518B7D1593BCC4BF503F4A11F408 ] RpcSs           C:\windows\system32\rpcss.dll
13:11:33.0517 0x2c24  RpcSs - ok
13:11:33.0533 0x2c24  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\windows\system32\drivers\rspndr.sys
13:11:33.0533 0x2c24  rspndr - ok
13:11:33.0564 0x2c24  [ E11A3F79475F9D019CD51ADCCC377909, CF14C494C4A969233C1D2B32A56C86C8636AC70004725B53447C42EB63C31BA9 ] rt640x64        C:\windows\System32\drivers\rt640x64.sys
13:11:33.0579 0x2c24  rt640x64 - ok
13:11:33.0579 0x2c24  [ BCDFDA41FBE5D0AF1E97BFAE3E1364AD, E2D9F57A6720DABF95613F5B3ECD31D03B93D2F8AB26568ADB91A744B933BB32 ] RtkAvrcp        C:\windows\System32\drivers\RtkAvrcp.sys
13:11:33.0595 0x2c24  RtkAvrcp - ok
13:11:33.0595 0x2c24  [ 5714B93326B428F08798168D46576B6C, C39ACAC9F3AF47EBA2A593E59BDCB090E8C4AFA8FBDA46CC66506AAE05CD7F39 ] RtkAvrcpCtrlr   C:\windows\System32\drivers\RtkAvrcpCtrlr.sys
13:11:33.0611 0x2c24  RtkAvrcpCtrlr - ok
13:11:33.0626 0x2c24  [ 918E13C7A4A5C9FE9465B697FE7267A8, A17D085EF06082C88F7176C7E208EDAFC32BBDA570BC03B35C56051823AA934D ] RtkBtFilter     C:\windows\system32\DRIVERS\RtkBtfilter.sys
13:11:33.0642 0x2c24  RtkBtFilter - ok
13:11:33.0720 0x2c24  [ 8027D3ED5E3FBCBA680C94C7F7B5F1B2, 50D668BF416F9077F1DC1210F2662C7B5F998CD043B7C4C04C88785D799FA3B1 ] RtlWlanu        C:\windows\System32\drivers\rtwlanu.sys
13:11:33.0861 0x2c24  RtlWlanu - ok
13:11:33.0861 0x2c24  [ C967FF9CE59D51C6D4F6E126C7FB0EEE, 3693A1FDA30A9C1314FA976AC149725BB314E7C6DEFD81FDF42D050E5B3D033C ] RunSwUSB        C:\Windows\runSW.exe
13:11:33.0876 0x2c24  RunSwUSB - ok
13:11:33.0876 0x2c24  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap           C:\windows\System32\drivers\vms3cap.sys
13:11:33.0892 0x2c24  s3cap - ok
13:11:33.0892 0x2c24  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs           C:\windows\system32\lsass.exe
13:11:33.0892 0x2c24  SamSs - ok
13:11:33.0908 0x2c24  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
13:11:33.0908 0x2c24  sbp2port - ok
13:11:33.0923 0x2c24  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\windows\System32\SCardSvr.dll
13:11:33.0939 0x2c24  SCardSvr - ok
13:11:33.0939 0x2c24  [ 5E8ECCE130A72107B6DFDBE26185A7FB, 811E2CE485BC14161FF629069BCCF53B2B8C6F8B1E1A6B3A3C86DBE4F85A5577 ] ScDeviceEnum    C:\windows\System32\ScDeviceEnum.dll
13:11:33.0954 0x2c24  ScDeviceEnum - ok
13:11:33.0970 0x2c24  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
13:11:33.0970 0x2c24  scfilter - ok
13:11:33.0986 0x2c24  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\windows\system32\schedsvc.dll
13:11:34.0033 0x2c24  Schedule - ok
13:11:34.0033 0x2c24  [ B8B1D49283F33E3FFFDB611E51BCA7E5, C467A60150ED3E59D42CA45E8D0410613CC78D1B99DE011CF1C5D82FC799C27B ] scmbus          C:\windows\system32\drivers\scmbus.sys
13:11:34.0048 0x2c24  scmbus - ok
13:11:34.0048 0x2c24  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101     C:\windows\System32\drivers\scmdisk0101.sys
13:11:34.0064 0x2c24  scmdisk0101 - ok
13:11:34.0064 0x2c24  [ E189727B3C9909A85B33A16B290E192E, 2C273A9F44EDC5E5435904E9681973854B2F3EBB6100021BB139FF0CCCE9BF20 ] SCPolicySvc     C:\windows\System32\certprop.dll
13:11:34.0079 0x2c24  SCPolicySvc - ok
13:11:34.0095 0x2c24  [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus           C:\windows\System32\drivers\sdbus.sys
13:11:34.0095 0x2c24  sdbus - ok
13:11:34.0111 0x2c24  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\windows\System32\SDRSVC.dll
13:11:34.0126 0x2c24  SDRSVC - ok
13:11:34.0126 0x2c24  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\windows\System32\drivers\sdstor.sys
13:11:34.0142 0x2c24  sdstor - ok
13:11:34.0142 0x2c24  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\windows\system32\seclogon.dll
13:11:34.0142 0x2c24  seclogon - ok
13:11:34.0158 0x2c24  [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS            C:\windows\System32\sens.dll
13:11:34.0158 0x2c24  SENS - ok
13:11:34.0189 0x2c24  [ CF2AEB951CFC56D4F6CF2D66218B673C, CEA0B0E0251EA198893830080EE4CB8A9F18ADBF1F6FEFFC9C7E8AB4588D0639 ] SensorDataService C:\windows\System32\SensorDataService.exe
13:11:34.0236 0x2c24  SensorDataService - ok
13:11:34.0251 0x2c24  [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService   C:\windows\system32\SensorService.dll
13:11:34.0267 0x2c24  SensorService - ok
13:11:34.0267 0x2c24  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\windows\system32\sensrsvc.dll
13:11:34.0283 0x2c24  SensrSvc - ok
13:11:34.0298 0x2c24  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx           C:\windows\system32\drivers\SerCx.sys
13:11:34.0298 0x2c24  SerCx - ok
13:11:34.0298 0x2c24  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\windows\system32\drivers\SerCx2.sys
13:11:34.0314 0x2c24  SerCx2 - ok
13:11:34.0314 0x2c24  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum         C:\windows\System32\drivers\serenum.sys
13:11:34.0330 0x2c24  Serenum - ok
13:11:34.0330 0x2c24  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\windows\System32\drivers\serial.sys
13:11:34.0345 0x2c24  Serial - ok
13:11:34.0345 0x2c24  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\windows\System32\drivers\sermouse.sys
13:11:34.0361 0x2c24  sermouse - ok
13:11:34.0361 0x2c24  [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv      C:\windows\system32\sessenv.dll
13:11:34.0392 0x2c24  SessionEnv - ok
13:11:34.0392 0x2c24  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy         C:\windows\System32\drivers\sfloppy.sys
13:11:34.0392 0x2c24  sfloppy - ok
13:11:34.0408 0x2c24  [ E38BE81F0F6D9C74E420A82BC6A02AFE, 25D7594FD1BE0B303F9777ACBA702ACD0C27B00D21F82659989C40636851A330 ] SharedAccess    C:\windows\System32\ipnathlp.dll
13:11:34.0439 0x2c24  SharedAccess - ok
13:11:34.0455 0x2c24  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\windows\System32\shsvcs.dll
13:11:34.0486 0x2c24  ShellHWDetection - ok
13:11:34.0486 0x2c24  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\windows\system32\Windows.SharedPC.AccountManager.dll

Rakdos · 27.05.2017, 12:24

Code:

ATTFilter

13:11:34.0501 0x2c24  shpamsvc - ok
13:11:34.0501 0x2c24  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
13:11:34.0517 0x2c24  SiSRaid2 - ok
13:11:34.0517 0x2c24  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
13:11:34.0533 0x2c24  SiSRaid4 - ok
13:11:34.0533 0x2c24  [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost         C:\windows\System32\smphost.dll
13:11:34.0548 0x2c24  smphost - ok
13:11:34.0548 0x2c24  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter       C:\windows\system32\SmsRouterSvc.dll
13:11:34.0580 0x2c24  SmsRouter - ok
13:11:34.0580 0x2c24  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
13:11:34.0595 0x2c24  SNMPTRAP - ok
13:11:34.0611 0x2c24  [ A265FF86BF4C03F47EC277881138675D, 52671A64D22EAA790CAE47D6710289ADB5DBF9BC98CD7CCCF64CA43B2F2A641A ] spaceport       C:\windows\system32\drivers\spaceport.sys
13:11:34.0626 0x2c24  spaceport - ok
13:11:34.0642 0x2c24  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx           C:\windows\system32\drivers\SpbCx.sys
13:11:34.0642 0x2c24  SpbCx - ok
13:11:34.0658 0x2c24  [ 1DFE222F8D6A422B7ADC909E0C8840DA, 96761691CF4447710D65573044A1005F2F0F89443DF581A30B97D7944940BB70 ] Spooler         C:\windows\System32\spoolsv.exe
13:11:34.0689 0x2c24  Spooler - ok
13:11:34.0783 0x2c24  [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc          C:\windows\system32\sppsvc.exe
13:11:34.0892 0x2c24  sppsvc - ok
13:11:34.0908 0x2c24  [ 2E0F160AFE1EB7E8C21D6FE782FFFE0B, 0CA845468E42F0448FD7BECFA4E75E8548E20CAAA0DE0C37FFFACF7EB16CE0DE ] srv             C:\windows\system32\DRIVERS\srv.sys
13:11:34.0923 0x2c24  srv - ok
13:11:34.0939 0x2c24  [ A0BDA7332A9EE59062A7037D161C8715, C08818E52B64BDB194A2434C3F479360C960A99AD08F81CF51D64B7D92EBE0CB ] srv2            C:\windows\system32\DRIVERS\srv2.sys
13:11:34.0970 0x2c24  srv2 - ok
13:11:34.0986 0x2c24  [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
13:11:35.0001 0x2c24  srvnet - ok
13:11:35.0001 0x2c24  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
13:11:35.0017 0x2c24  SSDPSRV - ok
13:11:35.0033 0x2c24  [ BE9AD856DC28955E5933553421F99DFD, F60B5429B50CFAA6D336D8384BCD16FF262ADBCD997A5CB9CD9BCC06B67C96F8 ] SshBroker       C:\windows\System32\SshBroker.dll
13:11:35.0048 0x2c24  SshBroker - ok
13:11:35.0064 0x2c24  [ 284FB23A402836877FBCD735E0C07A7E, EA47FD98220DFA80B78D4E747602FD6D39DCAD54030EB8E478DA4EA6C9B1DC68 ] SshProxy        C:\windows\System32\SshProxy.dll
13:11:35.0080 0x2c24  SshProxy - ok
13:11:35.0080 0x2c24  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc         C:\windows\system32\sstpsvc.dll
13:11:35.0095 0x2c24  SstpSvc - ok
13:11:35.0095 0x2c24  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\windows\system32\DRIVERS\ssudmdm.sys
13:11:35.0111 0x2c24  ssudmdm - ok
13:11:35.0126 0x2c24  [ 46826B02C346D48A62FF11882AF662BB, DE8FAD3E99D0E90CE8ABA15D604CF1E80F16C9E4B92F1A41A63D56CF7D96A414 ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
13:11:35.0142 0x2c24  ss_conn_service - ok
13:11:35.0205 0x2c24  [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\windows\system32\windows.staterepository.dll
13:11:35.0314 0x2c24  StateRepository - ok
13:11:35.0345 0x2c24  [ C8DC0C34715627ABF7A265ED27D1F75A, 5B8B9AC65D7458A8C6C868107E0BE3F9B1A1A5117FC69FDC260BAA9F1BDD0008 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:11:35.0377 0x2c24  Steam Client Service - ok
13:11:35.0392 0x2c24  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\windows\system32\drivers\stexstor.sys
13:11:35.0392 0x2c24  stexstor - ok
13:11:35.0408 0x2c24  [ 505F32DE573ECEDF398DB9E2FC0D5E45, 0F257200BD79C7A62C39279B1C0AF9032028B23561DB71DA9903366A0DF88E5C ] stisvc          C:\windows\System32\wiaservc.dll
13:11:35.0439 0x2c24  stisvc - ok
13:11:35.0439 0x2c24  [ 6BC6023E866489D22CE30E18846B80D9, FD0D13332F3E267524A9FA7FEC128298D4905722807C172AE8E3DFE445C28DB1 ] storahci        C:\windows\system32\drivers\storahci.sys
13:11:35.0455 0x2c24  storahci - ok
13:11:35.0455 0x2c24  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt         C:\windows\system32\drivers\vmstorfl.sys
13:11:35.0455 0x2c24  storflt - ok
13:11:35.0470 0x2c24  [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme        C:\windows\system32\drivers\stornvme.sys
13:11:35.0470 0x2c24  stornvme - ok
13:11:35.0470 0x2c24  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\windows\system32\drivers\storqosflt.sys
13:11:35.0486 0x2c24  storqosflt - ok
13:11:35.0502 0x2c24  [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc         C:\windows\system32\storsvc.dll
13:11:35.0517 0x2c24  StorSvc - ok
13:11:35.0517 0x2c24  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs         C:\windows\system32\drivers\storufs.sys
13:11:35.0533 0x2c24  storufs - ok
13:11:35.0533 0x2c24  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc         C:\windows\system32\drivers\storvsc.sys
13:11:35.0533 0x2c24  storvsc - ok
13:11:35.0548 0x2c24  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc           C:\windows\system32\svsvc.dll
13:11:35.0548 0x2c24  svsvc - ok
13:11:35.0564 0x2c24  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\windows\System32\drivers\swenum.sys
13:11:35.0564 0x2c24  swenum - ok
13:11:35.0580 0x2c24  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv           C:\windows\System32\swprv.dll
13:11:35.0595 0x2c24  swprv - ok
13:11:35.0595 0x2c24  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\windows\System32\drivers\Synth3dVsc.sys
13:11:35.0611 0x2c24  Synth3dVsc - ok
13:11:35.0627 0x2c24  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain         C:\windows\system32\sysmain.dll
13:11:35.0673 0x2c24  SysMain - ok
13:11:35.0673 0x2c24  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
13:11:35.0705 0x2c24  SystemEventsBroker - ok
13:11:35.0705 0x2c24  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\windows\System32\TabSvc.dll
13:11:35.0720 0x2c24  TabletInputService - ok
13:11:35.0736 0x2c24  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv         C:\windows\System32\tapisrv.dll
13:11:35.0752 0x2c24  TapiSrv - ok
13:11:35.0798 0x2c24  [ F3CFBE74DAF9ABD06F0B2A037DC4C90A, 17644CD7F70CCFFC9C0881AB4017F30D030DE4884B6029C48859C9CF9CA2F14E ] Tcpip           C:\windows\system32\drivers\tcpip.sys
13:11:35.0845 0x2c24  Tcpip - ok
13:11:35.0892 0x2c24  [ F3CFBE74DAF9ABD06F0B2A037DC4C90A, 17644CD7F70CCFFC9C0881AB4017F30D030DE4884B6029C48859C9CF9CA2F14E ] Tcpip6          C:\windows\system32\drivers\tcpip.sys
13:11:35.0955 0x2c24  Tcpip6 - ok
13:11:35.0970 0x2c24  [ EC9450227A4C661513661F1F9C1F7DD6, 4DB122DECEA7C76BD20A6682958609A40CA2C9EDD236DFA19E9B31C57114DA3A ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
13:11:35.0970 0x2c24  tcpipreg - ok
13:11:35.0986 0x2c24  [ 0B237F8A96952BF95A14865030E131F2, 263089672218D3A768A6FC9D28DBEFE113D6757A9ECBAB4D364A62AC5DDA8AAE ] tdx             C:\windows\system32\DRIVERS\tdx.sys
13:11:35.0986 0x2c24  tdx - ok
13:11:36.0002 0x2c24  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\windows\System32\drivers\terminpt.sys
13:11:36.0002 0x2c24  terminpt - ok
13:11:36.0017 0x2c24  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService     C:\windows\System32\termsrv.dll
13:11:36.0048 0x2c24  TermService - ok
13:11:36.0064 0x2c24  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\windows\system32\themeservice.dll
13:11:36.0080 0x2c24  Themes - ok
13:11:36.0080 0x2c24  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\windows\system32\TieringEngineService.exe
13:11:36.0111 0x2c24  TieringEngineService - ok
13:11:36.0127 0x2c24  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\windows\system32\tileobjserver.dll
13:11:36.0142 0x2c24  tiledatamodelsvc - ok
13:11:36.0158 0x2c24  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc   C:\windows\System32\TimeBrokerServer.dll
13:11:36.0173 0x2c24  TimeBrokerSvc - ok
13:11:36.0173 0x2c24  [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM             C:\windows\System32\drivers\tpm.sys
13:11:36.0189 0x2c24  TPM - ok
13:11:36.0189 0x2c24  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\windows\System32\trkwks.dll
13:11:36.0205 0x2c24  TrkWks - ok
13:11:36.0205 0x2c24  [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
13:11:36.0220 0x2c24  TrustedInstaller - ok
13:11:36.0220 0x2c24  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\windows\system32\drivers\TsUsbFlt.sys
13:11:36.0236 0x2c24  tsusbflt - ok
13:11:36.0236 0x2c24  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD         C:\windows\System32\drivers\TsUsbGD.sys
13:11:36.0252 0x2c24  TsUsbGD - ok
13:11:36.0252 0x2c24  [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel          C:\windows\System32\drivers\tunnel.sys
13:11:36.0267 0x2c24  tunnel - ok
13:11:36.0267 0x2c24  [ 13781908186770ABE9F8EBCC2B45B138, 4BEC8466254E0C6492CC55CE344A6173878CFA040238C6BE5842E5209F066DEE ] tzautoupdate    C:\windows\system32\tzautoupdate.dll
13:11:36.0283 0x2c24  tzautoupdate - ok
13:11:36.0283 0x2c24  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\windows\System32\drivers\uaspstor.sys
13:11:36.0298 0x2c24  UASPStor - ok
13:11:36.0298 0x2c24  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101       C:\windows\system32\Drivers\UcmCx.sys
13:11:36.0314 0x2c24  UcmCx0101 - ok
13:11:36.0314 0x2c24  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\windows\system32\Drivers\UcmTcpciCx.sys
13:11:36.0330 0x2c24  UcmTcpciCx0101 - ok
13:11:36.0330 0x2c24  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi         C:\windows\System32\drivers\UcmUcsi.sys
13:11:36.0345 0x2c24  UcmUcsi - ok
13:11:36.0345 0x2c24  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\windows\system32\drivers\ucx01000.sys
13:11:36.0361 0x2c24  Ucx01000 - ok
13:11:36.0361 0x2c24  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx           C:\windows\system32\drivers\udecx.sys
13:11:36.0377 0x2c24  UdeCx - ok
13:11:36.0377 0x2c24  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
13:11:36.0392 0x2c24  udfs - ok
13:11:36.0392 0x2c24  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\windows\System32\drivers\UEFI.sys
13:11:36.0408 0x2c24  UEFI - ok
13:11:36.0408 0x2c24  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\windows\system32\drivers\ufx01000.sys
13:11:36.0423 0x2c24  Ufx01000 - ok
13:11:36.0439 0x2c24  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea     C:\windows\System32\drivers\UfxChipidea.sys
13:11:36.0439 0x2c24  UfxChipidea - ok
13:11:36.0439 0x2c24  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys     C:\windows\System32\drivers\ufxsynopsys.sys
13:11:36.0455 0x2c24  ufxsynopsys - ok
13:11:36.0470 0x2c24  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect       C:\windows\system32\UI0Detect.exe
13:11:36.0486 0x2c24  UI0Detect - ok
13:11:36.0486 0x2c24  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus           C:\windows\System32\drivers\umbus.sys
13:11:36.0502 0x2c24  umbus - ok
13:11:36.0502 0x2c24  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\windows\System32\drivers\umpass.sys
13:11:36.0517 0x2c24  UmPass - ok
13:11:36.0517 0x2c24  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\windows\System32\umrdp.dll
13:11:36.0533 0x2c24  UmRdpService - ok
13:11:36.0564 0x2c24  [ 6C8E89E9CA8A4E703631E54A5E015AF8, 3C74B9329558ACC4F701099516923DE82CBEDABD8814987221BDF71B53550586 ] UnistoreSvc     C:\windows\System32\unistore.dll
13:11:36.0595 0x2c24  UnistoreSvc - ok
13:11:36.0611 0x2c24  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\windows\System32\upnphost.dll
13:11:36.0627 0x2c24  upnphost - ok
13:11:36.0642 0x2c24  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea     C:\windows\System32\drivers\urschipidea.sys
13:11:36.0642 0x2c24  UrsChipidea - ok
13:11:36.0642 0x2c24  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\windows\system32\drivers\urscx01000.sys
13:11:36.0658 0x2c24  UrsCx01000 - ok
13:11:36.0658 0x2c24  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys     C:\windows\System32\drivers\urssynopsys.sys
13:11:36.0674 0x2c24  UrsSynopsys - ok
13:11:36.0674 0x2c24  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp         C:\windows\System32\drivers\usbccgp.sys
13:11:36.0689 0x2c24  usbccgp - ok
13:11:36.0689 0x2c24  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\windows\System32\drivers\usbcir.sys
13:11:36.0689 0x2c24  usbcir - ok
13:11:36.0705 0x2c24  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci         C:\windows\System32\drivers\usbehci.sys
13:11:36.0705 0x2c24  usbehci - ok
13:11:36.0720 0x2c24  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\windows\System32\drivers\usbhub.sys
13:11:36.0736 0x2c24  usbhub - ok
13:11:36.0752 0x2c24  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3         C:\windows\System32\drivers\UsbHub3.sys
13:11:36.0767 0x2c24  USBHUB3 - ok
13:11:36.0767 0x2c24  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci         C:\windows\System32\drivers\usbohci.sys
13:11:36.0783 0x2c24  usbohci - ok
13:11:36.0783 0x2c24  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\windows\System32\drivers\usbprint.sys
13:11:36.0783 0x2c24  usbprint - ok
13:11:36.0799 0x2c24  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\windows\System32\drivers\usbser.sys
13:11:36.0799 0x2c24  usbser - ok
13:11:36.0814 0x2c24  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR         C:\windows\System32\drivers\USBSTOR.SYS
13:11:36.0814 0x2c24  USBSTOR - ok
13:11:36.0814 0x2c24  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci         C:\windows\System32\drivers\usbuhci.sys
13:11:36.0830 0x2c24  usbuhci - ok
13:11:36.0845 0x2c24  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI         C:\windows\System32\drivers\USBXHCI.SYS
13:11:36.0861 0x2c24  USBXHCI - ok
13:11:36.0877 0x2c24  [ A39AFDD26E6F2E5595FF2D3997D7E1FE, 30DE54033DE437C16A069602529E63FF971AF0ABB383885E47B4DF5E0F8483AE ] UserDataSvc     C:\windows\System32\userdataservice.dll
13:11:36.0924 0x2c24  UserDataSvc - ok
13:11:36.0955 0x2c24  [ A1BDC8AF9F66A71744B5DC99CCEF4058, 098EDA0D186098A8D61DEF20B76F05B978FC3A08A068243FC4823423B430E95B ] UserManager     C:\windows\System32\usermgr.dll
13:11:36.0986 0x2c24  UserManager - ok
13:11:37.0002 0x2c24  [ F1374B17FE4A4617DFB6D20A0E699763, C3A515594B1593C9F141C342CA1CDB4FE7A3243D8F1785655A3378DB1FE8ED65 ] UsoSvc          C:\windows\system32\usocore.dll
13:11:37.0017 0x2c24  UsoSvc - ok
13:11:37.0033 0x2c24  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc        C:\windows\system32\lsass.exe
13:11:37.0033 0x2c24  VaultSvc - ok
13:11:37.0049 0x2c24  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
13:11:37.0049 0x2c24  vdrvroot - ok
13:11:37.0064 0x2c24  [ 70D165B3EA8BC576828DC2B964C8D116, 92C9381BDECB5C991F848A02AF2F4189CE0119961FB37E57A37594A80704DDC5 ] vds             C:\windows\System32\vds.exe
13:11:37.0095 0x2c24  vds - ok
13:11:37.0095 0x2c24  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt     C:\windows\system32\drivers\VerifierExt.sys
13:11:37.0111 0x2c24  VerifierExt - ok
13:11:37.0127 0x2c24  [ F7F3E80E84E51A6F89831A6F26056A98, CB7587900C466D834693115E1E23D0A44490C128CA1684FB93CB8C34AFCEBC71 ] vhdmp           C:\windows\System32\drivers\vhdmp.sys
13:11:37.0142 0x2c24  vhdmp - ok
13:11:37.0142 0x2c24  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf             C:\windows\System32\drivers\vhf.sys
13:11:37.0158 0x2c24  vhf - ok
13:11:37.0158 0x2c24  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus           C:\windows\system32\drivers\vmbus.sys
13:11:37.0174 0x2c24  vmbus - ok
13:11:37.0174 0x2c24  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\windows\System32\drivers\VMBusHID.sys
13:11:37.0174 0x2c24  VMBusHID - ok
13:11:37.0189 0x2c24  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid           C:\windows\System32\drivers\vmgid.sys
13:11:37.0189 0x2c24  vmgid - ok
13:11:37.0205 0x2c24  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\windows\System32\icsvc.dll
13:11:37.0220 0x2c24  vmicguestinterface - ok
13:11:37.0220 0x2c24  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat   C:\windows\System32\icsvc.dll
13:11:37.0236 0x2c24  vmicheartbeat - ok
13:11:37.0236 0x2c24  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\windows\System32\icsvc.dll
13:11:37.0252 0x2c24  vmickvpexchange - ok
13:11:37.0267 0x2c24  [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicrdv         C:\windows\System32\icsvcext.dll
13:11:37.0283 0x2c24  vmicrdv - ok
13:11:37.0299 0x2c24  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown    C:\windows\System32\icsvc.dll
13:11:37.0314 0x2c24  vmicshutdown - ok
13:11:37.0314 0x2c24  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync    C:\windows\System32\icsvc.dll
13:11:37.0330 0x2c24  vmictimesync - ok
13:11:37.0330 0x2c24  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession   C:\windows\System32\icsvc.dll
13:11:37.0345 0x2c24  vmicvmsession - ok
13:11:37.0361 0x2c24  [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicvss         C:\windows\System32\icsvcext.dll
13:11:37.0377 0x2c24  vmicvss - ok
13:11:37.0377 0x2c24  [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr          C:\windows\system32\drivers\volmgr.sys
13:11:37.0392 0x2c24  volmgr - ok
13:11:37.0392 0x2c24  [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
13:11:37.0408 0x2c24  volmgrx - ok
13:11:37.0424 0x2c24  [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap         C:\windows\system32\drivers\volsnap.sys
13:11:37.0439 0x2c24  volsnap - ok
13:11:37.0439 0x2c24  [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume          C:\windows\system32\drivers\volume.sys
13:11:37.0455 0x2c24  volume - ok
13:11:37.0455 0x2c24  [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci            C:\windows\System32\drivers\vpci.sys
13:11:37.0470 0x2c24  vpci - ok
13:11:37.0470 0x2c24  [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
13:11:37.0486 0x2c24  vsmraid - ok
13:11:37.0502 0x2c24  [ DDA66AEF89DAC320A85AECCB4369D2E7, 0F267FC985E0CA3624FC5F4DDA25623649BAD544772179261576F793A0485523 ] VSS             C:\windows\system32\vssvc.exe
13:11:37.0549 0x2c24  VSS - ok
13:11:37.0564 0x2c24  [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID        C:\windows\system32\drivers\vstxraid.sys
13:11:37.0580 0x2c24  VSTXRAID - ok
13:11:37.0580 0x2c24  [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
13:11:37.0595 0x2c24  vwifibus - ok
13:11:37.0595 0x2c24  [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt        C:\windows\system32\drivers\vwififlt.sys
13:11:37.0595 0x2c24  vwififlt - ok
13:11:37.0611 0x2c24  [ B1133B813E4CBF258A392CA08255BA24, 6061F27BD24F39A630ABE77921051785CB4B325156379A5E3636817DD6399C6F ] vwifimp         C:\windows\System32\drivers\vwifimp.sys
13:11:37.0611 0x2c24  vwifimp - ok
13:11:37.0627 0x2c24  [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time         C:\windows\system32\w32time.dll
13:11:37.0642 0x2c24  W32Time - ok
13:11:37.0658 0x2c24  [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen        C:\windows\System32\drivers\wacompen.sys
13:11:37.0658 0x2c24  WacomPen - ok
13:11:37.0674 0x2c24  [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService   C:\windows\system32\WalletService.dll
13:11:37.0689 0x2c24  WalletService - ok
13:11:37.0705 0x2c24  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp          C:\windows\system32\DRIVERS\wanarp.sys
13:11:37.0721 0x2c24  wanarp - ok
13:11:37.0721 0x2c24  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
13:11:37.0736 0x2c24  wanarpv6 - ok
13:11:37.0767 0x2c24  [ 8413D292CD1B27D6B6127B90697F2B1C, E03F9AAC410F5AEDCC30FDB4D8F4739AE7B290EFA735C480A29E9FE53C1D8420 ] wbengine        C:\windows\system32\wbengine.exe
13:11:37.0799 0x2c24  wbengine - ok
13:11:37.0830 0x2c24  [ 8C521D161445C3E1F38A494E7649E70D, F00990B2FE1FB52C74A2057E6480C5EBF2BDBC32955CC03C6B63360F20A49A18 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
13:11:37.0861 0x2c24  WbioSrvc - ok
13:11:37.0861 0x2c24  [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs           C:\windows\system32\drivers\wcifs.sys
13:11:37.0877 0x2c24  wcifs - ok
13:11:37.0892 0x2c24  [ CA10C91D802ABE6E5136E2168C2CD2B4, 5979FF9ED783ED3154257ED0507C7BBAF8C77C081CC30AE835EA8AF7508AAD08 ] Wcmsvc          C:\windows\System32\wcmsvc.dll
13:11:37.0924 0x2c24  Wcmsvc - ok
13:11:37.0924 0x2c24  [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc         C:\windows\System32\wcncsvc.dll
13:11:37.0955 0x2c24  wcncsvc - ok
13:11:37.0955 0x2c24  [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs           C:\windows\system32\drivers\wcnfs.sys
13:11:37.0970 0x2c24  wcnfs - ok
13:11:37.0970 0x2c24  [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot          C:\windows\system32\drivers\WdBoot.sys
13:11:37.0986 0x2c24  WdBoot - ok
13:11:38.0002 0x2c24  [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
13:11:38.0033 0x2c24  Wdf01000 - ok
13:11:38.0033 0x2c24  [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter        C:\windows\system32\drivers\WdFilter.sys
13:11:38.0049 0x2c24  WdFilter - ok
13:11:38.0049 0x2c24  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost  C:\windows\system32\wdi.dll
13:11:38.0064 0x2c24  WdiServiceHost - ok
13:11:38.0080 0x2c24  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost   C:\windows\system32\wdi.dll
13:11:38.0096 0x2c24  WdiSystemHost - ok
13:11:38.0111 0x2c24  [ EDC08B8D3E67F96688774841C247B82A, DB5AFAF87C74431B8EB5420DBF5428691F291B63C2FDE8282EE2E399C76F63F3 ] wdiwifi         C:\windows\system32\DRIVERS\wdiwifi.sys
13:11:38.0142 0x2c24  wdiwifi - ok
13:11:38.0142 0x2c24  [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv        C:\windows\system32\Drivers\WdNisDrv.sys
13:11:38.0158 0x2c24  WdNisDrv - ok
13:11:38.0158 0x2c24  WdNisSvc - ok
13:11:38.0158 0x2c24  [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient       C:\windows\System32\webclnt.dll
13:11:38.0189 0x2c24  WebClient - ok
13:11:38.0205 0x2c24  [ 2D1C892A586B9EF5B9DB2E26D744AB0E, B61173946A3784A503940FD8F231CFEA4D47ADE3E28E6F2853D5A5473EB775F8 ] WebManagement   C:\windows\system32\WebManagement.exe
13:11:38.0236 0x2c24  WebManagement - ok
13:11:38.0252 0x2c24  [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc          C:\windows\system32\wecsvc.dll
13:11:38.0283 0x2c24  Wecsvc - ok
13:11:38.0283 0x2c24  [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC      C:\windows\system32\wephostsvc.dll
13:11:38.0299 0x2c24  WEPHOSTSVC - ok
13:11:38.0299 0x2c24  [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport   C:\windows\System32\wercplsupport.dll
13:11:38.0314 0x2c24  wercplsupport - ok
13:11:38.0314 0x2c24  [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc          C:\windows\System32\WerSvc.dll
13:11:38.0330 0x2c24  WerSvc - ok
13:11:38.0346 0x2c24  [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS         C:\windows\system32\drivers\wfplwfs.sys
13:11:38.0346 0x2c24  WFPLWFS - ok
13:11:38.0346 0x2c24  [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc          C:\windows\System32\wiarpc.dll
13:11:38.0361 0x2c24  WiaRpc - ok
13:11:38.0361 0x2c24  [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
13:11:38.0377 0x2c24  WIMMount - ok
13:11:38.0377 0x2c24  WinDefend - ok
13:11:38.0392 0x2c24  [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\windows\system32\drivers\WindowsTrustedRT.sys
13:11:38.0392 0x2c24  WindowsTrustedRT - ok
13:11:38.0392 0x2c24  [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\windows\system32\drivers\WindowsTrustedRTProxy.sys
13:11:38.0408 0x2c24  WindowsTrustedRTProxy - ok
13:11:38.0424 0x2c24  [ 4AB1AC1E60118443A14C241F91AC8FC9, 2B9237AC124874664E31B4F313BAAF8059BD0749653496784B4B89B4B7F66784 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
13:11:38.0455 0x2c24  WinHttpAutoProxySvc - ok
13:11:38.0455 0x2c24  [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad          C:\windows\System32\drivers\winmad.sys
13:11:38.0471 0x2c24  WinMad - ok
13:11:38.0471 0x2c24  [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
13:11:38.0486 0x2c24  Winmgmt - ok
13:11:38.0533 0x2c24  [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM           C:\windows\system32\WsmSvc.dll
13:11:38.0611 0x2c24  WinRM - ok
13:11:38.0611 0x2c24  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\windows\System32\drivers\WinUSB.SYS
13:11:38.0627 0x2c24  WINUSB - ok
13:11:38.0627 0x2c24  [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs        C:\windows\System32\drivers\winverbs.sys
13:11:38.0642 0x2c24  WinVerbs - ok
13:11:38.0658 0x2c24  [ 15F0990B7C101163FE27D9B19FEB3D43, 5020EF7755E0ACDA77E816C44A5B75286CC1BEA182BECF9D7252EB826A4F1FFE ] wisvc           C:\windows\system32\flightsettings.dll
13:11:38.0689 0x2c24  wisvc - ok
13:11:38.0721 0x2c24  [ 5A7AA8198156DC2BFF9F064E29D11AF5, 9CBAF1B99B54CDE087E0FC0A2601B3F056F81F2F5AF63B5BB71C7389247E496A ] WlanSvc         C:\windows\System32\wlansvc.dll
13:11:38.0799 0x2c24  WlanSvc - ok
13:11:38.0861 0x2c24  [ EF39F106D7E0A8918E98E4CDAE25F2E2, B6EDF2646C1E3A1684C40DFC475694DF540C2B1B8E4247AE343E1DF34B1CE4F7 ] wlidsvc         C:\windows\system32\wlidsvc.dll
13:11:38.0908 0x2c24  wlidsvc - ok
13:11:38.0924 0x2c24  [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi         C:\windows\System32\drivers\wmiacpi.sys
13:11:38.0939 0x2c24  WmiAcpi - ok
13:11:38.0939 0x2c24  [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
13:11:38.0955 0x2c24  wmiApSrv - ok
13:11:38.0955 0x2c24  WMPNetworkSvc - ok
13:11:38.0971 0x2c24  [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof             C:\windows\system32\drivers\Wof.sys
13:11:38.0971 0x2c24  Wof - ok
13:11:39.0017 0x2c24  [ 5820CC51AB1C368F29ECCA713397D006, AA0CC2BC4DF7DBFB144FF47C3508BEEF00467C9D312C135AFB3406E42C6CD821 ] workfolderssvc  C:\windows\system32\workfolderssvc.dll
13:11:39.0064 0x2c24  workfolderssvc - ok
13:11:39.0080 0x2c24  [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
13:11:39.0080 0x2c24  WPDBusEnum - ok
13:11:39.0096 0x2c24  [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr       C:\windows\system32\drivers\WpdUpFltr.sys
13:11:39.0096 0x2c24  WpdUpFltr - ok
13:11:39.0111 0x2c24  [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\windows\system32\WpnService.dll
13:11:39.0127 0x2c24  WpnService - ok
13:11:39.0127 0x2c24  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\windows\System32\WpnUserService.dll
13:11:39.0143 0x2c24  WpnUserService - ok
13:11:39.0143 0x2c24  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
13:11:39.0158 0x2c24  ws2ifsl - ok
13:11:39.0158 0x2c24  [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc          C:\windows\System32\wscsvc.dll
13:11:39.0174 0x2c24  wscsvc - ok
13:11:39.0174 0x2c24  WSearch - ok
13:11:39.0221 0x2c24  [ A44EAEFD97814D970870F393A06E6F43, 58EF20121E656F1FBB7ADD9AAE789DFE6E8BA9FB3363678645708C9DDEB9814E ] wuauserv        C:\windows\system32\wuaueng.dll
13:11:39.0283 0x2c24  wuauserv - ok
13:11:39.0299 0x2c24  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
13:11:39.0314 0x2c24  WudfPf - ok
13:11:39.0314 0x2c24  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\windows\System32\drivers\WUDFRd.sys
13:11:39.0330 0x2c24  WUDFRd - ok
13:11:39.0330 0x2c24  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc         C:\windows\System32\WUDFSvc.dll
13:11:39.0346 0x2c24  wudfsvc - ok
13:11:39.0361 0x2c24  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs       C:\windows\system32\DRIVERS\WUDFRd.sys
13:11:39.0377 0x2c24  WUDFWpdFs - ok
13:11:39.0377 0x2c24  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp      C:\windows\system32\DRIVERS\WUDFRd.sys
13:11:39.0393 0x2c24  WUDFWpdMtp - ok
13:11:39.0424 0x2c24  [ D313FF382A26D1295B212A66EE3E52A8, 59FEF2AF611507BCB6FE036A7D4F1595F3449B76F9B055CDC67DC1BE1D90EEB8 ] WwanSvc         C:\windows\System32\wwansvc.dll
13:11:39.0455 0x2c24  WwanSvc - ok
13:11:39.0502 0x2c24  [ 7EF75102A793AAA6AAA45A4F7C15FF4D, A3FB68905F3E3A7DE52B85FAD966ABCB787FAC7E709964CE9BF2A4F9AC8B0653 ] XblAuthManager  C:\windows\System32\XblAuthManager.dll
13:11:39.0533 0x2c24  XblAuthManager - ok
13:11:39.0564 0x2c24  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave     C:\windows\System32\XblGameSave.dll
13:11:39.0611 0x2c24  XblGameSave - ok
13:11:39.0611 0x2c24  [ DB77764B46D02DCB9777D9E00A3F7D63, 469491E3A57FBB0CB0482A2493823B57410E24A5BD4C1C96D79FE9888F7827BB ] xboxgip         C:\windows\System32\drivers\xboxgip.sys
13:11:39.0627 0x2c24  xboxgip - ok
13:11:39.0658 0x2c24  [ 1A8D9EA4DD1A3E276B85EDB05B42BEC7, 23FC10AC29BDF917AEDB3AAF82537EC2C72453E52B41836FD83643054FA4F0BE ] XboxNetApiSvc   C:\windows\system32\XboxNetApiSvc.dll
13:11:39.0689 0x2c24  XboxNetApiSvc - ok
13:11:39.0689 0x2c24  [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid       C:\windows\System32\drivers\xinputhid.sys
13:11:39.0705 0x2c24  xinputhid - ok
13:11:39.0705 0x2c24  ================ Scan global ===============================
13:11:39.0705 0x2c24  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\windows\system32\basesrv.dll
13:11:39.0721 0x2c24  [ F109EE1ACA4F7E5714C892D2B01D0890, 1915BD17558BE17C3242AF014351676D47E22A7E8A455A14C23B564E726DB061 ] C:\windows\system32\winsrv.dll
13:11:39.0721 0x2c24  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\windows\system32\sxssrv.dll
13:11:39.0736 0x2c24  [ 9A3B47CD17283B299311013AD3D21D26, 48D5695E7610E7A742E403B2C37664D961E466C10E4FFAE07C8AB6B5BE5F7BF8 ] C:\windows\system32\services.exe
13:11:39.0736 0x2c24  [ Global ] - ok
13:11:39.0736 0x2c24  ================ Scan MBR ==================================
13:11:39.0736 0x2c24  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:11:39.0830 0x2c24  \Device\Harddisk0\DR0 - ok
13:11:39.0830 0x2c24  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
13:11:39.0846 0x2c24  \Device\Harddisk1\DR1 - ok
13:11:39.0846 0x2c24  [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk2\DR2
13:11:39.0908 0x2c24  \Device\Harddisk2\DR2 - ok
13:11:39.0908 0x2c24  [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk3\DR3
13:11:39.0971 0x2c24  \Device\Harddisk3\DR3 - ok
13:11:39.0971 0x2c24  ================ Scan VBR ==================================
13:11:39.0986 0x2c24  [ 0D33423372B746DFCFE851F08CFE8584 ] \Device\Harddisk0\DR0\Partition1
13:11:39.0986 0x2c24  \Device\Harddisk0\DR0\Partition1 - ok
13:11:39.0986 0x2c24  [ F8E8043A6639333302661C8408F3A3DA ] \Device\Harddisk0\DR0\Partition2
13:11:39.0986 0x2c24  \Device\Harddisk0\DR0\Partition2 - ok
13:11:39.0986 0x2c24  [ 629E5F1714D8BC1ABCFA7532BFBBDC2D ] \Device\Harddisk1\DR1\Partition1
13:11:39.0986 0x2c24  \Device\Harddisk1\DR1\Partition1 - ok
13:11:39.0986 0x2c24  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition2
13:11:39.0986 0x2c24  \Device\Harddisk1\DR1\Partition2 - ok
13:11:39.0986 0x2c24  [ 71C42354EBF969FFA251BB44FF83D893 ] \Device\Harddisk1\DR1\Partition3
13:11:39.0986 0x2c24  \Device\Harddisk1\DR1\Partition3 - ok
13:11:40.0002 0x2c24  [ BA875B2DB8CD24E4C32CCEB64DF9800F ] \Device\Harddisk1\DR1\Partition4
13:11:40.0002 0x2c24  \Device\Harddisk1\DR1\Partition4 - ok
13:11:40.0002 0x2c24  [ 2C348376FF55A80EBE65AC340CB1BAB3 ] \Device\Harddisk1\DR1\Partition5
13:11:40.0002 0x2c24  \Device\Harddisk1\DR1\Partition5 - ok
13:11:40.0002 0x2c24  [ 73236A0C2ED494001A32CF9223ABB9DE ] \Device\Harddisk2\DR2\Partition1
13:11:40.0002 0x2c24  \Device\Harddisk2\DR2\Partition1 - ok
13:11:40.0002 0x2c24  [ 7B02706D31DBAED2D11F6251B9D2052C ] \Device\Harddisk3\DR3\Partition1
13:11:40.0002 0x2c24  \Device\Harddisk3\DR3\Partition1 - ok
13:11:40.0002 0x2c24  ================ Scan generic autorun ======================
13:11:40.0002 0x2c24  [ A8012BE61DC9CEFA5C41C2DA995812BD, 63D64926B700AD5378C7A719CD71906382EAAA1BE3CB2EE22D9A63D13E12C272 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
13:11:40.0018 0x2c24  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
13:11:40.0127 0x2c24  Detect skipped due to KSN trusted
13:11:40.0127 0x2c24  IAStorIcon - ok
13:11:40.0361 0x2c24  [ 9FF986F535FE279E6A34CF37C46D8D1C, 5DE7DB245725760B68D6DD4E55556F100B85114F159183B0C3FA4CFA86A79AFA ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
13:11:40.0643 0x2c24  RTHDVCPL - ok
13:11:40.0674 0x2c24  [ 5F6A6961E2DF5C60F3D17C043D492E88, BAC1FC11FC0A960018F1661290D899B6FEB8D8F0683288BA310FCF30C77F7CB8 ] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe
13:11:40.0674 0x2c24  BtServer - ok
13:11:40.0690 0x2c24  [ 261FA7FC23C71C4D4CCD1516248C7601, 65FDFE293BAFA6CABC998E08B475772EBB0FF77E10D90D6F412CC50325879236 ] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
13:11:40.0690 0x2c24  CLMLServer_For_P2G8 - ok
13:11:40.0705 0x2c24  [ ECBB2D38A1F29E48412007D679943AB3, B933B2596DBA71E8FDFA03ACAC0CDC8E797A793D3D342A609A803466CE78FFD6 ] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
13:11:40.0705 0x2c24  CLVirtualDrive - ok
13:11:40.0721 0x2c24  [ AF9688A90020A67F271D54E503F84C26, 538E068126D072F64BE7BC1B5902D20B6755EF7F7B1C3A04F82C9C97BE0AD50E ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
13:11:40.0721 0x2c24  Avira SystrayStartTrigger - ok
13:11:40.0736 0x2c24  [ 30ECFDFE0FAE38B0608A23B444A1A04D, C61EFB59D3ACA2C7345E17099265D62C37F9F34DA026519A58C297350A561945 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
13:11:40.0768 0x2c24  avgnt - ok
13:11:40.0924 0x2c24  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:11:41.0065 0x2c24  OneDriveSetup - ok
13:11:41.0205 0x2c24  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:11:41.0346 0x2c24  OneDriveSetup - ok
13:11:41.0487 0x2c24  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:11:41.0612 0x2c24  OneDriveSetup - ok
13:11:41.0643 0x2c24  [ 642102CCB9EF737E188D136B93AB9A1F, 9BF47F3B3DAD7938C804C951FC81AC5C1EA8BDD94AB29630D5080CE797F3CC0F ] C:\Users\Floh\AppData\Local\Microsoft\OneDrive\OneDrive.exe
13:11:41.0674 0x2c24  OneDrive - ok
13:11:41.0799 0x2c24  [ 3F218819210022E0D585957FB155D4A3, A2F27FCB349BAE82B4A4475F3C26E5D57D0EC07C22228F35CFFE3ABBFBA2EEF8 ] D:\Steam\steam.exe
13:11:41.0846 0x2c24  Steam - ok
13:11:41.0846 0x2c24  Waiting for KSN requests completion. In queue: 232
13:11:42.0862 0x2c24  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\WindowsSecurityCenter.exe ( 15.0.26.45 ), 0x41000 ( enabled : updated )
13:11:42.0878 0x2c24  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1198 ), 0x60100 ( disabled : updated )
13:11:42.0878 0x2c24  Win FW state via NFP2: enabled ( trusted )
13:11:43.0034 0x2c24  ============================================================
13:11:43.0034 0x2c24  Scan finished
13:11:43.0034 0x2c24  ============================================================
13:11:43.0034 0x1358  Detected object count: 0
13:11:43.0034 0x1358  Actual detected object count: 0
13:12:24.0764 0x25f4  Deinitialize success

M-K-D-B · 27.05.2017, 13:22

Servus,

Schritt 1

Deinstalliere über die Systemsteuerung (Bebilderte Anleitung):
- chip 1-click download service
Starte den Rechner im Anschluss neu auf.

Schritt 2
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- Image File Execution Options Schlüssel
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- Firewall
- Internet Explorer Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware 3

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 4

Starte die FRST erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die beiden neuen Logdateien von FRST.

Rakdos · 28.05.2017, 07:15

Okay, Schritt 1 wurde durchgeführt, nun Schritt 2:

Code:

ATTFilter

# AdwCleaner v6.046 - Bericht erstellt am 28/05/2017 um 08:03:24
# Aktualisiert am 24/04/2017 von Malwarebytes
# Datenbank : 2017-05-26.6 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Floh - DESKTOP-TSI6RU0
# Gestartet von : C:\Users\Floh\Desktop\AdwCleaner_6.046.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\defaultuser0\AppData\Local\Host App Service
[-] Ordner gelöscht: C:\Users\Floh\AppData\Local\Temp\DMR


***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****



***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1198 Bytes] - [28/05/2017 08:03:24]
C:\AdwCleaner\AdwCleaner[S0].txt - [1433 Bytes] - [28/05/2017 08:02:46]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1344 Bytes] ##########

Beginne nun Schritt 3

Schritt 3

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 28.05.17
Scan-Zeit: 08:09
Protokolldatei: mbam.txt
Administrator: Ja

-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.122
Version des Aktualisierungspakets: 1.0.2036
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-TSI6RU0\Floh

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 384044
Erkannte Bedrohungen: 0
(keine bösartigen Elemente erkannt)
In die Quarantäne verschobene Bedrohungen: 0
(keine bösartigen Elemente erkannt)
Abgelaufene Zeit: 1 Min., 36 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)

Schritt 4, zuerst FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2017
durchgeführt von Floh (Administrator) auf DESKTOP-TSI6RU0 (28-05-2017 08:13:29)
Gestartet von C:\Users\Floh\Desktop
Geladene Profile: Floh &  (Verfügbare Profile: defaultuser0 & Floh)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Windows\runSW.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Realtek) C:\Windows\SwUSB.exe
(Electronic Arts) D:\Origin\OriginWebHelperService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\SkypePlugin.exe
(Valve Corporation) D:\Steam\Steam.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16152792 2015-07-17] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [230104 2015-07-10] (Realtek Semiconductor Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110008 2016-01-20] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [499128 2016-01-20] (CyberLink Corp.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61944 2017-04-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [912768 2017-04-29] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-638367787-3787977131-1498176509-1001\...\Run: [Steam] => D:\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-638367787-3787977131-1498176509-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080821121\...\Run: [Steam] => D:\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-638367787-3787977131-1498176509-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080906243\...\Run: [Steam] => D:\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase6_18_erinnerung.lnk [2017-01-24]
ShortcutTarget: phase6_18_erinnerung.lnk -> D:\phase6\phase6_18\WinStart\WinStart.exe (phase6)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{6a5a4a31-f2ea-42a1-a9da-78fa0e3e2576}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{fe23c381-270f-46ce-be84-2e65f273da19}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-638367787-3787977131-1498176509-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-638367787-3787977131-1498176509-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-638367787-3787977131-1498176509-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080821121\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-638367787-3787977131-1498176509-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080821121\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-638367787-3787977131-1498176509-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080906243\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-638367787-3787977131-1498176509-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080906243\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: nsqq5y44.default
FF ProfilePath: C:\Users\Floh\AppData\Roaming\Mozilla\Firefox\Profiles\nsqq5y44.default [2017-05-28]
FF Homepage: Mozilla\Firefox\Profiles\nsqq5y44.default -> hxxps://duckduckgo.com/
FF Extension: (Avira Browser Safety) - C:\Users\Floh\AppData\Roaming\Mozilla\Firefox\Profiles\nsqq5y44.default\Extensions\abs@avira.com.xpi [2017-04-05]
FF Extension: (Racism Simulator) - C:\Users\Floh\AppData\Roaming\Mozilla\Firefox\Profiles\nsqq5y44.default\Extensions\{24966bf9-1f0a-48b0-8745-7a02dc5ff345}.xpi [2017-04-20]
FF Extension: (Adblock Plus) - C:\Users\Floh\AppData\Roaming\Mozilla\Firefox\Profiles\nsqq5y44.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-26] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-638367787-3787977131-1498176509-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-01-27] ()
FF Plugin HKU\S-1-5-21-638367787-3787977131-1498176509-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080821121: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-01-27] ()
FF Plugin HKU\S-1-5-21-638367787-3787977131-1498176509-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080906243: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-01-27] ()

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1119712 2017-04-29] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [488920 2017-04-29] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [488920 2017-04-29] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1520680 2017-04-29] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350120 2017-04-11] (Avira Operations GmbH & Co. KG)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [41176 2015-03-02] (Realtek Semiconductor Corporation)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [121560 2015-07-20] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
S4 debugregsvc; C:\windows\System32\debugregsvc.dll [29184 2016-07-15] (Microsoft Corporation)
S3 DeveloperToolsService; C:\Windows\System32\DeveloperToolsSvc.exe [104448 2017-03-28] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-22] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2147216 2017-05-05] (Electronic Arts)
R2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [3116440 2017-05-05] (Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] ()
S3 SshBroker; C:\windows\System32\SshBroker.dll [360960 2016-12-21] (Microsoft Corporation)
S3 SshProxy; C:\windows\System32\SshProxy.dll [275456 2016-12-21] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S4 WebManagement; C:\windows\system32\WebManagement.exe [1000448 2016-09-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\1.9.741.0\\McCSPServiceHost.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\windows\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\windows\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\windows\system32\drivers\AtihdWT6.sys [110104 2016-09-28] (Advanced Micro Devices)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [161824 2017-03-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\system32\DRIVERS\avipbb.sys [163976 2017-03-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [44488 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\system32\DRIVERS\avnetflt.sys [88488 2017-03-02] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\windows\System32\Drivers\avusbflt.sys [48584 2017-03-02] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [77440 2017-05-09] ()
R2 MBAMChameleon; C:\windows\system32\drivers\MBAMChameleon.sys [187320 2017-05-28] (Malwarebytes)
R3 MBAMFarflt; C:\windows\system32\drivers\farflt.sys [113592 2017-05-28] (Malwarebytes)
R3 MBAMProtection; C:\windows\system32\drivers\mbam.sys [43968 2017-05-28] (Malwarebytes)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-28] (Malwarebytes)
R3 MBAMWebProtection; C:\windows\system32\drivers\mwac.sys [93624 2017-05-28] (Malwarebytes)
S3 NetAdapterCx; C:\windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\windows\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek                                            )
S3 RtkAvrcp; C:\windows\System32\drivers\RtkAvrcp.sys [67840 2015-09-09] (Realtek Semiconductor Corporation)
S3 RtkAvrcpCtrlr; C:\windows\System32\drivers\RtkAvrcpCtrlr.sys [70672 2015-05-12] (Realtek Semiconductor Corporation)
R3 RtkBtFilter; C:\windows\system32\DRIVERS\RtkBtfilter.sys [611096 2015-09-15] (Realtek Semiconductor Corporation)
R3 RtlWlanu; C:\windows\System32\drivers\rtwlanu.sys [5195776 2016-07-16] (Realtek Semiconductor Corporation                           )
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

NETSVC: debugregsvc -> C:\Windows\System32\debugregsvc.dll (Microsoft Corporation)

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-28 08:13 - 2017-05-28 08:13 - 00018130 _____ C:\Users\Floh\Desktop\FRST.txt
2017-05-28 08:11 - 2017-05-28 08:11 - 00001389 _____ C:\Users\Floh\Desktop\mbam.txt
2017-05-28 08:07 - 2017-05-28 08:08 - 00093624 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2017-05-28 08:07 - 2017-05-28 08:07 - 00251832 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-28 08:07 - 2017-05-28 08:07 - 00187320 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMChameleon.sys
2017-05-28 08:07 - 2017-05-28 08:07 - 00113592 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys
2017-05-28 08:07 - 2017-05-28 08:07 - 00043968 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2017-05-28 08:07 - 2017-05-28 08:07 - 00001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-28 08:07 - 2017-05-28 08:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-28 08:07 - 2017-05-28 08:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-28 08:07 - 2017-05-28 08:07 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-28 08:07 - 2017-05-09 16:37 - 00077440 _____ C:\windows\system32\Drivers\mbae64.sys
2017-05-28 08:05 - 2017-05-28 08:06 - 63364552 _____ (Malwarebytes ) C:\Users\Floh\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.122-1.0.1976.exe
2017-05-28 08:00 - 2017-05-28 08:00 - 04102600 _____ C:\Users\Floh\Desktop\AdwCleaner_6.046.exe
2017-05-28 07:58 - 2017-05-28 08:03 - 00000000 ____D C:\AdwCleaner
2017-05-27 13:10 - 2017-05-27 13:12 - 00270154 _____ C:\TDSSKiller.3.1.0.15_27.05.2017_13.10.27_log.txt
2017-05-27 13:09 - 2017-05-27 13:10 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Floh\Desktop\tdsskiller.exe
2017-05-27 13:08 - 2017-05-27 13:08 - 00054681 _____ C:\Users\Floh\Desktop\Addition-1.txt
2017-05-27 13:07 - 2017-05-28 08:13 - 00000000 ____D C:\FRST
2017-05-27 13:07 - 2017-05-27 13:08 - 00094905 _____ C:\Users\Floh\Desktop\FRST-1.txt
2017-05-27 13:06 - 2017-05-27 13:07 - 02429952 _____ (Farbar) C:\Users\Floh\Desktop\FRST64.exe
2017-05-27 10:15 - 2017-05-27 10:15 - 01496584 _____ C:\Users\Floh\Downloads\HijackThis - CHIP-Installer.exe
2017-05-27 10:15 - 2017-05-27 10:15 - 00000000 ____D C:\Users\Floh\AppData\Local\Downloaded Installations
2017-05-25 07:55 - 2017-05-25 07:55 - 00000000 ____D C:\Users\Floh\AppData\Roaming\Google
2017-05-25 07:07 - 2017-05-25 09:50 - 00000000 ____D C:\Users\Floh\AppData\Local\Google
2017-05-25 07:07 - 2017-05-25 09:50 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-25 07:07 - 2017-05-25 07:07 - 01130328 _____ (Google Inc.) C:\Users\Floh\Downloads\ChromeSetup.exe
2017-05-24 07:56 - 2017-05-24 07:56 - 00000000 ____D C:\Users\Floh\Documents\Samsung
2017-05-24 07:55 - 2017-05-24 08:04 - 00000000 ____D C:\Users\Floh\AppData\Roaming\Samsung
2017-05-24 07:55 - 2017-05-24 08:04 - 00000000 ____D C:\Program Files (x86)\Samsung
2017-05-24 07:55 - 2017-05-24 07:56 - 00000000 ____D C:\ProgramData\Samsung
2017-05-24 07:55 - 2017-05-24 07:55 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2017-05-24 07:55 - 2017-01-16 08:26 - 00165504 _____ (Samsung Electronics Co., Ltd.) C:\windows\system32\Drivers\ssudmdm.sys
2017-05-24 07:55 - 2017-01-16 08:26 - 00131712 _____ (Samsung Electronics Co., Ltd.) C:\windows\system32\Drivers\ssudbus.sys
2017-05-24 07:55 - 2016-12-09 09:04 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\windows\SysWOW64\secman.dll
2017-05-17 15:26 - 2017-05-17 15:26 - 00003160 _____ C:\windows\System32\Tasks\StartCN
2017-05-17 15:26 - 2017-05-17 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-05-17 15:26 - 2017-05-17 15:26 - 00000000 ____D C:\Program Files (x86)\AMD
2017-05-16 18:06 - 2017-05-16 18:06 - 10320248 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdvlk64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 08479104 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdvlk32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 02536320 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amfrt64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 02198400 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amfrt32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atiadlxy.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atiadlxx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00924544 _____ (AMD) C:\windows\system32\coinst_17.10.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00864120 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amdlvr64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00696192 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amdlvr32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00551808 _____ C:\windows\system32\dgtrayicon.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00546688 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Rapidfire64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00531328 _____ C:\windows\system32\GameManager64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00514424 _____ C:\windows\system32\amdgfxinfo64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00483712 _____ C:\windows\system32\atieah64.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00478080 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\Rapidfire.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00467328 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atidemgy.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00411008 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atiapfxx.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00360312 _____ C:\windows\SysWOW64\amdgfxinfo32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00334208 _____ C:\windows\SysWOW64\atieah32.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00245112 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atig6txx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00242048 _____ C:\windows\SysWOW64\hsa-thunk.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00203648 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atigktxx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00167808 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atisamu64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00156704 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\aticfx64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00148440 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\aticfx32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00133504 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atisamu32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00122744 _____ (AMD) C:\windows\system32\atimuixx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00121208 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00115072 _____ C:\windows\system32\atidxx64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112512 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdxc64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112000 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00101760 _____ C:\windows\SysWOW64\atidxx32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00099192 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdxc32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00091520 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdmcl64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00075136 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdmcl32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00068992 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\ati2erec.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00044920 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\RapidFireServer64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00042368 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\RapidFireServer.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029056 _____ (Microsoft Corporation) C:\windows\system32\detoured.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00573800 _____ C:\windows\system32\amdmiracast.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00196176 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amdhcp64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00164400 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amdhcp32.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00139080 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdave64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atimpc64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdpcom64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00116072 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdave32.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00102520 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdpcom32.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00102512 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atimpc32.dll
2017-05-16 13:57 - 2017-05-16 13:57 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2017-05-15 15:29 - 2017-05-15 15:29 - 00000202 _____ C:\Users\Floh\Desktop\NOT A HERO.url
2017-05-15 15:23 - 2017-05-15 15:23 - 00000202 _____ C:\Users\Floh\Desktop\The Binding of Isaac.url
2017-05-15 15:21 - 2017-05-15 15:21 - 00000202 _____ C:\Users\Floh\Desktop\Binary Domain.url
2017-05-15 15:21 - 2017-05-15 15:21 - 00000202 _____ C:\Users\Floh\Desktop\Antichamber.url
2017-05-14 22:13 - 2017-05-14 22:13 - 00365636 _____ C:\windows\Minidump\051417-6718-01.dmp
2017-05-10 20:09 - 2017-04-28 03:28 - 00965472 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReAgent.dll
2017-05-10 20:09 - 2017-04-28 02:59 - 00601712 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2017-05-10 20:09 - 2017-04-28 02:56 - 02048488 _____ C:\windows\SysWOW64\CoreUIComponents.dll
2017-05-10 20:09 - 2017-04-28 02:55 - 00088416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\scmbus.sys
2017-05-10 20:09 - 2017-04-28 02:53 - 00616048 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2017-05-10 20:09 - 2017-04-28 02:48 - 00263472 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Storage.ApplicationData.dll
2017-05-10 20:09 - 2017-04-28 02:46 - 05722320 _____ (Microsoft Corporation) C:\windows\SysWOW64\windows.storage.dll
2017-05-10 20:09 - 2017-04-28 02:46 - 01504056 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2017-05-10 20:09 - 2017-04-28 02:46 - 01431232 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-10 20:09 - 2017-04-28 02:45 - 02263832 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2017-05-10 20:09 - 2017-04-28 02:45 - 00975744 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinapi.appcore.dll
2017-05-10 20:09 - 2017-04-28 02:45 - 00861024 _____ (Microsoft Corporation) C:\windows\SysWOW64\LicenseManager.dll
2017-05-10 20:09 - 2017-04-28 02:45 - 00781144 _____ (Microsoft Corporation) C:\windows\SysWOW64\WWAHost.exe
2017-05-10 20:09 - 2017-04-28 02:45 - 00493920 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncHost.exe
2017-05-10 20:09 - 2017-04-28 02:45 - 00116576 _____ (Microsoft Corporation) C:\windows\SysWOW64\CloudExperienceHostCommon.dll
2017-05-10 20:09 - 2017-04-28 02:43 - 02168288 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2017-05-10 20:09 - 2017-04-28 02:43 - 01980768 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2017-05-10 20:09 - 2017-04-28 02:43 - 01557224 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2017-05-10 20:09 - 2017-04-28 02:43 - 00846560 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinTypes.dll
2017-05-10 20:09 - 2017-04-28 02:42 - 00601952 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetSetupEngine.dll
2017-05-10 20:09 - 2017-04-28 02:41 - 00361104 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsmf.dll
2017-05-10 20:09 - 2017-04-28 02:40 - 06665952 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-10 20:09 - 2017-04-28 02:40 - 04023008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2017-05-10 20:09 - 2017-04-28 02:40 - 01851696 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmp4srcsnk.dll
2017-05-10 20:09 - 2017-04-28 02:40 - 01360456 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfnetsrc.dll
2017-05-10 20:09 - 2017-04-28 02:40 - 01277856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfasfsrcsnk.dll
2017-05-10 20:09 - 2017-04-28 02:40 - 01202936 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmpeg2srcsnk.dll
2017-05-10 20:09 - 2017-04-28 02:40 - 00981888 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfnetcore.dll
2017-05-10 20:09 - 2017-04-28 02:40 - 00352760 _____ (Microsoft Corporation) C:\windows\SysWOW64\MMDevAPI.dll
2017-05-10 20:09 - 2017-04-28 02:39 - 20967840 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2017-05-10 20:09 - 2017-04-28 02:39 - 04312248 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2017-05-10 20:09 - 2017-04-28 02:39 - 00962760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2017-05-10 20:09 - 2017-04-28 02:39 - 00715104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
2017-05-10 20:09 - 2017-04-28 02:38 - 00557408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2017-05-10 20:09 - 2017-04-28 02:35 - 01414208 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32full.dll
2017-05-10 20:09 - 2017-04-28 02:35 - 00276832 _____ (Microsoft Corporation) C:\windows\SysWOW64\input.dll
2017-05-10 20:09 - 2017-04-28 02:29 - 05685760 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2017-05-10 20:09 - 2017-04-28 02:23 - 01631232 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-10 20:09 - 2017-04-28 02:23 - 00095232 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserDataTimeUtil.dll
2017-05-10 20:09 - 2017-04-28 02:22 - 00165376 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReInfo.dll
2017-05-10 20:09 - 2017-04-28 02:22 - 00026112 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbcconf.dll
2017-05-10 20:09 - 2017-04-28 02:21 - 00224256 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExSMime.dll
2017-05-10 20:09 - 2017-04-28 02:21 - 00027648 _____ (Microsoft Corporation) C:\windows\SysWOW64\BthTelemetry.dll
2017-05-10 20:09 - 2017-04-28 02:20 - 00141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Radios.dll
2017-05-10 20:09 - 2017-04-28 02:20 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\virtdisk.dll
2017-05-10 20:09 - 2017-04-28 02:19 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserDeviceRegistration.dll
2017-05-10 20:09 - 2017-04-28 02:19 - 00138240 _____ (Microsoft Corporation) C:\windows\SysWOW64\DisplayManager.dll
2017-05-10 20:09 - 2017-04-28 02:18 - 00450560 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2017-05-10 20:09 - 2017-04-28 02:18 - 00285184 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-05-10 20:09 - 2017-04-28 02:18 - 00255488 _____ (Microsoft Corporation) C:\windows\SysWOW64\unimdm.tsp
2017-05-10 20:09 - 2017-04-28 02:17 - 00328192 _____ (Microsoft Corporation) C:\windows\SysWOW64\daxexec.dll
2017-05-10 20:09 - 2017-04-28 02:17 - 00142336 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.WiFi.dll
2017-05-10 20:09 - 2017-04-28 02:17 - 00136192 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinRtTracing.dll
2017-05-10 20:09 - 2017-04-28 02:17 - 00095232 _____ (Microsoft Corporation) C:\windows\SysWOW64\BluetoothApis.dll
2017-05-10 20:09 - 2017-04-28 02:17 - 00094208 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.StateRepositoryClient.dll
2017-05-10 20:09 - 2017-04-28 02:16 - 00392192 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Gaming.Input.dll
2017-05-10 20:09 - 2017-04-28 02:16 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.LowLevel.dll
2017-05-10 20:09 - 2017-04-28 02:16 - 00315904 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 20:09 - 2017-04-28 02:16 - 00231936 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-05-10 20:09 - 2017-04-28 02:16 - 00203776 _____ (Microsoft Corporation) C:\windows\SysWOW64\credprovhost.dll
2017-05-10 20:09 - 2017-04-28 02:16 - 00184320 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserMgrProxy.dll
2017-05-10 20:09 - 2017-04-28 02:16 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\InstallAgent.exe
2017-05-10 20:09 - 2017-04-28 02:16 - 00118272 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppointmentActivation.dll
2017-05-10 20:09 - 2017-04-28 02:16 - 00113152 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Lights.dll
2017-05-10 20:09 - 2017-04-28 02:15 - 00557568 _____ (Microsoft Corporation) C:\windows\SysWOW64\StoreAgent.dll
2017-05-10 20:09 - 2017-04-28 02:15 - 00404992 _____ (Microsoft Corporation) C:\windows\SysWOW64\dsreg.dll
2017-05-10 20:09 - 2017-04-28 02:15 - 00334848 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastlsext.dll
2017-05-10 20:09 - 2017-04-28 02:15 - 00237568 _____ (Microsoft Corporation) C:\windows\SysWOW64\SyncSettings.dll
2017-05-10 20:09 - 2017-04-28 02:15 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\bthprops.cpl
2017-05-10 20:09 - 2017-04-28 02:15 - 00117760 _____ (Microsoft Corporation) C:\windows\SysWOW64\AuthBroker.dll
2017-05-10 20:09 - 2017-04-28 02:15 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Core.dll
2017-05-10 20:09 - 2017-04-28 02:14 - 00670208 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.PointOfService.dll
2017-05-10 20:09 - 2017-04-28 02:14 - 00483840 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.AllJoyn.dll
2017-05-10 20:09 - 2017-04-28 02:14 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\InstallAgentUserBroker.exe
2017-05-10 20:09 - 2017-04-28 02:13 - 13873664 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 01755136 _____ (Microsoft Corporation) C:\windows\SysWOW64\DeviceFlows.DataModel.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 01243136 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00562176 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.SmartCards.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00506880 _____ (Microsoft Corporation) C:\windows\SysWOW64\DevicePairing.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00426496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00386048 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00332288 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Internal.Bluetooth.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00325120 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleacc.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00298496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Internal.Management.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00271360 _____ (Microsoft Corporation) C:\windows\SysWOW64\deviceaccess.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00218624 _____ (Microsoft Corporation) C:\windows\SysWOW64\WwaApi.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\vaultcli.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00202752 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00185856 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00175616 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Scanners.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00125952 _____ (Microsoft Corporation) C:\windows\SysWOW64\apprepapi.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00114176 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupugc.exe
2017-05-10 20:09 - 2017-04-28 02:12 - 00498688 _____ (Microsoft Corporation) C:\windows\SysWOW64\mbsmsapi.dll
2017-05-10 20:09 - 2017-04-28 02:12 - 00431616 _____ (Microsoft Corporation) C:\windows\SysWOW64\efswrt.dll
2017-05-10 20:09 - 2017-04-28 02:12 - 00284672 _____ (Microsoft Corporation) C:\windows\SysWOW64\apprepsync.dll
2017-05-10 20:09 - 2017-04-28 02:12 - 00262144 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Picker.dll
2017-05-10 20:09 - 2017-04-28 02:11 - 00846336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebcamUi.dll
2017-05-10 20:09 - 2017-04-28 02:11 - 00747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Ocr.dll
2017-05-10 20:09 - 2017-04-28 02:11 - 00075776 _____ (Microsoft Corporation) C:\windows\SysWOW64\updatepolicy.dll
2017-05-10 20:09 - 2017-04-28 02:10 - 00857600 _____ (Microsoft Corporation) C:\windows\SysWOW64\EmailApis.dll
2017-05-10 20:09 - 2017-04-28 02:10 - 00819200 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppContracts.dll
2017-05-10 20:09 - 2017-04-28 02:10 - 00816640 _____ (Microsoft Corporation) C:\windows\SysWOW64\NaturalLanguage6.dll
2017-05-10 20:09 - 2017-04-28 02:10 - 00764928 _____ (Microsoft Corporation) C:\windows\SysWOW64\mprddm.dll
2017-05-10 20:09 - 2017-04-28 02:10 - 00314368 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Usb.dll
2017-05-10 20:09 - 2017-04-28 02:10 - 00284672 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.dll
2017-05-10 20:09 - 2017-04-28 02:10 - 00238080 _____ (Microsoft Corporation) C:\windows\SysWOW64\AboveLockAppHost.dll
2017-05-10 20:09 - 2017-04-28 02:09 - 00584192 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-10 20:09 - 2017-04-28 02:09 - 00525824 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintDialogs.dll
2017-05-10 20:09 - 2017-04-28 02:09 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2017-05-10 20:09 - 2017-04-28 02:09 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll
2017-05-10 20:09 - 2017-04-28 02:09 - 00352256 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Enumeration.dll
2017-05-10 20:09 - 2017-04-28 02:08 - 07626752 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2017-05-10 20:09 - 2017-04-28 02:08 - 01534464 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-05-10 20:09 - 2017-04-28 02:08 - 01228288 _____ (Microsoft Corporation) C:\windows\SysWOW64\usercpl.dll
2017-05-10 20:09 - 2017-04-28 02:08 - 00653312 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.AccountsControl.dll
2017-05-10 20:09 - 2017-04-28 02:08 - 00288256 _____ (Microsoft Corporation) C:\windows\SysWOW64\CryptoWinRT.dll
2017-05-10 20:09 - 2017-04-28 02:07 - 03689984 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2017-05-10 20:09 - 2017-04-28 02:07 - 00525312 _____ (Microsoft Corporation) C:\windows\SysWOW64\LogonController.dll
2017-05-10 20:09 - 2017-04-28 02:07 - 00256512 _____ (Microsoft Corporation) C:\windows\SysWOW64\thumbcache.dll
2017-05-10 20:09 - 2017-04-28 02:06 - 04614656 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.dll
2017-05-10 20:09 - 2017-04-28 02:06 - 02333184 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2017-05-10 20:09 - 2017-04-28 02:06 - 00901120 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Bluetooth.dll
2017-05-10 20:09 - 2017-04-28 02:06 - 00675840 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.dll
2017-05-10 20:09 - 2017-04-28 02:05 - 03733504 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_47.dll
2017-05-10 20:09 - 2017-04-28 02:05 - 00886272 _____ (Microsoft Corporation) C:\windows\SysWOW64\aadtb.dll
2017-05-10 20:09 - 2017-04-28 02:05 - 00709120 _____ (Microsoft Corporation) C:\windows\SysWOW64\CPFilters.dll
2017-05-10 20:09 - 2017-04-28 02:05 - 00589312 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Sensors.dll
2017-05-10 20:09 - 2017-04-28 02:04 - 01323008 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsp_fs.dll
2017-05-10 20:09 - 2017-04-28 02:03 - 01137152 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsp_health.dll
2017-05-10 20:09 - 2017-04-28 02:03 - 01077760 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Editing.dll
2017-05-10 20:09 - 2017-04-28 02:03 - 00355328 _____ (Microsoft Corporation) C:\windows\SysWOW64\RTMediaFrame.dll
2017-05-10 20:09 - 2017-04-28 02:03 - 00318464 _____ (Microsoft Corporation) C:\windows\SysWOW64\LocationApi.dll
2017-05-10 20:09 - 2017-04-28 02:03 - 00291328 _____ (Microsoft Corporation) C:\windows\SysWOW64\adsnt.dll
2017-05-10 20:09 - 2017-04-28 02:03 - 00134656 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Energy.dll
2017-05-10 20:09 - 2017-04-28 02:02 - 03307008 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFMediaEngine.dll
2017-05-10 20:09 - 2017-04-28 02:02 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
2017-05-10 20:09 - 2017-04-28 02:01 - 00795648 _____ (Microsoft Corporation) C:\windows\SysWOW64\MiracastReceiver.dll
2017-05-10 20:09 - 2017-04-28 02:01 - 00713216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpnapps.dll
2017-05-10 20:09 - 2017-04-28 02:01 - 00343040 _____ (Microsoft Corporation) C:\windows\SysWOW64\PlayToDevice.dll
2017-05-10 20:09 - 2017-04-28 02:01 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\unimdm.tsp
2017-05-10 20:09 - 2017-04-28 02:01 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\dlnashext.dll
2017-05-10 20:09 - 2017-04-28 02:01 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\dialclient.dll
2017-05-10 20:09 - 2017-04-28 02:00 - 02749440 _____ (Microsoft Corporation) C:\windows\SysWOW64\mispace.dll
2017-05-10 20:09 - 2017-04-28 02:00 - 01255936 _____ (Microsoft Corporation) C:\windows\SysWOW64\AzureSettingSyncProvider.dll
2017-05-10 20:09 - 2017-04-28 02:00 - 00249856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BthLEEnum.sys
2017-05-10 20:09 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\WinRtTracing.dll
2017-05-10 20:09 - 2017-04-28 02:00 - 00149504 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Core.dll
2017-05-10 20:09 - 2017-04-28 01:59 - 02154496 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi.dll
2017-05-10 20:09 - 2017-04-28 01:59 - 00895488 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Streaming.dll
2017-05-10 20:09 - 2017-04-28 01:59 - 00467968 _____ (Microsoft Corporation) C:\windows\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 20:09 - 2017-04-28 01:59 - 00220672 _____ (Microsoft Corporation) C:\windows\SysWOW64\PlayToReceiver.dll
2017-05-10 20:09 - 2017-04-28 01:58 - 07468544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2017-05-10 20:09 - 2017-04-28 01:58 - 00546304 _____ (Microsoft Corporation) C:\windows\SysWOW64\uReFS.dll
2017-05-10 20:09 - 2017-04-28 01:58 - 00433664 _____ (Microsoft Corporation) C:\windows\SysWOW64\imapi2.dll
2017-05-10 20:09 - 2017-04-28 01:58 - 00134144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ErrorDetails.dll
2017-05-10 20:09 - 2017-04-28 01:58 - 00090624 _____ (Microsoft Corporation) C:\windows\SysWOW64\olepro32.dll
2017-05-10 20:09 - 2017-04-28 01:57 - 01247232 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2017-05-10 20:09 - 2017-04-28 01:57 - 01221120 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Audio.dll
2017-05-10 20:09 - 2017-04-28 01:57 - 00719872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsp_sr.dll
2017-05-10 20:09 - 2017-04-28 01:57 - 00641024 _____ (Microsoft Corporation) C:\windows\SysWOW64\MCRecvSrc.dll
2017-05-10 20:09 - 2017-04-28 01:57 - 00089600 _____ (Microsoft Corporation) C:\windows\SysWOW64\CameraCaptureUI.dll
2017-05-10 20:09 - 2017-04-28 01:56 - 00400384 _____ (Microsoft Corporation) C:\windows\SysWOW64\PlayToManager.dll
2017-05-10 20:09 - 2017-04-28 01:56 - 00358912 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.dll
2017-05-10 20:09 - 2017-04-28 01:56 - 00357376 _____ (Microsoft Corporation) C:\windows\SysWOW64\Geolocation.dll
2017-05-10 20:09 - 2017-04-28 01:56 - 00333312 _____ (Microsoft Corporation) C:\windows\SysWOW64\SensorsApi.dll
2017-05-10 20:09 - 2017-04-28 01:56 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Devices.dll
2017-05-10 20:09 - 2017-04-28 01:55 - 01993216 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2017-05-10 20:09 - 2017-04-28 01:55 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2017-05-10 20:09 - 2017-04-28 01:55 - 01656320 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Perception.dll
2017-05-10 20:09 - 2017-04-28 01:55 - 01413632 _____ (Microsoft Corporation) C:\windows\SysWOW64\OpcServices.dll
2017-05-10 20:09 - 2017-04-28 01:55 - 01232384 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-05-10 20:09 - 2017-04-28 01:55 - 01170944 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Speech.dll
2017-05-10 20:09 - 2017-04-28 01:55 - 01004544 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Input.Inking.dll
2017-05-10 20:09 - 2017-04-28 01:55 - 00561664 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Wallet.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 02747904 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpcore.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 02646528 _____ (Microsoft Corporation) C:\windows\SysWOW64\CertEnroll.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 02483200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 01883648 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Logon.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 01013248 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Web.Http.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 00967680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2017-05-10 20:09 - 2017-04-28 01:54 - 00654336 _____ (Microsoft Corporation) C:\windows\SysWOW64\MbaeApiPublic.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 00598528 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Web.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\ShareHost.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 00348160 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Midi.dll
2017-05-10 20:09 - 2017-04-28 01:53 - 01170944 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-05-10 20:09 - 2017-04-28 01:53 - 00798208 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2017-05-10 20:09 - 2017-04-28 01:53 - 00751104 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-10 20:09 - 2017-04-28 01:53 - 00621056 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.dll
2017-05-10 20:09 - 2017-04-28 01:53 - 00245760 _____ (Microsoft Corporation) C:\windows\system32\WwaApi.dll
2017-05-10 20:09 - 2017-04-28 01:52 - 03106304 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2017-05-10 20:09 - 2017-04-28 01:52 - 02994176 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32kfull.sys
2017-05-10 20:09 - 2017-04-28 01:52 - 02008576 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2017-05-10 20:09 - 2017-04-28 01:52 - 01600000 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2017-05-10 20:09 - 2017-04-28 01:50 - 00783360 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2017-05-10 20:09 - 2017-04-28 01:44 - 00548864 _____ (Microsoft Corporation) C:\windows\system32\usocore.dll
2017-05-10 20:09 - 2017-04-28 01:43 - 00963584 _____ (Microsoft Corporation) C:\windows\system32\WebcamUi.dll
2017-05-10 20:09 - 2017-04-28 01:41 - 01080320 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Ocr.dll
2017-05-10 20:09 - 2017-04-28 01:40 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.dll
2017-05-10 20:09 - 2017-04-28 01:39 - 04596224 _____ (Microsoft Corporation) C:\windows\system32\xpsrchvw.exe
2017-05-10 20:09 - 2017-04-28 01:38 - 02424320 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Perception.dll
2017-05-10 20:09 - 2017-04-28 01:37 - 02538496 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2017-05-10 20:09 - 2017-04-28 01:37 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.Maps.dll
2017-05-10 20:09 - 2017-04-28 01:37 - 01266176 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Input.Inking.dll
2017-05-10 20:09 - 2017-04-28 01:37 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\wuuhext.dll
2017-05-10 20:09 - 2017-04-28 01:30 - 00483840 _____ (Microsoft Corporation) C:\windows\SysWOW64\CoreMessaging.dll
2017-05-10 20:09 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2017-05-10 20:09 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Cred.dll
2017-05-10 20:09 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserDataAccountApis.dll
2017-05-10 20:09 - 2017-03-04 08:22 - 00265728 _____ C:\windows\SysWOW64\Windows.Perception.Stub.dll
2017-05-10 20:09 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2017-05-10 20:09 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Graphics.Printing.dll
2017-05-10 20:09 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.Phone.dll
2017-05-10 20:09 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\windows\SysWOW64\xpsrchvw.exe
2017-05-10 20:09 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.appcore.dll
2017-05-10 20:09 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\windows\SysWOW64\TokenBroker.dll
2017-05-10 20:08 - 2017-04-28 02:58 - 01706488 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2017-05-10 20:08 - 2017-04-28 02:57 - 00794928 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.Shell.Broker.dll
2017-05-10 20:08 - 2017-04-28 02:57 - 00603488 _____ (Microsoft Corporation) C:\windows\system32\ContentDeliveryManager.Utilities.dll
2017-05-10 20:08 - 2017-04-28 02:53 - 07784288 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2017-05-10 20:08 - 2017-04-28 02:53 - 02213760 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2017-05-10 20:08 - 2017-04-28 02:53 - 00774224 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2017-05-10 20:08 - 2017-04-28 02:52 - 02255712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2017-05-10 20:08 - 2017-04-28 02:49 - 02681200 _____ C:\windows\system32\CoreUIComponents.dll
2017-05-10 20:08 - 2017-04-28 02:49 - 00764392 _____ (Microsoft Corporation) C:\windows\system32\CoreMessaging.dll
2017-05-10 20:08 - 2017-04-28 02:46 - 00410464 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2017-05-10 20:08 - 2017-04-28 02:42 - 00328008 _____ (Microsoft Corporation) C:\windows\system32\Windows.Storage.ApplicationData.dll
2017-05-10 20:08 - 2017-04-28 02:40 - 07220184 _____ (Microsoft Corporation) C:\windows\system32\windows.storage.dll
2017-05-10 20:08 - 2017-04-28 02:40 - 02759704 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2017-05-10 20:08 - 2017-04-28 02:40 - 02187104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2017-05-10 20:08 - 2017-04-28 02:40 - 01860288 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2017-05-10 20:08 - 2017-04-28 02:40 - 01738560 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2017-05-10 20:08 - 2017-04-28 02:40 - 01157000 _____ (Microsoft Corporation) C:\windows\system32\twinapi.appcore.dll
2017-05-10 20:08 - 2017-04-28 02:40 - 00857440 _____ (Microsoft Corporation) C:\windows\system32\WWAHost.exe
2017-05-10 20:08 - 2017-04-28 02:40 - 00578400 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncHost.exe
2017-05-10 20:08 - 2017-04-28 02:40 - 00402784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2017-05-10 20:08 - 2017-04-28 02:40 - 00146784 _____ (Microsoft Corporation) C:\windows\system32\CloudExperienceHostCommon.dll
2017-05-10 20:08 - 2017-04-28 02:40 - 00026976 _____ (Microsoft Corporation) C:\windows\system32\browser_broker.exe
2017-05-10 20:08 - 2017-04-28 02:39 - 00624048 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2017-05-10 20:08 - 2017-04-28 02:38 - 02915704 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2017-05-10 20:08 - 2017-04-28 02:38 - 02446704 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2017-05-10 20:08 - 2017-04-28 02:38 - 01852200 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2017-05-10 20:08 - 2017-04-28 02:38 - 01267512 _____ (Microsoft Corporation) C:\windows\system32\WinTypes.dll
2017-05-10 20:08 - 2017-04-28 02:38 - 00847200 _____ (Microsoft Corporation) C:\windows\system32\NetSetupEngine.dll
2017-05-10 20:08 - 2017-04-28 02:38 - 00431968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdbss.sys
2017-05-10 20:08 - 2017-04-28 02:36 - 00408600 _____ (Microsoft Corporation) C:\windows\system32\tsmf.dll
2017-05-10 20:08 - 2017-04-28 02:36 - 00092512 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2017-05-10 20:08 - 2017-04-28 02:35 - 08170600 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Protection.PlayReady.dll
2017-05-10 20:08 - 2017-04-28 02:35 - 04260576 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2017-05-10 20:08 - 2017-04-28 02:35 - 01988048 _____ (Microsoft Corporation) C:\windows\system32\mfmp4srcsnk.dll
2017-05-10 20:08 - 2017-04-28 02:35 - 01702392 _____ (Microsoft Corporation) C:\windows\system32\mfasfsrcsnk.dll
2017-05-10 20:08 - 2017-04-28 02:35 - 01302136 _____ (Microsoft Corporation) C:\windows\system32\mfmpeg2srcsnk.dll
2017-05-10 20:08 - 2017-04-28 02:35 - 00596040 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2017-05-10 20:08 - 2017-04-28 02:34 - 22220856 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2017-05-10 20:08 - 2017-04-28 02:34 - 04674360 _____ (Microsoft Corporation) C:\windows\explorer.exe
2017-05-10 20:08 - 2017-04-28 02:34 - 01600624 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2017-05-10 20:08 - 2017-04-28 02:34 - 01277824 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2017-05-10 20:08 - 2017-04-28 02:34 - 01072248 _____ (Microsoft Corporation) C:\windows\system32\mfnetcore.dll
2017-05-10 20:08 - 2017-04-28 02:34 - 00443232 _____ (Microsoft Corporation) C:\windows\system32\MMDevAPI.dll
2017-05-10 20:08 - 2017-04-28 02:34 - 00244824 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2017-05-10 20:08 - 2017-04-28 02:34 - 00241504 _____ (Microsoft Corporation) C:\windows\system32\CloudExperienceHost.dll
2017-05-10 20:08 - 2017-04-28 02:30 - 01569184 _____ (Microsoft Corporation) C:\windows\system32\gdi32full.dll
2017-05-10 20:08 - 2017-04-28 02:28 - 00453536 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2017-05-10 20:08 - 2017-04-28 02:28 - 00387864 _____ (Microsoft Corporation) C:\windows\system32\wmpps.dll
2017-05-10 20:08 - 2017-04-28 02:21 - 00073728 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2017-05-10 20:08 - 2017-04-28 02:19 - 00584192 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIRibbonRes.dll
2017-05-10 20:08 - 2017-04-28 02:19 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2017-05-10 20:08 - 2017-04-28 02:15 - 00822784 _____ (Microsoft Corporation) C:\windows\SysWOW64\Chakradiag.dll
2017-05-10 20:08 - 2017-04-28 02:15 - 00126464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2017-05-10 20:08 - 2017-04-28 02:14 - 00306688 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieproxy.dll
2017-05-10 20:08 - 2017-04-28 02:14 - 00270336 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2017-05-10 20:08 - 2017-04-28 02:12 - 00635904 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2017-05-10 20:08 - 2017-04-28 02:12 - 00236544 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2017-05-10 20:08 - 2017-04-28 02:11 - 00340480 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2017-05-10 20:08 - 2017-04-28 02:10 - 07216640 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2017-05-10 20:08 - 2017-04-28 02:10 - 00661504 _____ (Microsoft Corporation) C:\windows\SysWOW64\WpcWebFilter.dll
2017-05-10 20:08 - 2017-04-28 02:08 - 18365440 _____ (Microsoft Corporation) C:\windows\SysWOW64\edgehtml.dll
2017-05-10 20:08 - 2017-04-28 02:07 - 00372736 _____ (Microsoft Corporation) C:\windows\system32\RDXTaskFactory.dll
2017-05-10 20:08 - 2017-04-28 02:06 - 22569472 _____ (Microsoft Corporation) C:\windows\system32\edgehtml.dll
2017-05-10 20:08 - 2017-04-28 02:06 - 00691712 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2017-05-10 20:08 - 2017-04-28 02:05 - 19414016 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2017-05-10 20:08 - 2017-04-28 02:05 - 01631232 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.Resources.dll
2017-05-10 20:08 - 2017-04-28 02:04 - 00119808 _____ (Microsoft Corporation) C:\windows\system32\UserDataTimeUtil.dll
2017-05-10 20:08 - 2017-04-28 02:03 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\UIRibbonRes.dll
2017-05-10 20:08 - 2017-04-28 02:03 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2017-05-10 20:08 - 2017-04-28 02:03 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\raspppoe.sys
2017-05-10 20:08 - 2017-04-28 02:03 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\odbcconf.dll
2017-05-10 20:08 - 2017-04-28 02:02 - 00115200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bridge.sys
2017-05-10 20:08 - 2017-04-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vwifimp.sys
2017-05-10 20:08 - 2017-04-28 02:01 - 00259072 _____ (Microsoft Corporation) C:\windows\system32\Family.SyncEngine.dll
2017-05-10 20:08 - 2017-04-28 02:01 - 00233472 _____ (Microsoft Corporation) C:\windows\system32\MusNotification.exe
2017-05-10 20:08 - 2017-04-28 02:01 - 00185344 _____ (Microsoft Corporation) C:\windows\system32\DisplayManager.dll
2017-05-10 20:08 - 2017-04-28 02:01 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\Family.Client.dll
2017-05-10 20:08 - 2017-04-28 02:01 - 00090624 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Printers.dll
2017-05-10 20:08 - 2017-04-28 02:00 - 12349440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2017-05-10 20:08 - 2017-04-28 02:00 - 00196096 _____ (Microsoft Corporation) C:\windows\system32\UserDeviceRegistration.dll
2017-05-10 20:08 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.WiFi.dll
2017-05-10 20:08 - 2017-04-28 02:00 - 00165376 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2017-05-10 20:08 - 2017-04-28 02:00 - 00101888 _____ (Microsoft Corporation) C:\windows\system32\UserDeviceRegistration.Ngc.dll
2017-05-10 20:08 - 2017-04-28 02:00 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\browserbroker.dll
2017-05-10 20:08 - 2017-04-28 01:59 - 12187136 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2017-05-10 20:08 - 2017-04-28 01:59 - 00635904 _____ (Microsoft Corporation) C:\windows\system32\FlightSettings.dll
2017-05-10 20:08 - 2017-04-28 01:59 - 00375296 _____ (Microsoft Corporation) C:\windows\system32\rastlsext.dll
2017-05-10 20:08 - 2017-04-28 01:59 - 00186368 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Radios.dll
2017-05-10 20:08 - 2017-04-28 01:59 - 00122880 _____ (Microsoft Corporation) C:\windows\system32\Windows.StateRepositoryClient.dll
2017-05-10 20:08 - 2017-04-28 01:58 - 00547840 _____ (Microsoft Corporation) C:\windows\system32\Windows.Gaming.Input.dll
2017-05-10 20:08 - 2017-04-28 01:58 - 00418304 _____ C:\windows\system32\Windows.Perception.Stub.dll
2017-05-10 20:08 - 2017-04-28 01:58 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.BlockedShutdown.dll
2017-05-10 20:08 - 2017-04-28 01:58 - 00360448 _____ (Microsoft Corporation) C:\windows\system32\rdpencom.dll
2017-05-10 20:08 - 2017-04-28 01:58 - 00289792 _____ (Microsoft Corporation) C:\windows\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-10 20:08 - 2017-04-28 01:58 - 00276992 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2017-05-10 20:08 - 2017-04-28 01:58 - 00231424 _____ (Microsoft Corporation) C:\windows\system32\shutdownux.dll
2017-05-10 20:08 - 2017-04-28 01:58 - 00211968 _____ (Microsoft Corporation) C:\windows\system32\InstallAgent.exe
2017-05-10 20:08 - 2017-04-28 01:58 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Lights.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 01507840 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.FaceAnalysis.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00651264 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.AllJoyn.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00568320 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.LowLevel.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00505856 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.WiFiDirect.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00502784 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00279552 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00268800 _____ (Microsoft Corporation) C:\windows\system32\UserMgrProxy.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\credprovhost.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00223744 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2017-05-10 20:08 - 2017-04-28 01:57 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Scanners.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00132096 _____ (Microsoft Corporation) C:\windows\system32\PrintWSDAHost.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00947712 _____ (Microsoft Corporation) C:\windows\system32\SystemSettings.Handlers.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00912384 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.SmartCards.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00748544 _____ (Microsoft Corporation) C:\windows\system32\StoreAgent.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00692224 _____ (Microsoft Corporation) C:\windows\system32\CellularAPI.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00691200 _____ (Microsoft Corporation) C:\windows\system32\ieproxy.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00590336 _____ (Microsoft Corporation) C:\windows\system32\efswrt.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00387584 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00379904 _____ (Microsoft Corporation) C:\windows\system32\apprepsync.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00324608 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00311296 _____ (Microsoft Corporation) C:\windows\system32\SyncSettings.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00293888 _____ (Microsoft Corporation) C:\windows\system32\updatehandlers.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00260608 _____ (Microsoft Corporation) C:\windows\system32\InstallAgentUserBroker.exe
2017-05-10 20:08 - 2017-04-28 01:56 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\AuthBroker.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00088576 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 06042624 _____ (Microsoft Corporation) C:\windows\SysWOW64\Chakra.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 02084352 _____ (Microsoft Corporation) C:\windows\system32\DeviceFlows.DataModel.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 00657920 _____ (Microsoft Corporation) C:\windows\system32\rasmans.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 00431616 _____ (Microsoft Corporation) C:\windows\system32\WpAXHolder.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 00407552 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.Management.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\oleacc.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Picker.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\PrintDialogs3D.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 00252416 _____ (Microsoft Corporation) C:\windows\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 00176128 _____ (Microsoft Corporation) C:\windows\system32\apprepapi.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 03664384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 02027008 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2017-05-10 20:08 - 2017-04-28 01:54 - 01509376 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 00949248 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.PointOfService.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 00472064 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.Bluetooth.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 00425984 _____ (Microsoft Corporation) C:\windows\system32\aadcloudap.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 00339456 _____ (Microsoft Corporation) C:\windows\system32\ConhostV2.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 00329728 _____ (Microsoft Corporation) C:\windows\system32\deviceaccess.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 00284160 _____ (Microsoft Corporation) C:\windows\system32\AboveLockAppHost.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\updatepolicy.dll
2017-05-10 20:08 - 2017-04-28 01:53 - 06288384 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.dll
2017-05-10 20:08 - 2017-04-28 01:53 - 03059200 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2017-05-10 20:08 - 2017-04-28 01:53 - 00671744 _____ (Microsoft Corporation) C:\windows\system32\mbsmsapi.dll
2017-05-10 20:08 - 2017-04-28 01:53 - 00579584 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-10 20:08 - 2017-04-28 01:53 - 00458752 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Enumeration.dll
2017-05-10 20:08 - 2017-04-28 01:53 - 00437248 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Usb.dll
2017-05-10 20:08 - 2017-04-28 01:51 - 02104320 _____ (Microsoft Corporation) C:\windows\system32\wlidsvc.dll
2017-05-10 20:08 - 2017-04-28 01:51 - 01913856 _____ (Microsoft Corporation) C:\windows\system32\wsp_fs.dll
2017-05-10 20:08 - 2017-04-28 01:51 - 01589760 _____ (Microsoft Corporation) C:\windows\system32\msdtctm.dll
2017-05-10 20:08 - 2017-04-28 01:51 - 01584128 _____ (Microsoft Corporation) C:\windows\system32\wsp_health.dll
2017-05-10 20:08 - 2017-04-28 01:51 - 00713216 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2017-05-10 20:08 - 2017-04-28 01:51 - 00458752 _____ (Microsoft Corporation) C:\windows\system32\RTMediaFrame.dll
2017-05-10 20:08 - 2017-04-28 01:51 - 00409600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2017-05-10 20:08 - 2017-04-28 01:51 - 00169984 _____ (Microsoft Corporation) C:\windows\system32\Windows.Energy.dll
2017-05-10 20:08 - 2017-04-28 01:50 - 03778048 _____ (Microsoft Corporation) C:\windows\system32\MFMediaEngine.dll
2017-05-10 20:08 - 2017-04-28 01:50 - 00329728 _____ (Microsoft Corporation) C:\windows\system32\fvecpl.dll
2017-05-10 20:08 - 2017-04-28 01:49 - 17198592 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2017-05-10 20:08 - 2017-04-28 01:49 - 01105408 _____ (Microsoft Corporation) C:\windows\system32\MiracastReceiver.dll
2017-05-10 20:08 - 2017-04-28 01:49 - 00864256 _____ (Microsoft Corporation) C:\windows\system32\wpnapps.dll
2017-05-10 20:08 - 2017-04-28 01:49 - 00442368 _____ (Microsoft Corporation) C:\windows\system32\PlayToDevice.dll
2017-05-10 20:08 - 2017-04-28 01:48 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dlnashext.dll
2017-05-10 20:08 - 2017-04-28 01:48 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\dialclient.dll
2017-05-10 20:08 - 2017-04-28 01:47 - 09131008 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2017-05-10 20:08 - 2017-04-28 01:47 - 03290112 _____ (Microsoft Corporation) C:\windows\system32\mispace.dll
2017-05-10 20:08 - 2017-04-28 01:47 - 01908224 _____ (Microsoft Corporation) C:\windows\system32\AzureSettingSyncProvider.dll
2017-05-10 20:08 - 2017-04-28 01:47 - 01790464 _____ (Microsoft Corporation) C:\windows\system32\LocationFramework.dll
2017-05-10 20:08 - 2017-04-28 01:47 - 01078784 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Streaming.dll
2017-05-10 20:08 - 2017-04-28 01:47 - 00942080 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2017-05-10 20:08 - 2017-04-28 01:47 - 00796672 _____ (Microsoft Corporation) C:\windows\system32\fvewiz.dll
2017-05-10 20:08 - 2017-04-28 01:47 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\SpaceControl.dll
2017-05-10 20:08 - 2017-04-28 01:46 - 02861056 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll
2017-05-10 20:08 - 2017-04-28 01:46 - 00279552 _____ (Microsoft Corporation) C:\windows\system32\PlayToReceiver.dll
2017-05-10 20:08 - 2017-04-28 01:46 - 00049664 _____ (Microsoft Corporation) C:\windows\system32\catsrvps.dll
2017-05-10 20:08 - 2017-04-28 01:45 - 23677440 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2017-05-10 20:08 - 2017-04-28 01:45 - 01217024 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Audio.dll
2017-05-10 20:08 - 2017-04-28 01:45 - 00946688 _____ (Microsoft Corporation) C:\windows\system32\wsp_sr.dll
2017-05-10 20:08 - 2017-04-28 01:45 - 00628736 _____ (Microsoft Corporation) C:\windows\system32\uReFS.dll
2017-05-10 20:08 - 2017-04-28 01:45 - 00411648 _____ (Microsoft Corporation) C:\windows\system32\SensorsApi.dll
2017-05-10 20:08 - 2017-04-28 01:45 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2017-05-10 20:08 - 2017-04-28 01:45 - 00167936 _____ (Microsoft Corporation) C:\windows\system32\ErrorDetails.dll
2017-05-10 20:08 - 2017-04-28 01:45 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\CameraCaptureUI.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 13091328 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 04749824 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_nt.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 01366016 _____ (Microsoft Corporation) C:\windows\system32\wpncore.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 01145344 _____ (Microsoft Corporation) C:\windows\system32\EmailApis.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 01010176 _____ (Microsoft Corporation) C:\windows\system32\enterprisecsps.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 00937984 _____ (Microsoft Corporation) C:\windows\system32\MCRecvSrc.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 00896512 _____ (Microsoft Corporation) C:\windows\system32\Windows.AccountsControl.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\GamePanel.exe
2017-05-10 20:08 - 2017-04-28 01:44 - 00583680 _____ (Microsoft Corporation) C:\windows\system32\PrintDialogs.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 00410112 _____ (Microsoft Corporation) C:\windows\system32\DevicesFlowBroker.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Devices.dll
2017-05-10 20:08 - 2017-04-28 01:43 - 01184256 _____ (Microsoft Corporation) C:\windows\system32\Unistore.dll
2017-05-10 20:08 - 2017-04-28 01:43 - 00646656 _____ (Microsoft Corporation) C:\windows\system32\wiaservc.dll
2017-05-10 20:08 - 2017-04-28 01:43 - 00634368 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2017-05-10 20:08 - 2017-04-28 01:43 - 00539136 _____ (Microsoft Corporation) C:\windows\system32\PlayToManager.dll
2017-05-10 20:08 - 2017-04-28 01:43 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\winspool.drv
2017-05-10 20:08 - 2017-04-28 01:43 - 00467968 _____ (Microsoft Corporation) C:\windows\system32\Geolocation.dll
2017-05-10 20:08 - 2017-04-28 01:43 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Midi.dll
2017-05-10 20:08 - 2017-04-28 01:43 - 00331264 _____ (Microsoft Corporation) C:\windows\system32\NgcCtnrSvc.dll
2017-05-10 20:08 - 2017-04-28 01:43 - 00320512 _____ (Microsoft Corporation) C:\windows\system32\thumbcache.dll
2017-05-10 20:08 - 2017-04-28 01:42 - 13441536 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2017-05-10 20:08 - 2017-04-28 01:42 - 08125440 _____ (Microsoft Corporation) C:\windows\system32\Chakra.dll
2017-05-10 20:08 - 2017-04-28 01:42 - 08076288 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2017-05-10 20:08 - 2017-04-28 01:42 - 02390016 _____ (Microsoft Corporation) C:\windows\system32\smartscreen.exe
2017-05-10 20:08 - 2017-04-28 01:42 - 01692160 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.onecore.dll
2017-05-10 20:08 - 2017-04-28 01:42 - 01021440 _____ (Microsoft Corporation) C:\windows\system32\usermgr.dll
2017-05-10 20:08 - 2017-04-28 01:42 - 00945664 _____ (Microsoft Corporation) C:\windows\system32\WpcWebFilter.dll
2017-05-10 20:08 - 2017-04-28 01:42 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-10 20:08 - 2017-04-28 01:41 - 01359872 _____ (Microsoft Corporation) C:\windows\system32\SharedStartModel.dll
2017-05-10 20:08 - 2017-04-28 01:41 - 00983040 _____ (Microsoft Corporation) C:\windows\system32\ngcsvc.dll
2017-05-10 20:08 - 2017-04-28 01:41 - 00860160 _____ (Microsoft Corporation) C:\windows\system32\mprddm.dll
2017-05-10 20:08 - 2017-04-28 01:41 - 00759296 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2017-05-10 20:08 - 2017-04-28 01:41 - 00650752 _____ (Microsoft Corporation) C:\windows\system32\RDXService.dll
2017-05-10 20:08 - 2017-04-28 01:41 - 00611328 _____ (Microsoft Corporation) C:\windows\system32\Windows.Graphics.Printing.dll
2017-05-10 20:08 - 2017-04-28 01:41 - 00591360 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2017-05-10 20:08 - 2017-04-28 01:41 - 00376832 _____ (Microsoft Corporation) C:\windows\system32\CryptoWinRT.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 04474368 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_47.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 02914816 _____ (Microsoft Corporation) C:\windows\system32\CertEnroll.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 02510848 _____ (Microsoft Corporation) C:\windows\system32\NetworkMobileSettings.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 02208768 _____ (Microsoft Corporation) C:\windows\system32\Windows.Graphics.Printing.3D.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 02096640 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2017-05-10 20:08 - 2017-04-28 01:40 - 01643008 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Speech.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 01586176 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 01040896 _____ (Microsoft Corporation) C:\windows\system32\NaturalLanguage6.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 00971264 _____ (Microsoft Corporation) C:\windows\system32\twinui.appcore.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 00913920 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.dll
2017-05-10 20:08 - 2017-04-28 01:39 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\MbaeApiPublic.dll
2017-05-10 20:08 - 2017-04-28 01:38 - 05611008 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2017-05-10 20:08 - 2017-04-28 01:38 - 01490432 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-05-10 20:08 - 2017-04-28 01:38 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\usercpl.dll
2017-05-10 20:08 - 2017-04-28 01:38 - 01275392 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Bluetooth.dll
2017-05-10 20:08 - 2017-04-28 01:38 - 00765440 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Sensors.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 04744192 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 04149248 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 03134976 _____ (Microsoft Corporation) C:\windows\system32\rdpcore.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 02895872 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 02316288 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 02286592 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 02216960 _____ (Microsoft Corporation) C:\windows\system32\OpcServices.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 01984000 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 01783296 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 01637888 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 00881664 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 00875520 _____ (Microsoft Corporation) C:\windows\system32\TokenBroker.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 03613184 _____ (Microsoft Corporation) C:\windows\system32\win32kfull.sys
2017-05-10 20:08 - 2017-04-28 01:36 - 02691072 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Logon.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 02478080 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 01844224 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 01513472 _____ (Microsoft Corporation) C:\windows\system32\win32kbase.sys
2017-05-10 20:08 - 2017-04-28 01:36 - 01328640 _____ (Microsoft Corporation) C:\windows\system32\Windows.Web.Http.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 01131008 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 00774656 _____ (Microsoft Corporation) C:\windows\system32\Windows.Web.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 00735744 _____ (Microsoft Corporation) C:\windows\system32\LogonController.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 00716800 _____ (Microsoft Corporation) C:\windows\system32\ShareHost.dll
2017-05-10 20:08 - 2017-04-28 01:35 - 03299840 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2017-05-10 20:08 - 2017-04-28 01:35 - 01121280 _____ (Microsoft Corporation) C:\windows\system32\aadtb.dll
2017-05-10 20:08 - 2017-04-28 01:35 - 00924672 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-10 20:08 - 2017-04-28 01:34 - 00999424 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2017-05-10 20:08 - 2017-04-28 01:34 - 00439296 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2017-05-10 20:08 - 2017-04-28 01:34 - 00394240 _____ (Microsoft Corporation) C:\windows\system32\rdpclip.exe
2017-05-10 20:08 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\windows\system32\LicenseManager.dll
2017-05-10 20:08 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2017-05-10 20:08 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\windows\system32\indexeddbserver.dll
2017-05-10 20:08 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\windows\system32\AppContracts.dll
2017-05-10 20:08 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Editing.dll
2017-05-10 20:08 - 2016-12-21 09:09 - 00368640 _____ (Microsoft Corporation) C:\windows\system32\OneBackupHandler.dll
2017-05-10 20:07 - 2017-04-28 02:56 - 01117024 _____ (Microsoft Corporation) C:\windows\system32\ReAgent.dll
2017-05-10 20:07 - 2017-04-28 02:49 - 00700936 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2017-05-10 20:07 - 2017-04-28 02:47 - 00699744 _____ (Microsoft Corporation) C:\windows\system32\wimgapi.dll
2017-05-10 20:07 - 2017-04-28 02:47 - 00501088 _____ (Microsoft Corporation) C:\windows\system32\spwizeng.dll
2017-05-10 20:07 - 2017-04-28 02:44 - 00062816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fsdepends.sys
2017-05-10 20:07 - 2017-04-28 02:42 - 00526176 _____ (Microsoft Corporation) C:\windows\system32\wimserv.exe
2017-05-10 20:07 - 2017-04-28 02:30 - 00322912 _____ (Microsoft Corporation) C:\windows\system32\input.dll
2017-05-10 20:07 - 2017-04-28 02:28 - 00455520 _____ (Microsoft Corporation) C:\windows\system32\securekernel.exe
2017-05-10 20:07 - 2017-04-28 02:03 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\BthTelemetry.dll
2017-05-10 20:07 - 2017-04-28 02:02 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2017-05-10 20:07 - 2017-04-28 02:01 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_ClosedCaptioning.dll
2017-05-10 20:07 - 2017-04-28 02:01 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\virtdisk.dll
2017-05-10 20:07 - 2017-04-28 02:00 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\Windows.System.Profile.RetailInfo.dll
2017-05-10 20:07 - 2017-04-28 02:00 - 00120832 _____ (Microsoft Corporation) C:\windows\system32\BluetoothApis.dll
2017-05-10 20:07 - 2017-04-28 02:00 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\Windows.StateRepositoryBroker.dll
2017-05-10 20:07 - 2017-04-28 01:59 - 00567296 _____ (Microsoft Corporation) C:\windows\system32\DevicePairing.dll
2017-05-10 20:07 - 2017-04-28 01:59 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2017-05-10 20:07 - 2017-04-28 01:58 - 00150016 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.AppDefaults.dll
2017-05-10 20:07 - 2017-04-28 01:58 - 00130560 _____ (Microsoft Corporation) C:\windows\system32\ConsentUX.dll
2017-05-10 20:07 - 2017-04-28 01:57 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\dafBth.dll
2017-05-10 20:07 - 2017-04-28 01:57 - 00157184 _____ (Microsoft Corporation) C:\windows\system32\bthserv.dll
2017-05-10 20:07 - 2017-04-28 01:56 - 00267264 _____ (Microsoft Corporation) C:\windows\system32\vaultcli.dll
2017-05-10 20:07 - 2017-04-28 01:55 - 00231424 _____ (Microsoft Corporation) C:\windows\system32\bthprops.cpl
2017-05-10 20:07 - 2017-04-28 01:50 - 01476608 _____ (Microsoft Corporation) C:\windows\system32\RecoveryDrive.exe
2017-05-10 20:07 - 2017-04-28 01:50 - 00380416 _____ (Microsoft Corporation) C:\windows\system32\LocationApi.dll
2017-05-10 20:07 - 2017-04-28 01:50 - 00338944 _____ (Microsoft Corporation) C:\windows\system32\adsnt.dll
2017-05-10 20:07 - 2017-04-28 01:48 - 00337920 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2017-05-10 20:07 - 2017-04-28 01:47 - 00649216 _____ (Microsoft Corporation) C:\windows\system32\vds.exe
2017-05-10 20:07 - 2017-04-28 01:46 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\wbengine.exe
2017-05-10 20:07 - 2017-04-28 01:46 - 01443328 _____ (Microsoft Corporation) C:\windows\system32\VSSVC.exe
2017-05-10 20:07 - 2017-04-28 01:46 - 00501248 _____ (Microsoft Corporation) C:\windows\system32\imapi2.dll
2017-05-10 20:07 - 2017-04-28 01:46 - 00374784 _____ (Microsoft Corporation) C:\windows\system32\resutils.dll
2017-05-10 20:07 - 2017-04-28 01:45 - 00130560 _____ (Microsoft Corporation) C:\windows\system32\SpaceAgent.exe
2017-05-10 20:07 - 2017-04-28 01:43 - 00600576 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2017-05-10 20:07 - 2017-04-28 01:43 - 00560128 _____ (Microsoft Corporation) C:\windows\system32\AppReadiness.dll
2017-05-10 20:07 - 2017-04-28 01:41 - 00890368 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2017-05-10 20:07 - 2017-04-28 01:41 - 00828416 _____ (Microsoft Corporation) C:\windows\system32\appwiz.cpl
2017-05-10 20:07 - 2017-04-28 01:40 - 00886784 _____ (Microsoft Corporation) C:\windows\system32\CPFilters.dll
2017-05-10 20:07 - 2017-04-28 01:40 - 00770560 _____ (Microsoft Corporation) C:\windows\system32\bisrv.dll
2017-05-10 20:07 - 2017-04-28 01:39 - 00673792 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2017-05-10 20:07 - 2017-04-28 01:34 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\spaceman.exe
2017-05-10 20:07 - 2017-04-28 01:33 - 01817088 _____ (Microsoft Corporation) C:\windows\system32\ResetEngine.dll
2017-05-08 06:36 - 2017-05-08 06:36 - 00001213 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-05-06 09:06 - 2017-05-06 09:06 - 00380724 _____ C:\windows\Minidump\050617-7000-01.dmp
2017-04-30 22:56 - 2017-05-13 21:32 - 00001753 _____ C:\Users\Floh\Desktop\Neues Textdokument.txt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-28 08:13 - 2016-12-30 15:10 - 00000000 ____D C:\Users\Floh\AppData\LocalLow\Mozilla
2017-05-28 08:10 - 2016-08-10 16:29 - 01844230 _____ C:\windows\system32\perfh007.dat
2017-05-28 08:10 - 2016-08-10 16:29 - 00621658 _____ C:\windows\system32\perfc007.dat
2017-05-28 08:10 - 2016-08-10 11:57 - 04481562 _____ C:\windows\system32\PerfStringBackup.INI
2017-05-28 08:07 - 2016-07-16 13:47 - 00000000 ____D C:\windows\AppReadiness
2017-05-28 08:04 - 2017-01-23 19:13 - 00000000 ____D C:\Users\Public\Documents\phase6_18_Daten
2017-05-28 08:04 - 2016-08-10 11:49 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-05-28 08:03 - 2016-08-12 13:27 - 00065536 _____ C:\windows\system32\spu_storage.bin
2017-05-28 08:03 - 2016-07-16 08:04 - 00524288 _____ C:\windows\system32\config\BBI
2017-05-28 07:55 - 2016-12-18 16:58 - 00000000 ____D C:\Users\Floh
2017-05-28 07:42 - 2016-12-30 20:26 - 00000000 ____D C:\Users\Floh\AppData\Local\Warframe
2017-05-27 21:38 - 2016-08-10 11:49 - 00000000 ____D C:\windows\system32\SleepStudy
2017-05-27 11:07 - 2016-12-18 16:59 - 00000000 ____D C:\Users\Floh\AppData\Local\Packages
2017-05-27 11:06 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-26 08:02 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-26 08:01 - 2016-08-11 11:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-25 18:32 - 2016-07-16 13:45 - 00000000 ____D C:\windows\INF
2017-05-24 20:26 - 2016-07-16 13:47 - 00000000 ____D C:\windows\system32\appraiser
2017-05-24 20:26 - 2016-07-16 13:36 - 00000000 ____D C:\windows\CbsTemp
2017-05-24 08:04 - 2016-08-11 14:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-23 20:13 - 2016-12-31 13:39 - 00000000 ____D C:\windows\system32\MRT
2017-05-23 20:12 - 2016-12-31 13:39 - 132223576 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-05-22 17:13 - 2016-12-30 15:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-22 17:13 - 2016-12-30 15:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-17 15:25 - 2017-03-06 18:26 - 00000000 ____D C:\ProgramData\AMD
2017-05-17 15:25 - 2017-03-01 09:15 - 00000000 ____D C:\Program Files\AMD
2017-05-17 15:25 - 2016-12-30 15:16 - 00000000 ____D C:\AMD
2017-05-16 18:06 - 2017-01-25 02:29 - 01516416 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atiadlxx.dll
2017-05-16 18:06 - 2017-01-25 02:29 - 00777088 _____ (AMD) C:\windows\system32\atieclxx.exe
2017-05-16 18:06 - 2017-01-25 02:29 - 00551808 _____ (AMD) C:\windows\system32\atiesrxx.exe
2017-05-16 18:06 - 2017-01-25 02:29 - 00278400 _____ C:\windows\system32\clinfo.exe
2017-05-16 18:06 - 2017-01-25 02:29 - 00029048 _____ (Microsoft Corporation) C:\windows\SysWOW64\detoured.dll
2017-05-16 18:06 - 2016-08-11 12:50 - 00365440 _____ C:\windows\SysWOW64\GameManager32.dll
2017-05-16 18:06 - 2016-08-11 12:50 - 00276352 _____ C:\windows\system32\hsa-thunk64.dll
2017-05-16 18:06 - 2016-08-11 12:50 - 00191360 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\mantle64.dll
2017-05-16 18:06 - 2016-08-11 12:50 - 00169856 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\mantleaxl64.dll
2017-05-16 18:06 - 2016-08-11 12:50 - 00150912 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\mantle32.dll
2017-05-16 18:06 - 2016-08-11 12:50 - 00135040 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\mantleaxl32.dll
2017-05-14 22:13 - 2017-01-22 14:50 - 858491974 _____ C:\windows\MEMORY.DMP
2017-05-14 22:13 - 2017-01-22 14:50 - 00000000 ____D C:\windows\Minidump
2017-05-13 18:24 - 2016-07-16 13:47 - 00000000 ____D C:\windows\rescache
2017-05-13 15:22 - 2017-01-03 13:20 - 00000000 ____D C:\Users\Floh\AppData\Local\Adobe
2017-05-13 15:22 - 2016-07-16 13:47 - 00000000 ____D C:\windows\SysWOW64\Macromed
2017-05-13 15:22 - 2016-07-16 13:47 - 00000000 ____D C:\windows\system32\Macromed
2017-05-11 07:13 - 2016-08-10 11:52 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-11 07:07 - 2016-08-10 11:49 - 00358496 _____ C:\windows\system32\FNTCACHE.DAT
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ___SD C:\windows\SysWOW64\F12
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ___SD C:\windows\system32\F12
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ___RD C:\windows\ImmersiveControlPanel
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ____D C:\windows\system32\SystemResetPlatform
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ____D C:\windows\system32\oobe
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ____D C:\windows\ShellExperiences
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ____D C:\windows\Provisioning
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ____D C:\windows\PolicyDefinitions
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-10 22:37 - 2016-07-16 08:04 - 00000000 ____D C:\windows\SysWOW64\Dism
2017-05-10 19:50 - 2016-07-16 13:42 - 00073728 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll
2017-05-08 06:36 - 2016-12-30 15:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-05-08 06:35 - 2016-08-11 14:14 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-05 22:39 - 2016-12-30 17:10 - 00000000 ____D C:\Users\Floh\AppData\Roaming\Origin
2017-05-05 22:39 - 2016-12-30 17:06 - 00000000 ____D C:\ProgramData\Origin
2017-04-29 02:59 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2017-04-29 02:59 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-28 03:01 - 2016-08-10 11:54 - 02717184 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-12-18 16:59 - 2017-05-28 08:04 - 16220161 _____ () C:\Users\Floh\AppData\Local\BTServer.log
2016-08-11 14:32 - 2016-08-11 14:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
2017-03-01 09:09 - 2017-03-01 09:09 - 1177480 _____ () C:\Users\Floh\AppData\Local\Temp\AMDCleanupUtility.exe
2017-03-01 09:09 - 2017-03-01 09:09 - 0250248 _____ () C:\Users\Floh\AppData\Local\Temp\Cleanup.dll
2017-03-01 09:09 - 2017-03-01 09:09 - 0065536 _____ (Windows (R) Server 2003 DDK provider) C:\Users\Floh\AppData\Local\Temp\ddu.exe
2017-01-23 19:13 - 2017-05-16 15:34 - 0196608 _____ (Sony DADC Austria AG) C:\Users\Floh\AppData\Local\Temp\drm_dyndata_7260005.dll
2017-03-01 09:09 - 2017-03-01 09:09 - 0516096 _____ (Microsoft Corporation) C:\Users\Floh\AppData\Local\Temp\msvcm80.dll
2017-03-01 09:09 - 2017-03-01 09:09 - 1061376 _____ (Microsoft Corporation) C:\Users\Floh\AppData\Local\Temp\msvcp80.dll
2017-03-01 09:09 - 2017-03-01 09:09 - 0796672 _____ (Microsoft Corporation) C:\Users\Floh\AppData\Local\Temp\msvcr80.dll
2017-01-21 20:54 - 2017-01-21 20:54 - 6441176 _____ (Black Tree Gaming                                           ) C:\Users\Floh\AppData\Local\Temp\Nexus Mod Manager-0.63.13.exe
2016-12-30 15:09 - 2016-12-30 15:10 - 54267784 _____ (SweetLabs,Inc.) C:\Users\Floh\AppData\Local\Temp\octE9AB.tmp.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-18 19:34

==================== Ende von FRST.txt ============================

Rakdos · 28.05.2017, 07:15

Jetzt Addition

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-05-2017
durchgeführt von Floh (28-05-2017 08:13:53)
Gestartet von C:\Users\Floh\Desktop
Windows 10 Home Version 1607 (X64) (2016-12-18 14:51:20)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-638367787-3787977131-1498176509-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-638367787-3787977131-1498176509-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-638367787-3787977131-1498176509-1000 - Limited - Disabled) => C:\Users\defaultuser0
Floh (S-1-5-21-638367787-3787977131-1498176509-1001 - Administrator - Enabled) => C:\Users\Floh
Gast (S-1-5-21-638367787-3787977131-1498176509-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
Antichamber (HKLM\...\Steam App 219890) (Version:  - Alexander Bruce)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.26.48 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{0b46d918-af4f-4612-8076-5c0ae67cb2aa}) (Version: 1.2.81.41506 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{897e4d08-9554-48e9-ba07-ce6040867fa3}) (Version: 1.2.83.46341 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.83.46341 - Avira Operations GmbH & Co. KG) Hidden
Battlefleet Gothic: Armada (HKLM\...\Steam App 363680) (Version:  - Tindalos Interactive)
Binary Domain (HKLM\...\Steam App 203750) (Version:  - Devil's Details)
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.4118.0 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.5115 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.5115 - CyberLink Corp.) Hidden
Dishonored (HKLM\...\Steam App 205100) (Version:  - Arkane Studios)
FTL: Faster Than Light (HKLM\...\Steam App 212680) (Version:  - Subset Games)
Galactic Civilizations I: Ultimate Edition (HKLM\...\Steam App 214150) (Version:  - Stardock Entertainment)
Grey Goo (HKLM\...\Steam App 290790) (Version:  - Petroglyph)
Homeworld Remastered Collection (HKLM\...\Steam App 244160) (Version:  - Gearbox Software)
Hotline Miami (HKLM\...\Steam App 219150) (Version:  - Dennaton Games)
Hotline Miami 2: Wrong Number (HKLM\...\Steam App 274170) (Version:  - Dennaton Games)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1159 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Life App Explorer (HKU\S-1-5-21-638367787-3787977131-1498176509-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080821097\...\Host App Service) (Version: 0.272.1.252 - SweetLabs)
Life App Explorer (HKU\S-1-5-21-638367787-3787977131-1498176509-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080906220\...\Host App Service) (Version: 0.272.1.252 - SweetLabs)
LIMBO (HKLM\...\Steam App 48000) (Version:  - Playdead)
LISA (HKLM\...\Steam App 335670) (Version:  - Dingaling)
LUFTRAUSERS (HKLM\...\Steam App 233150) (Version:  - Vlambeer)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
Metro 2033 (HKLM\...\Steam App 43110) (Version:  - 4A Games)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8067.2115 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-638367787-3787977131-1498176509-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-638367787-3787977131-1498176509-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080821121\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-638367787-3787977131-1498176509-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080906243\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 53.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 de)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.13 - Black Tree Gaming)
NOT A HERO (HKLM\...\Steam App 274270) (Version:  - Roll7)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7967.2073 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.9.38188 - Electronic Arts, Inc.)
phase6_18 (HKLM-x32\...\{20C3DEAF-801D-4C3E-9826-E62EE16DB7AB}) (Version: 1.80.0000 - phase6)
Prey (HKLM\...\Steam App 3970) (Version:  - Humanhead Studios)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.876.867.092115 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7564 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{B63CCD1C-A133-4DF8-8306-DA0387231152}) (Version: 1.00.0282 - REALTEK Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Skyrim Script Extender (SKSE) (HKLM\...\Steam App 365720) (Version:  - The SKSE Team)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sunless Sea (HKLM\...\Steam App 304650) (Version:  - Failbetter Games)
SUPERHOT (HKLM\...\Steam App 322500) (Version:  - SUPERHOT Team)
SupportAPP (HKLM\...\{0000A0AB-3A12-1EF4-A21C-9ADE1843AB04}) (Version: 1.1 - )
The Binding of Isaac (HKLM\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
This War of Mine (HKLM\...\Steam App 282070) (Version:  - 11 bit studios)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Valkyria Chronicles™ (HKLM\...\Steam App 294860) (Version:  - SEGA)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Warframe (HKLM\...\Steam App 230410) (Version:  - Digital Extremes)
Warhammer 40,000 Space Marine (HKLM\...\Steam App 55150) (Version:  - Relic)
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM\...\Steam App 20570) (Version:  - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM\...\Steam App 56400) (Version:  - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II (HKLM\...\Steam App 15620) (Version:  - Relic Entertainment)
XCOM: Enemy Unknown (HKLM\...\Steam App 200510) (Version:  - Firaxis Games)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {08665561-B73E-4DDE-B9E0-23B2F0F15EC6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {44454128-0EF9-421B-B0C2-F72969E18B9F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
Task: {629FC0E5-C039-4AFB-81A9-F344EE3FFF15} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-26] (Microsoft Corporation)
Task: {B0E03B1B-FD11-490D-BD08-D239308BD306} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {BD566748-CA6B-483B-8564-70DC1ADCDAA8} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [2016-01-08] (CyberLink Corp.)
Task: {BFBAD1DB-C5BA-4395-986E-275496DD9464} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-26] (Microsoft Corporation)
Task: {CF79F64E-8521-4785-844E-5FE4DEB30284} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {FE4C5C63-5759-49BD-B58D-488E475FE7D9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-26] (Microsoft Corporation)
Task: {FF2A155C-9513-47AE-9058-21F37DF00BAB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\windows\SYSTEM32\ism32k.dll
2017-05-10 20:08 - 2017-04-28 02:49 - 02681200 _____ () C:\windows\system32\CoreUIComponents.dll
2016-08-11 15:25 - 2015-07-20 21:19 - 00121560 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2015-05-19 11:11 - 2015-05-19 11:11 - 00007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2016-08-11 15:55 - 2014-04-14 20:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-08-11 15:21 - 2014-12-12 19:24 - 00044760 _____ () C:\Windows\runSW.exe
2017-05-10 20:08 - 2017-04-28 02:49 - 02681200 _____ () C:\windows\SYSTEM32\CoreUIComponents.dll
2016-12-31 13:36 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 18:59 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 19:00 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 19:00 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 19:00 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-08-11 15:25 - 2014-07-03 11:22 - 00277720 _____ () C:\Program Files (x86)\Realtek\Realtek Bluetooth\SkypePlugin.exe
2017-05-26 07:58 - 2017-05-26 07:58 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-26 07:58 - 2017-05-26 07:58 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-26 07:58 - 2017-05-26 07:58 - 43202048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-26 07:58 - 2017-05-26 07:58 - 02442752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\skypert.dll
2017-05-28 08:07 - 2017-05-09 16:38 - 02270672 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-05-05 18:54 - 2017-05-05 18:54 - 02493440 _____ () D:\Origin\libGLESv2.dll
2017-03-23 14:32 - 2017-03-10 02:13 - 00674592 _____ () D:\Steam\SDL2.dll
2016-12-30 16:50 - 2016-09-01 03:02 - 04969248 _____ () D:\Steam\v8.dll
2017-04-27 13:05 - 2017-04-26 01:55 - 02465056 _____ () D:\Steam\video.dll
2016-12-30 16:50 - 2016-09-01 03:02 - 01563936 _____ () D:\Steam\icui18n.dll
2016-12-30 16:50 - 2016-09-01 03:02 - 01195296 _____ () D:\Steam\icuuc.dll
2016-12-30 16:50 - 2016-01-27 09:49 - 02549760 _____ () D:\Steam\libavcodec-56.dll
2016-12-30 16:50 - 2016-01-27 09:49 - 00491008 _____ () D:\Steam\libavformat-56.dll
2016-12-30 16:50 - 2016-01-27 09:49 - 00332800 _____ () D:\Steam\libavresample-2.dll
2016-12-30 16:50 - 2016-01-27 09:49 - 00442880 _____ () D:\Steam\libavutil-54.dll
2016-12-30 16:50 - 2016-01-27 09:49 - 00485888 _____ () D:\Steam\libswscale-3.dll
2017-04-27 13:05 - 2017-04-26 01:55 - 00848672 _____ () D:\Steam\bin\chromehtml.DLL
2016-12-30 16:50 - 2016-07-05 00:17 - 00266560 _____ () D:\Steam\openvr_api.dll
2016-08-11 15:54 - 2014-12-08 09:28 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2014-12-08 17:28 - 2014-12-08 17:28 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2017-03-10 08:29 - 2017-01-30 23:41 - 68875552 _____ () D:\Steam\bin\cef\cef.win7\libcef.dll
2017-04-27 13:05 - 2017-04-26 01:55 - 00383776 _____ () D:\Steam\steam.dll
2015-07-22 02:18 - 2015-07-22 02:18 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-638367787-3787977131-1498176509-1001\...\sharepoint.com -> hxxps://kettelerkolleg-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-638367787-3787977131-1498176509-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080821121\...\sharepoint.com -> hxxps://kettelerkolleg-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-638367787-3787977131-1498176509-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080906243\...\sharepoint.com -> hxxps://kettelerkolleg-files.sharepoint.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 13:47 - 2016-07-16 13:45 - 00000824 _____ C:\windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080821068\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080906184\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080821082\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080906205\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-638367787-3787977131-1498176509-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080821097\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-638367787-3787977131-1498176509-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080906220\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-638367787-3787977131-1498176509-1001\Control Panel\Desktop\\Wallpaper -> I:\General\Scenery\All+right+i+ll+give+you+this+instead+_40f57feac904ddf8eff0fa6b078fda87.jpg
HKU\S-1-5-21-638367787-3787977131-1498176509-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080821121\Control Panel\Desktop\\Wallpaper -> I:\General\Scenery\All+right+i+ll+give+you+this+instead+_40f57feac904ddf8eff0fa6b078fda87.jpg
HKU\S-1-5-21-638367787-3787977131-1498176509-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080906243\Control Panel\Desktop\\Wallpaper -> I:\General\Scenery\All+right+i+ll+give+you+this+instead+_40f57feac904ddf8eff0fa6b078fda87.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{9EC93779-6D43-4ED7-A1D6-848A6D876D1E}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{90A222DB-3083-4110-BA58-0F782AC4678F}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{00DE5B64-48AF-491D-841F-9B7EA716F71C}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D2127402-3B54-47AC-B955-6BC54F479BAF}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/28/2017 08:10:27 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\cyberlink\photodirector6\kernel\ces\CES_CacheAgent.exe.Manifest".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/28/2017 08:10:27 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\cyberlink\photodirector6\kernel\ces\CES_AudioCacheAgent.exe.Manifest".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/28/2017 08:08:17 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (05/28/2017 07:04:03 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\cyberlink\photodirector6\kernel\ces\CES_CacheAgent.exe.Manifest".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/28/2017 07:04:03 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\cyberlink\photodirector6\kernel\ces\CES_AudioCacheAgent.exe.Manifest".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/28/2017 07:03:19 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (05/27/2017 10:21:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: consent.exe, Version: 10.0.14393.0, Zeitstempel: 0x57899acd
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.14393.1198, Zeitstempel: 0x5902836c
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000006d5eab
ID des fehlerhaften Prozesses: 0x122c
Startzeit der fehlerhaften Anwendung: 0x01d2d6c231a6649e
Pfad der fehlerhaften Anwendung: C:\windows\system32\consent.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\Windows.UI.Xaml.dll
Berichtskennung: 860b8c42-2b09-4da5-adec-cdfb3729e3cb
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/27/2017 07:16:25 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\cyberlink\photodirector6\kernel\ces\CES_CacheAgent.exe.Manifest".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/27/2017 07:16:25 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\cyberlink\photodirector6\kernel\ces\CES_AudioCacheAgent.exe.Manifest".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/27/2017 07:14:59 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.


Systemfehler:
=============
Error: (05/28/2017 08:06:50 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/28/2017 08:04:25 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/28/2017 08:04:25 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/28/2017 08:03:41 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/28/2017 08:03:36 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (05/28/2017 08:03:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/28/2017 08:03:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office Click-to-Run Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/28/2017 08:03:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SAMSUNG Mobile Connectivity Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/28/2017 08:03:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD External Events Utility" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/28/2017 08:03:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Security Assist" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-6402P CPU @ 2.80GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 8146.64 MB
Verfügbarer physikalischer RAM: 5682.04 MB
Summe virtueller Speicher: 9426.64 MB
Verfügbarer virtueller Speicher: 6483.11 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:117.64 GB) (Free:76.53 GB) NTFS
Drive d: (Data) (Fixed) (Total:871.51 GB) (Free:665.87 GB) NTFS
Drive e: (Recover) (Fixed) (Total:60 GB) (Free:42.47 GB) NTFS
Drive g: (PHASE_6_18) (CDROM) (Total:0.18 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8ABE4A17)

Partition: GPT.

========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: 8ABE4A28)

Partition: GPT.

==================== Ende von Addition.txt ============================

Und das waren alle Schritte.

M-K-D-B · 28.05.2017, 13:03

Servus,

wir entfernen noch ein bisschen was und kontrollieren nochmal alles.

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 1

Kopiere den Inhalt der folgenden Code-Box:

Code:

ATTFilter

Start::
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
End::

Starte nun FRST und klicke den Entfernen Button.
Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Schritt 2
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 3

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 4

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von HitmanPro,
die Logdatei von ESET,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

Rakdos · 28.05.2017, 19:49

Schritt 1

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-05-2017
durchgeführt von Floh (28-05-2017 19:47:49) Run:1
Gestartet von C:\Users\Floh\Desktop
Geladene Profile: Floh &  (Verfügbare Profile: defaultuser0 & Floh)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************

CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:

*****************

Prozesse erfolgreich geschlossen.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-638367787-3787977131-1498176509-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080821097\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-638367787-3787977131-1498176509-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080821097\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-638367787-3787977131-1498176509-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080906220\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-638367787-3787977131-1498176509-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080906220\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-638367787-3787977131-1498176509-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-638367787-3787977131-1498176509-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-638367787-3787977131-1498176509-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080821121\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-638367787-3787977131-1498176509-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080821121\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-638367787-3787977131-1498176509-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080906243\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-638367787-3787977131-1498176509-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05282017080906243\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 2473878294 B
Java, Flash, Steam htmlcache => 89293656 B
Windows/system/drivers => 67330228 B
Edge => 1638216 B
Chrome => 0 B
Firefox => 401750880 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 25276 B
NetworkService => 5834 B
defaultuser0 => 284717 B
Floh => 673944047 B

RecycleBin => 754432877 B
EmptyTemp: => 4.2 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 19:50:06 ====

Schritt 2

Code:

ATTFilter

HitmanPro 3.7.20.286
www.hitmanpro.com

   Computer name . . . . : DESKTOP-TSI6RU0
   Windows . . . . . . . : 10.0.0.14393.X64/4
   User name . . . . . . : DESKTOP-TSI6RU0\Floh
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2017-05-28 19:54:37
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 20s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 4
   Traces  . . . . . . . : 11

   Objects scanned . . . : 1.612.690
   Files scanned . . . . : 24.641
   Remnants scanned  . . : 272.072 files / 1.315.977 keys

Malware _____________________________________________________________________

   C:\AdwCleaner\quarantine\files\zubekrqjqnmtadjduciukvfdmimwrtrr\dmr_72.exe
      Size . . . . . . . : 531.464 bytes
      Age  . . . . . . . : 0.5 days (2017-05-28 08:03:12)
      Entropy  . . . . . : 6.7
      SHA-256  . . . . . : E8C94324346A70C2AE8D2320816BBC579578B443AF0F80ABBA75865892F15974
      Needs elevation  . : Yes
      Product  . . . . . : CHIP Secured Installer
      Publisher  . . . . : Chip Digital GmbH
      Description  . . . : CHIP Secured Installer
      Version  . . . . . : 2.1.4.4
      RSA Key Size . . . : 2048
      LanguageID . . . . : 0
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Downloader.MSIL.DownloadSponsor.gen
      Fuzzy  . . . . . . : 95.0

   C:\AdwCleaner\quarantine\files\zubekrqjqnmtadjduciukvfdmimwrtrr\dmr_87.exe
      Size . . . . . . . : 531.464 bytes
      Age  . . . . . . . : 0.5 days (2017-05-28 08:03:12)
      Entropy  . . . . . : 6.7
      SHA-256  . . . . . : E8C94324346A70C2AE8D2320816BBC579578B443AF0F80ABBA75865892F15974
      Needs elevation  . : Yes
      Product  . . . . . : CHIP Secured Installer
      Publisher  . . . . : Chip Digital GmbH
      Description  . . . : CHIP Secured Installer
      Version  . . . . . : 2.1.4.4
      RSA Key Size . . . : 2048
      LanguageID . . . . : 0
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Downloader.MSIL.DownloadSponsor.gen
      Fuzzy  . . . . . . : 95.0

   C:\Users\Floh\AppData\Local\PunkBuster\BC2\pb\pbclold.dll
      Size . . . . . . . : 891.962 bytes
      Age  . . . . . . . : 144.1 days (2017-01-04 17:00:27)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : A324BDA2B890227F72D9F12323AD3FF51582CE312286C296F6558BD3F3927616
    > HitmanPro  . . . . : App/Punkbust-B
      Fuzzy  . . . . . . : 129.0

   C:\Users\Floh\Documents\BFBC2\pb\pbcl.dll
      Size . . . . . . . : 891.962 bytes
      Age  . . . . . . . : 144.1 days (2017-01-04 17:00:27)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : A324BDA2B890227F72D9F12323AD3FF51582CE312286C296F6558BD3F3927616
    > HitmanPro  . . . . : App/Punkbust-B
      Fuzzy  . . . . . . : 129.0


Suspicious files ____________________________________________________________

   C:\$RECYCLE.BIN\S-1-5-21-638367787-3787977131-1498176509-1001\$R7V5KGT\FRST64.exe
      Size . . . . . . . : 2.429.952 bytes
      Age  . . . . . . . : 1.3 days (2017-05-27 13:06:54)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 2B4DE3E0A23A0E4A8C83875C0BA9A3FDC4B332D90777DC0D9624DB4876BCD630
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

   C:\Users\Floh\AppData\Local\PunkBuster\BC2\pb\dll\wc002305.dll
      Size . . . . . . . : 962.185 bytes
      Age  . . . . . . . : 143.2 days (2017-01-05 15:29:38)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : C8E59E65AE451CE761E7C48F8BA802CD17513057DEA65A4D4B4F6001153FD414
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Floh\AppData\Local\PunkBuster\BC2\pb\pbcl.dll
      Size . . . . . . . : 962.185 bytes
      Age  . . . . . . . : 143.2 days (2017-01-05 15:29:38)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : C8E59E65AE451CE761E7C48F8BA802CD17513057DEA65A4D4B4F6001153FD414
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Floh\AppData\Local\PunkBuster\BC2\pb\PnkBstrK.sys
      Size . . . . . . . : 139.048 bytes
      Age  . . . . . . . : 144.1 days (2017-01-04 17:00:39)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : A935B2B22381F56ED9F78AF35FE20333F974CB4CB1257763434B7667DE17AD57
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Floh\AppData\Local\PunkBuster\FC3\pb\pbcl.dll
      Size . . . . . . . : 953.886 bytes
      Age  . . . . . . . : 119.0 days (2017-01-29 19:56:35)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 6D5E2CD4A7A43EB00B600BA783AD3BEE6B817C030A40600D40367173A6ECEB13
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Floh\AppData\Local\PunkBuster\FC3\pb\PnkBstrK.sys
      Size . . . . . . . : 138.032 bytes
      Age  . . . . . . . : 119.0 days (2017-01-29 19:56:45)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : ABAF3FACF01E10E4C685F79C3B9E5D2118B3CF8629C4277EBE035B2A10474148
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Floh\Desktop\FRST64.exe
      Size . . . . . . . : 2.429.952 bytes
      Age  . . . . . . . : 0.0 days (2017-05-28 19:47:00)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : A9AB096139FAB40B819EA9FAD0D325C808A0C7DAB9FBAC6D6E00BB781C85F562
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -0.5s C:\Users\Floh\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2
         -0.5s C:\Users\Floh\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2
         -0.3s C:\Users\Floh\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F
         -0.3s C:\Users\Floh\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F
          0.0s C:\Users\Floh\Desktop\FRST64.exe

Schritt 3

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=2834b2e81914db40a6280c87311d801d
# end=init
# utc_time=2017-05-28 05:57:42
# local_time=2017-05-28 07:57:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 33535
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=2834b2e81914db40a6280c87311d801d
# end=updated
# utc_time=2017-05-28 06:01:21
# local_time=2017-05-28 08:01:21 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=2834b2e81914db40a6280c87311d801d
# engine=33535
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-05-28 06:45:09
# local_time=2017-05-28 08:45:09 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 96 13407 14964234 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 1548486 27327723 0 0
# scanned=280093
# found=2
# cleaned=0
# scan_time=2628
sh=06E33278D473995EBB843A1FC99E964929DD9AD4 ft=1 fh=99ac218d6441f30b vn="Variante von Win32/DownloadSponsor.C eventuell unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\zubekrqjqnmtadjduciukvfdmimwrtrr\dmr_72.exe"
sh=06E33278D473995EBB843A1FC99E964929DD9AD4 ft=1 fh=99ac218d6441f30b vn="Variante von Win32/DownloadSponsor.C eventuell unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\zubekrqjqnmtadjduciukvfdmimwrtrr\dmr_87.exe"

Schritt 4
FRST.txt

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 28-05-2017
durchgeführt von Floh (Administrator) auf DESKTOP-TSI6RU0 (28-05-2017 20:48:13)
Gestartet von C:\Users\Floh\Desktop
Geladene Profile: defaultuser0 & Floh (Verfügbare Profile: defaultuser0 & Floh)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Windows\runSW.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Electronic Arts) D:\Origin\OriginWebHelperService.exe
(Realtek) C:\Windows\SwUSB.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\SkypePlugin.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Valve Corporation) D:\Steam\Steam.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Electronic Arts) D:\Origin\OriginThinSetupInternal.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16152792 2015-07-17] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [230104 2015-07-10] (Realtek Semiconductor Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110008 2016-01-20] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [499128 2016-01-20] (CyberLink Corp.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61944 2017-04-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [912768 2017-04-29] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-638367787-3787977131-1498176509-1001\...\Run: [Steam] => D:\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase6_18_erinnerung.lnk [2017-01-24]
ShortcutTarget: phase6_18_erinnerung.lnk -> D:\phase6\phase6_18\WinStart\WinStart.exe (phase6)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{6a5a4a31-f2ea-42a1-a9da-78fa0e3e2576}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{fe23c381-270f-46ce-be84-2e65f273da19}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-638367787-3787977131-1498176509-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-638367787-3787977131-1498176509-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: nsqq5y44.default
FF ProfilePath: C:\Users\Floh\AppData\Roaming\Mozilla\Firefox\Profiles\nsqq5y44.default [2017-05-28]
FF Homepage: Mozilla\Firefox\Profiles\nsqq5y44.default -> hxxps://duckduckgo.com/
FF Extension: (Avira Browser Safety) - C:\Users\Floh\AppData\Roaming\Mozilla\Firefox\Profiles\nsqq5y44.default\Extensions\abs@avira.com.xpi [2017-04-05]
FF Extension: (Racism Simulator) - C:\Users\Floh\AppData\Roaming\Mozilla\Firefox\Profiles\nsqq5y44.default\Extensions\{24966bf9-1f0a-48b0-8745-7a02dc5ff345}.xpi [2017-04-20]
FF Extension: (Adblock Plus) - C:\Users\Floh\AppData\Roaming\Mozilla\Firefox\Profiles\nsqq5y44.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-26] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-638367787-3787977131-1498176509-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-01-27] ()

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1119712 2017-04-29] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [488920 2017-04-29] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [488920 2017-04-29] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1520680 2017-04-29] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350120 2017-04-11] (Avira Operations GmbH & Co. KG)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [41176 2015-03-02] (Realtek Semiconductor Corporation)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [121560 2015-07-20] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
S4 debugregsvc; C:\windows\System32\debugregsvc.dll [29184 2016-07-15] (Microsoft Corporation)
S3 DeveloperToolsService; C:\Windows\System32\DeveloperToolsSvc.exe [104448 2017-03-28] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-22] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2147216 2017-05-05] (Electronic Arts)
R2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [3116440 2017-05-05] (Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] ()
S3 SshBroker; C:\windows\System32\SshBroker.dll [360960 2016-12-21] (Microsoft Corporation)
S3 SshProxy; C:\windows\System32\SshProxy.dll [275456 2016-12-21] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S4 WebManagement; C:\windows\system32\WebManagement.exe [1000448 2016-09-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\1.9.741.0\\McCSPServiceHost.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\windows\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\windows\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\windows\system32\drivers\AtihdWT6.sys [110104 2016-09-28] (Advanced Micro Devices)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [161824 2017-03-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\system32\DRIVERS\avipbb.sys [163976 2017-03-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [44488 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\system32\DRIVERS\avnetflt.sys [88488 2017-03-02] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\windows\System32\Drivers\avusbflt.sys [48584 2017-03-02] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [77440 2017-05-09] ()
R2 MBAMChameleon; C:\windows\system32\drivers\MBAMChameleon.sys [187320 2017-05-28] (Malwarebytes)
R3 MBAMFarflt; C:\windows\system32\drivers\farflt.sys [113592 2017-05-28] (Malwarebytes)
R3 MBAMProtection; C:\windows\system32\drivers\mbam.sys [43968 2017-05-28] (Malwarebytes)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [251832 2017-05-28] (Malwarebytes)
R3 MBAMWebProtection; C:\windows\system32\drivers\mwac.sys [93624 2017-05-28] (Malwarebytes)
S3 NetAdapterCx; C:\windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\windows\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek                                            )
S3 RtkAvrcp; C:\windows\System32\drivers\RtkAvrcp.sys [67840 2015-09-09] (Realtek Semiconductor Corporation)
S3 RtkAvrcpCtrlr; C:\windows\System32\drivers\RtkAvrcpCtrlr.sys [70672 2015-05-12] (Realtek Semiconductor Corporation)
R3 RtkBtFilter; C:\windows\system32\DRIVERS\RtkBtfilter.sys [611096 2015-09-15] (Realtek Semiconductor Corporation)
R3 RtlWlanu; C:\windows\System32\drivers\rtwlanu.sys [5195776 2016-07-16] (Realtek Semiconductor Corporation                           )
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

NETSVC: debugregsvc -> C:\Windows\System32\debugregsvc.dll (Microsoft Corporation)

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-28 20:48 - 2017-05-28 20:48 - 00017153 _____ C:\Users\Floh\Desktop\FRST.txt
2017-05-28 19:57 - 2017-05-28 19:57 - 02870984 _____ (ESET) C:\Users\Floh\Desktop\esetsmartinstaller_deu.exe
2017-05-28 19:53 - 2017-05-28 19:56 - 00000000 ____D C:\ProgramData\HitmanPro
2017-05-28 19:53 - 2017-05-28 19:53 - 11584088 _____ (SurfRight B.V.) C:\Users\Floh\Desktop\HitmanPro_x64.exe
2017-05-28 19:47 - 2017-05-28 19:50 - 00004195 _____ C:\Users\Floh\Desktop\Fixlog.txt
2017-05-28 08:13 - 2017-05-28 08:14 - 00098687 _____ C:\Users\Floh\Desktop\FRST-2.txt
2017-05-28 08:13 - 2017-05-28 08:14 - 00042738 _____ C:\Users\Floh\Desktop\Addition-2.txt
2017-05-28 08:11 - 2017-05-28 08:11 - 00001389 _____ C:\Users\Floh\Desktop\mbam.txt
2017-05-28 08:07 - 2017-05-28 19:50 - 00251832 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2017-05-28 08:07 - 2017-05-28 19:50 - 00113592 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys
2017-05-28 08:07 - 2017-05-28 19:50 - 00093624 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2017-05-28 08:07 - 2017-05-28 19:50 - 00043968 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2017-05-28 08:07 - 2017-05-28 08:07 - 00187320 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMChameleon.sys
2017-05-28 08:07 - 2017-05-28 08:07 - 00001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-28 08:07 - 2017-05-28 08:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-28 08:07 - 2017-05-28 08:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-28 08:07 - 2017-05-28 08:07 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-28 08:07 - 2017-05-09 16:37 - 00077440 _____ C:\windows\system32\Drivers\mbae64.sys
2017-05-28 08:00 - 2017-05-28 08:00 - 04102600 _____ C:\Users\Floh\Desktop\AdwCleaner_6.046.exe
2017-05-28 07:58 - 2017-05-28 08:03 - 00000000 ____D C:\AdwCleaner
2017-05-27 13:10 - 2017-05-27 13:12 - 00270154 _____ C:\TDSSKiller.3.1.0.15_27.05.2017_13.10.27_log.txt
2017-05-27 13:09 - 2017-05-27 13:10 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Floh\Desktop\tdsskiller.exe
2017-05-27 13:08 - 2017-05-27 13:08 - 00054681 _____ C:\Users\Floh\Desktop\Addition-1.txt
2017-05-27 13:07 - 2017-05-28 20:48 - 00000000 ____D C:\FRST
2017-05-27 13:07 - 2017-05-27 13:08 - 00094905 _____ C:\Users\Floh\Desktop\FRST-1.txt
2017-05-27 13:06 - 2017-05-28 19:47 - 02429952 _____ (Farbar) C:\Users\Floh\Desktop\FRST64.exe
2017-05-27 10:15 - 2017-05-27 10:15 - 00000000 ____D C:\Users\Floh\AppData\Local\Downloaded Installations
2017-05-25 07:55 - 2017-05-25 07:55 - 00000000 ____D C:\Users\Floh\AppData\Roaming\Google
2017-05-25 07:07 - 2017-05-25 09:50 - 00000000 ____D C:\Users\Floh\AppData\Local\Google
2017-05-25 07:07 - 2017-05-25 09:50 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-24 07:56 - 2017-05-24 07:56 - 00000000 ____D C:\Users\Floh\Documents\Samsung
2017-05-24 07:55 - 2017-05-24 08:04 - 00000000 ____D C:\Users\Floh\AppData\Roaming\Samsung
2017-05-24 07:55 - 2017-05-24 08:04 - 00000000 ____D C:\Program Files (x86)\Samsung
2017-05-24 07:55 - 2017-05-24 07:56 - 00000000 ____D C:\ProgramData\Samsung
2017-05-24 07:55 - 2017-05-24 07:55 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2017-05-24 07:55 - 2017-01-16 08:26 - 00165504 _____ (Samsung Electronics Co., Ltd.) C:\windows\system32\Drivers\ssudmdm.sys
2017-05-24 07:55 - 2017-01-16 08:26 - 00131712 _____ (Samsung Electronics Co., Ltd.) C:\windows\system32\Drivers\ssudbus.sys
2017-05-24 07:55 - 2016-12-09 09:04 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\windows\SysWOW64\secman.dll
2017-05-17 15:26 - 2017-05-17 15:26 - 00003160 _____ C:\windows\System32\Tasks\StartCN
2017-05-17 15:26 - 2017-05-17 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-05-17 15:26 - 2017-05-17 15:26 - 00000000 ____D C:\Program Files (x86)\AMD
2017-05-16 18:06 - 2017-05-16 18:06 - 10320248 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdvlk64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 08479104 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdvlk32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 02536320 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amfrt64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 02198400 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amfrt32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atiadlxy.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atiadlxx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00924544 _____ (AMD) C:\windows\system32\coinst_17.10.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00864120 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amdlvr64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00696192 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amdlvr32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00551808 _____ C:\windows\system32\dgtrayicon.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00546688 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Rapidfire64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00531328 _____ C:\windows\system32\GameManager64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00514424 _____ C:\windows\system32\amdgfxinfo64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00483712 _____ C:\windows\system32\atieah64.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00478080 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\Rapidfire.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00467328 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atidemgy.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00411008 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atiapfxx.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00360312 _____ C:\windows\SysWOW64\amdgfxinfo32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00334208 _____ C:\windows\SysWOW64\atieah32.exe
2017-05-16 18:06 - 2017-05-16 18:06 - 00245112 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atig6txx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00242048 _____ C:\windows\SysWOW64\hsa-thunk.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00203648 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atigktxx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00167808 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atisamu64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00156704 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\aticfx64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00148440 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\aticfx32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00133504 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atisamu32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00122744 _____ (AMD) C:\windows\system32\atimuixx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00121208 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00115072 _____ C:\windows\system32\atidxx64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112512 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdxc64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112000 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00101760 _____ C:\windows\SysWOW64\atidxx32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00099192 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdxc32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00091520 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdmcl64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00075136 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdmcl32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00068992 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\ati2erec.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00044920 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\RapidFireServer64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00042368 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\RapidFireServer.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029056 _____ (Microsoft Corporation) C:\windows\system32\detoured.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00573800 _____ C:\windows\system32\amdmiracast.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00196176 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amdhcp64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00164400 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amdhcp32.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00139080 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdave64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atimpc64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdpcom64.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00116072 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdave32.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00102520 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdpcom32.dll
2017-05-16 18:05 - 2017-05-16 18:05 - 00102512 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atimpc32.dll
2017-05-16 13:57 - 2017-05-16 13:57 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2017-05-15 15:29 - 2017-05-15 15:29 - 00000202 _____ C:\Users\Floh\Desktop\NOT A HERO.url
2017-05-15 15:23 - 2017-05-15 15:23 - 00000202 _____ C:\Users\Floh\Desktop\The Binding of Isaac.url
2017-05-15 15:21 - 2017-05-15 15:21 - 00000202 _____ C:\Users\Floh\Desktop\Binary Domain.url
2017-05-15 15:21 - 2017-05-15 15:21 - 00000202 _____ C:\Users\Floh\Desktop\Antichamber.url
2017-05-14 22:13 - 2017-05-14 22:13 - 00365636 _____ C:\windows\Minidump\051417-6718-01.dmp
2017-05-10 20:09 - 2017-04-28 03:28 - 00965472 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReAgent.dll
2017-05-10 20:09 - 2017-04-28 02:59 - 00601712 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2017-05-10 20:09 - 2017-04-28 02:56 - 02048488 _____ C:\windows\SysWOW64\CoreUIComponents.dll
2017-05-10 20:09 - 2017-04-28 02:55 - 00088416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\scmbus.sys
2017-05-10 20:09 - 2017-04-28 02:53 - 00616048 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2017-05-10 20:09 - 2017-04-28 02:48 - 00263472 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Storage.ApplicationData.dll
2017-05-10 20:09 - 2017-04-28 02:46 - 05722320 _____ (Microsoft Corporation) C:\windows\SysWOW64\windows.storage.dll
2017-05-10 20:09 - 2017-04-28 02:46 - 01504056 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2017-05-10 20:09 - 2017-04-28 02:46 - 01431232 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-10 20:09 - 2017-04-28 02:45 - 02263832 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2017-05-10 20:09 - 2017-04-28 02:45 - 00975744 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinapi.appcore.dll
2017-05-10 20:09 - 2017-04-28 02:45 - 00861024 _____ (Microsoft Corporation) C:\windows\SysWOW64\LicenseManager.dll
2017-05-10 20:09 - 2017-04-28 02:45 - 00781144 _____ (Microsoft Corporation) C:\windows\SysWOW64\WWAHost.exe
2017-05-10 20:09 - 2017-04-28 02:45 - 00493920 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncHost.exe
2017-05-10 20:09 - 2017-04-28 02:45 - 00116576 _____ (Microsoft Corporation) C:\windows\SysWOW64\CloudExperienceHostCommon.dll
2017-05-10 20:09 - 2017-04-28 02:43 - 02168288 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2017-05-10 20:09 - 2017-04-28 02:43 - 01980768 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2017-05-10 20:09 - 2017-04-28 02:43 - 01557224 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2017-05-10 20:09 - 2017-04-28 02:43 - 00846560 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinTypes.dll
2017-05-10 20:09 - 2017-04-28 02:42 - 00601952 _____ (Microsoft Corporation) C:\windows\SysWOW64\NetSetupEngine.dll
2017-05-10 20:09 - 2017-04-28 02:41 - 00361104 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsmf.dll
2017-05-10 20:09 - 2017-04-28 02:40 - 06665952 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-10 20:09 - 2017-04-28 02:40 - 04023008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2017-05-10 20:09 - 2017-04-28 02:40 - 01851696 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmp4srcsnk.dll
2017-05-10 20:09 - 2017-04-28 02:40 - 01360456 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfnetsrc.dll
2017-05-10 20:09 - 2017-04-28 02:40 - 01277856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfasfsrcsnk.dll
2017-05-10 20:09 - 2017-04-28 02:40 - 01202936 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmpeg2srcsnk.dll
2017-05-10 20:09 - 2017-04-28 02:40 - 00981888 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfnetcore.dll
2017-05-10 20:09 - 2017-04-28 02:40 - 00352760 _____ (Microsoft Corporation) C:\windows\SysWOW64\MMDevAPI.dll
2017-05-10 20:09 - 2017-04-28 02:39 - 20967840 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2017-05-10 20:09 - 2017-04-28 02:39 - 04312248 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2017-05-10 20:09 - 2017-04-28 02:39 - 00962760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2017-05-10 20:09 - 2017-04-28 02:39 - 00715104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
2017-05-10 20:09 - 2017-04-28 02:38 - 00557408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2017-05-10 20:09 - 2017-04-28 02:35 - 01414208 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32full.dll
2017-05-10 20:09 - 2017-04-28 02:35 - 00276832 _____ (Microsoft Corporation) C:\windows\SysWOW64\input.dll
2017-05-10 20:09 - 2017-04-28 02:29 - 05685760 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2017-05-10 20:09 - 2017-04-28 02:23 - 01631232 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-10 20:09 - 2017-04-28 02:23 - 00095232 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserDataTimeUtil.dll
2017-05-10 20:09 - 2017-04-28 02:22 - 00165376 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReInfo.dll
2017-05-10 20:09 - 2017-04-28 02:22 - 00026112 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbcconf.dll
2017-05-10 20:09 - 2017-04-28 02:21 - 00224256 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExSMime.dll
2017-05-10 20:09 - 2017-04-28 02:21 - 00027648 _____ (Microsoft Corporation) C:\windows\SysWOW64\BthTelemetry.dll
2017-05-10 20:09 - 2017-04-28 02:20 - 00141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Radios.dll
2017-05-10 20:09 - 2017-04-28 02:20 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\virtdisk.dll
2017-05-10 20:09 - 2017-04-28 02:19 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserDeviceRegistration.dll
2017-05-10 20:09 - 2017-04-28 02:19 - 00138240 _____ (Microsoft Corporation) C:\windows\SysWOW64\DisplayManager.dll
2017-05-10 20:09 - 2017-04-28 02:18 - 00450560 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2017-05-10 20:09 - 2017-04-28 02:18 - 00285184 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-05-10 20:09 - 2017-04-28 02:18 - 00255488 _____ (Microsoft Corporation) C:\windows\SysWOW64\unimdm.tsp
2017-05-10 20:09 - 2017-04-28 02:17 - 00328192 _____ (Microsoft Corporation) C:\windows\SysWOW64\daxexec.dll
2017-05-10 20:09 - 2017-04-28 02:17 - 00142336 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.WiFi.dll
2017-05-10 20:09 - 2017-04-28 02:17 - 00136192 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinRtTracing.dll
2017-05-10 20:09 - 2017-04-28 02:17 - 00095232 _____ (Microsoft Corporation) C:\windows\SysWOW64\BluetoothApis.dll
2017-05-10 20:09 - 2017-04-28 02:17 - 00094208 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.StateRepositoryClient.dll
2017-05-10 20:09 - 2017-04-28 02:16 - 00392192 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Gaming.Input.dll
2017-05-10 20:09 - 2017-04-28 02:16 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.LowLevel.dll
2017-05-10 20:09 - 2017-04-28 02:16 - 00315904 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 20:09 - 2017-04-28 02:16 - 00231936 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-05-10 20:09 - 2017-04-28 02:16 - 00203776 _____ (Microsoft Corporation) C:\windows\SysWOW64\credprovhost.dll
2017-05-10 20:09 - 2017-04-28 02:16 - 00184320 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserMgrProxy.dll
2017-05-10 20:09 - 2017-04-28 02:16 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\InstallAgent.exe
2017-05-10 20:09 - 2017-04-28 02:16 - 00118272 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppointmentActivation.dll
2017-05-10 20:09 - 2017-04-28 02:16 - 00113152 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Lights.dll
2017-05-10 20:09 - 2017-04-28 02:15 - 00557568 _____ (Microsoft Corporation) C:\windows\SysWOW64\StoreAgent.dll
2017-05-10 20:09 - 2017-04-28 02:15 - 00404992 _____ (Microsoft Corporation) C:\windows\SysWOW64\dsreg.dll
2017-05-10 20:09 - 2017-04-28 02:15 - 00334848 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastlsext.dll
2017-05-10 20:09 - 2017-04-28 02:15 - 00237568 _____ (Microsoft Corporation) C:\windows\SysWOW64\SyncSettings.dll
2017-05-10 20:09 - 2017-04-28 02:15 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\bthprops.cpl
2017-05-10 20:09 - 2017-04-28 02:15 - 00117760 _____ (Microsoft Corporation) C:\windows\SysWOW64\AuthBroker.dll
2017-05-10 20:09 - 2017-04-28 02:15 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Core.dll
2017-05-10 20:09 - 2017-04-28 02:14 - 00670208 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.PointOfService.dll
2017-05-10 20:09 - 2017-04-28 02:14 - 00483840 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.AllJoyn.dll
2017-05-10 20:09 - 2017-04-28 02:14 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\InstallAgentUserBroker.exe
2017-05-10 20:09 - 2017-04-28 02:13 - 13873664 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 01755136 _____ (Microsoft Corporation) C:\windows\SysWOW64\DeviceFlows.DataModel.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 01243136 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00562176 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.SmartCards.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00506880 _____ (Microsoft Corporation) C:\windows\SysWOW64\DevicePairing.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00426496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00386048 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00332288 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Internal.Bluetooth.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00325120 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleacc.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00298496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Internal.Management.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00271360 _____ (Microsoft Corporation) C:\windows\SysWOW64\deviceaccess.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00218624 _____ (Microsoft Corporation) C:\windows\SysWOW64\WwaApi.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\vaultcli.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00202752 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00185856 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00175616 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Scanners.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00125952 _____ (Microsoft Corporation) C:\windows\SysWOW64\apprepapi.dll
2017-05-10 20:09 - 2017-04-28 02:13 - 00114176 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupugc.exe
2017-05-10 20:09 - 2017-04-28 02:12 - 00498688 _____ (Microsoft Corporation) C:\windows\SysWOW64\mbsmsapi.dll
2017-05-10 20:09 - 2017-04-28 02:12 - 00431616 _____ (Microsoft Corporation) C:\windows\SysWOW64\efswrt.dll
2017-05-10 20:09 - 2017-04-28 02:12 - 00284672 _____ (Microsoft Corporation) C:\windows\SysWOW64\apprepsync.dll
2017-05-10 20:09 - 2017-04-28 02:12 - 00262144 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Picker.dll
2017-05-10 20:09 - 2017-04-28 02:11 - 00846336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebcamUi.dll
2017-05-10 20:09 - 2017-04-28 02:11 - 00747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Ocr.dll
2017-05-10 20:09 - 2017-04-28 02:11 - 00075776 _____ (Microsoft Corporation) C:\windows\SysWOW64\updatepolicy.dll
2017-05-10 20:09 - 2017-04-28 02:10 - 00857600 _____ (Microsoft Corporation) C:\windows\SysWOW64\EmailApis.dll
2017-05-10 20:09 - 2017-04-28 02:10 - 00819200 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppContracts.dll
2017-05-10 20:09 - 2017-04-28 02:10 - 00816640 _____ (Microsoft Corporation) C:\windows\SysWOW64\NaturalLanguage6.dll
2017-05-10 20:09 - 2017-04-28 02:10 - 00764928 _____ (Microsoft Corporation) C:\windows\SysWOW64\mprddm.dll
2017-05-10 20:09 - 2017-04-28 02:10 - 00314368 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Usb.dll
2017-05-10 20:09 - 2017-04-28 02:10 - 00284672 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.dll
2017-05-10 20:09 - 2017-04-28 02:10 - 00238080 _____ (Microsoft Corporation) C:\windows\SysWOW64\AboveLockAppHost.dll
2017-05-10 20:09 - 2017-04-28 02:09 - 00584192 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-10 20:09 - 2017-04-28 02:09 - 00525824 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintDialogs.dll
2017-05-10 20:09 - 2017-04-28 02:09 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2017-05-10 20:09 - 2017-04-28 02:09 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll
2017-05-10 20:09 - 2017-04-28 02:09 - 00352256 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Enumeration.dll
2017-05-10 20:09 - 2017-04-28 02:08 - 07626752 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2017-05-10 20:09 - 2017-04-28 02:08 - 01534464 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-05-10 20:09 - 2017-04-28 02:08 - 01228288 _____ (Microsoft Corporation) C:\windows\SysWOW64\usercpl.dll
2017-05-10 20:09 - 2017-04-28 02:08 - 00653312 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.AccountsControl.dll
2017-05-10 20:09 - 2017-04-28 02:08 - 00288256 _____ (Microsoft Corporation) C:\windows\SysWOW64\CryptoWinRT.dll
2017-05-10 20:09 - 2017-04-28 02:07 - 03689984 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2017-05-10 20:09 - 2017-04-28 02:07 - 00525312 _____ (Microsoft Corporation) C:\windows\SysWOW64\LogonController.dll
2017-05-10 20:09 - 2017-04-28 02:07 - 00256512 _____ (Microsoft Corporation) C:\windows\SysWOW64\thumbcache.dll
2017-05-10 20:09 - 2017-04-28 02:06 - 04614656 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.dll
2017-05-10 20:09 - 2017-04-28 02:06 - 02333184 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2017-05-10 20:09 - 2017-04-28 02:06 - 00901120 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Bluetooth.dll
2017-05-10 20:09 - 2017-04-28 02:06 - 00675840 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.dll
2017-05-10 20:09 - 2017-04-28 02:05 - 03733504 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_47.dll
2017-05-10 20:09 - 2017-04-28 02:05 - 00886272 _____ (Microsoft Corporation) C:\windows\SysWOW64\aadtb.dll
2017-05-10 20:09 - 2017-04-28 02:05 - 00709120 _____ (Microsoft Corporation) C:\windows\SysWOW64\CPFilters.dll
2017-05-10 20:09 - 2017-04-28 02:05 - 00589312 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Sensors.dll
2017-05-10 20:09 - 2017-04-28 02:04 - 01323008 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsp_fs.dll
2017-05-10 20:09 - 2017-04-28 02:03 - 01137152 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsp_health.dll
2017-05-10 20:09 - 2017-04-28 02:03 - 01077760 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Editing.dll
2017-05-10 20:09 - 2017-04-28 02:03 - 00355328 _____ (Microsoft Corporation) C:\windows\SysWOW64\RTMediaFrame.dll
2017-05-10 20:09 - 2017-04-28 02:03 - 00318464 _____ (Microsoft Corporation) C:\windows\SysWOW64\LocationApi.dll
2017-05-10 20:09 - 2017-04-28 02:03 - 00291328 _____ (Microsoft Corporation) C:\windows\SysWOW64\adsnt.dll
2017-05-10 20:09 - 2017-04-28 02:03 - 00134656 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Energy.dll
2017-05-10 20:09 - 2017-04-28 02:02 - 03307008 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFMediaEngine.dll
2017-05-10 20:09 - 2017-04-28 02:02 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
2017-05-10 20:09 - 2017-04-28 02:01 - 00795648 _____ (Microsoft Corporation) C:\windows\SysWOW64\MiracastReceiver.dll
2017-05-10 20:09 - 2017-04-28 02:01 - 00713216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpnapps.dll
2017-05-10 20:09 - 2017-04-28 02:01 - 00343040 _____ (Microsoft Corporation) C:\windows\SysWOW64\PlayToDevice.dll
2017-05-10 20:09 - 2017-04-28 02:01 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\unimdm.tsp
2017-05-10 20:09 - 2017-04-28 02:01 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\dlnashext.dll
2017-05-10 20:09 - 2017-04-28 02:01 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\dialclient.dll
2017-05-10 20:09 - 2017-04-28 02:00 - 02749440 _____ (Microsoft Corporation) C:\windows\SysWOW64\mispace.dll
2017-05-10 20:09 - 2017-04-28 02:00 - 01255936 _____ (Microsoft Corporation) C:\windows\SysWOW64\AzureSettingSyncProvider.dll
2017-05-10 20:09 - 2017-04-28 02:00 - 00249856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BthLEEnum.sys
2017-05-10 20:09 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\WinRtTracing.dll
2017-05-10 20:09 - 2017-04-28 02:00 - 00149504 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Core.dll
2017-05-10 20:09 - 2017-04-28 01:59 - 02154496 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi.dll
2017-05-10 20:09 - 2017-04-28 01:59 - 00895488 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Streaming.dll
2017-05-10 20:09 - 2017-04-28 01:59 - 00467968 _____ (Microsoft Corporation) C:\windows\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 20:09 - 2017-04-28 01:59 - 00220672 _____ (Microsoft Corporation) C:\windows\SysWOW64\PlayToReceiver.dll
2017-05-10 20:09 - 2017-04-28 01:58 - 07468544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2017-05-10 20:09 - 2017-04-28 01:58 - 00546304 _____ (Microsoft Corporation) C:\windows\SysWOW64\uReFS.dll
2017-05-10 20:09 - 2017-04-28 01:58 - 00433664 _____ (Microsoft Corporation) C:\windows\SysWOW64\imapi2.dll
2017-05-10 20:09 - 2017-04-28 01:58 - 00134144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ErrorDetails.dll
2017-05-10 20:09 - 2017-04-28 01:58 - 00090624 _____ (Microsoft Corporation) C:\windows\SysWOW64\olepro32.dll
2017-05-10 20:09 - 2017-04-28 01:57 - 01247232 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2017-05-10 20:09 - 2017-04-28 01:57 - 01221120 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Audio.dll
2017-05-10 20:09 - 2017-04-28 01:57 - 00719872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsp_sr.dll
2017-05-10 20:09 - 2017-04-28 01:57 - 00641024 _____ (Microsoft Corporation) C:\windows\SysWOW64\MCRecvSrc.dll
2017-05-10 20:09 - 2017-04-28 01:57 - 00089600 _____ (Microsoft Corporation) C:\windows\SysWOW64\CameraCaptureUI.dll
2017-05-10 20:09 - 2017-04-28 01:56 - 00400384 _____ (Microsoft Corporation) C:\windows\SysWOW64\PlayToManager.dll
2017-05-10 20:09 - 2017-04-28 01:56 - 00358912 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.dll
2017-05-10 20:09 - 2017-04-28 01:56 - 00357376 _____ (Microsoft Corporation) C:\windows\SysWOW64\Geolocation.dll
2017-05-10 20:09 - 2017-04-28 01:56 - 00333312 _____ (Microsoft Corporation) C:\windows\SysWOW64\SensorsApi.dll
2017-05-10 20:09 - 2017-04-28 01:56 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Devices.dll
2017-05-10 20:09 - 2017-04-28 01:55 - 01993216 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2017-05-10 20:09 - 2017-04-28 01:55 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2017-05-10 20:09 - 2017-04-28 01:55 - 01656320 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Perception.dll
2017-05-10 20:09 - 2017-04-28 01:55 - 01413632 _____ (Microsoft Corporation) C:\windows\SysWOW64\OpcServices.dll
2017-05-10 20:09 - 2017-04-28 01:55 - 01232384 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-05-10 20:09 - 2017-04-28 01:55 - 01170944 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Speech.dll
2017-05-10 20:09 - 2017-04-28 01:55 - 01004544 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Input.Inking.dll
2017-05-10 20:09 - 2017-04-28 01:55 - 00561664 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Wallet.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 02747904 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpcore.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 02646528 _____ (Microsoft Corporation) C:\windows\SysWOW64\CertEnroll.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 02483200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 01883648 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Logon.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 01013248 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Web.Http.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 00967680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2017-05-10 20:09 - 2017-04-28 01:54 - 00654336 _____ (Microsoft Corporation) C:\windows\SysWOW64\MbaeApiPublic.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 00598528 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Web.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\ShareHost.dll
2017-05-10 20:09 - 2017-04-28 01:54 - 00348160 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.Midi.dll
2017-05-10 20:09 - 2017-04-28 01:53 - 01170944 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-05-10 20:09 - 2017-04-28 01:53 - 00798208 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2017-05-10 20:09 - 2017-04-28 01:53 - 00751104 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-10 20:09 - 2017-04-28 01:53 - 00621056 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.dll
2017-05-10 20:09 - 2017-04-28 01:53 - 00245760 _____ (Microsoft Corporation) C:\windows\system32\WwaApi.dll
2017-05-10 20:09 - 2017-04-28 01:52 - 03106304 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2017-05-10 20:09 - 2017-04-28 01:52 - 02994176 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32kfull.sys
2017-05-10 20:09 - 2017-04-28 01:52 - 02008576 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2017-05-10 20:09 - 2017-04-28 01:52 - 01600000 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2017-05-10 20:09 - 2017-04-28 01:50 - 00783360 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2017-05-10 20:09 - 2017-04-28 01:44 - 00548864 _____ (Microsoft Corporation) C:\windows\system32\usocore.dll
2017-05-10 20:09 - 2017-04-28 01:43 - 00963584 _____ (Microsoft Corporation) C:\windows\system32\WebcamUi.dll
2017-05-10 20:09 - 2017-04-28 01:41 - 01080320 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Ocr.dll
2017-05-10 20:09 - 2017-04-28 01:40 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.dll
2017-05-10 20:09 - 2017-04-28 01:39 - 04596224 _____ (Microsoft Corporation) C:\windows\system32\xpsrchvw.exe
2017-05-10 20:09 - 2017-04-28 01:38 - 02424320 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Perception.dll
2017-05-10 20:09 - 2017-04-28 01:37 - 02538496 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2017-05-10 20:09 - 2017-04-28 01:37 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.Maps.dll
2017-05-10 20:09 - 2017-04-28 01:37 - 01266176 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Input.Inking.dll
2017-05-10 20:09 - 2017-04-28 01:37 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\wuuhext.dll
2017-05-10 20:09 - 2017-04-28 01:30 - 00483840 _____ (Microsoft Corporation) C:\windows\SysWOW64\CoreMessaging.dll
2017-05-10 20:09 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2017-05-10 20:09 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Cred.dll
2017-05-10 20:09 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserDataAccountApis.dll
2017-05-10 20:09 - 2017-03-04 08:22 - 00265728 _____ C:\windows\SysWOW64\Windows.Perception.Stub.dll
2017-05-10 20:09 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2017-05-10 20:09 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Graphics.Printing.dll
2017-05-10 20:09 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.Phone.dll
2017-05-10 20:09 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\windows\SysWOW64\xpsrchvw.exe
2017-05-10 20:09 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.appcore.dll
2017-05-10 20:09 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\windows\SysWOW64\TokenBroker.dll
2017-05-10 20:08 - 2017-04-28 02:58 - 01706488 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2017-05-10 20:08 - 2017-04-28 02:57 - 00794928 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.Shell.Broker.dll
2017-05-10 20:08 - 2017-04-28 02:57 - 00603488 _____ (Microsoft Corporation) C:\windows\system32\ContentDeliveryManager.Utilities.dll
2017-05-10 20:08 - 2017-04-28 02:53 - 07784288 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2017-05-10 20:08 - 2017-04-28 02:53 - 02213760 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2017-05-10 20:08 - 2017-04-28 02:53 - 00774224 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2017-05-10 20:08 - 2017-04-28 02:52 - 02255712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2017-05-10 20:08 - 2017-04-28 02:49 - 02681200 _____ C:\windows\system32\CoreUIComponents.dll
2017-05-10 20:08 - 2017-04-28 02:49 - 00764392 _____ (Microsoft Corporation) C:\windows\system32\CoreMessaging.dll
2017-05-10 20:08 - 2017-04-28 02:46 - 00410464 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2017-05-10 20:08 - 2017-04-28 02:42 - 00328008 _____ (Microsoft Corporation) C:\windows\system32\Windows.Storage.ApplicationData.dll
2017-05-10 20:08 - 2017-04-28 02:40 - 07220184 _____ (Microsoft Corporation) C:\windows\system32\windows.storage.dll
2017-05-10 20:08 - 2017-04-28 02:40 - 02759704 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2017-05-10 20:08 - 2017-04-28 02:40 - 02187104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2017-05-10 20:08 - 2017-04-28 02:40 - 01860288 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2017-05-10 20:08 - 2017-04-28 02:40 - 01738560 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2017-05-10 20:08 - 2017-04-28 02:40 - 01157000 _____ (Microsoft Corporation) C:\windows\system32\twinapi.appcore.dll
2017-05-10 20:08 - 2017-04-28 02:40 - 00857440 _____ (Microsoft Corporation) C:\windows\system32\WWAHost.exe
2017-05-10 20:08 - 2017-04-28 02:40 - 00578400 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncHost.exe
2017-05-10 20:08 - 2017-04-28 02:40 - 00402784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2017-05-10 20:08 - 2017-04-28 02:40 - 00146784 _____ (Microsoft Corporation) C:\windows\system32\CloudExperienceHostCommon.dll
2017-05-10 20:08 - 2017-04-28 02:40 - 00026976 _____ (Microsoft Corporation) C:\windows\system32\browser_broker.exe
2017-05-10 20:08 - 2017-04-28 02:39 - 00624048 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2017-05-10 20:08 - 2017-04-28 02:38 - 02915704 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2017-05-10 20:08 - 2017-04-28 02:38 - 02446704 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2017-05-10 20:08 - 2017-04-28 02:38 - 01852200 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2017-05-10 20:08 - 2017-04-28 02:38 - 01267512 _____ (Microsoft Corporation) C:\windows\system32\WinTypes.dll
2017-05-10 20:08 - 2017-04-28 02:38 - 00847200 _____ (Microsoft Corporation) C:\windows\system32\NetSetupEngine.dll
2017-05-10 20:08 - 2017-04-28 02:38 - 00431968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdbss.sys
2017-05-10 20:08 - 2017-04-28 02:36 - 00408600 _____ (Microsoft Corporation) C:\windows\system32\tsmf.dll
2017-05-10 20:08 - 2017-04-28 02:36 - 00092512 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2017-05-10 20:08 - 2017-04-28 02:35 - 08170600 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Protection.PlayReady.dll
2017-05-10 20:08 - 2017-04-28 02:35 - 04260576 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2017-05-10 20:08 - 2017-04-28 02:35 - 01988048 _____ (Microsoft Corporation) C:\windows\system32\mfmp4srcsnk.dll
2017-05-10 20:08 - 2017-04-28 02:35 - 01702392 _____ (Microsoft Corporation) C:\windows\system32\mfasfsrcsnk.dll
2017-05-10 20:08 - 2017-04-28 02:35 - 01302136 _____ (Microsoft Corporation) C:\windows\system32\mfmpeg2srcsnk.dll
2017-05-10 20:08 - 2017-04-28 02:35 - 00596040 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2017-05-10 20:08 - 2017-04-28 02:34 - 22220856 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2017-05-10 20:08 - 2017-04-28 02:34 - 04674360 _____ (Microsoft Corporation) C:\windows\explorer.exe
2017-05-10 20:08 - 2017-04-28 02:34 - 01600624 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2017-05-10 20:08 - 2017-04-28 02:34 - 01277824 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2017-05-10 20:08 - 2017-04-28 02:34 - 01072248 _____ (Microsoft Corporation) C:\windows\system32\mfnetcore.dll
2017-05-10 20:08 - 2017-04-28 02:34 - 00443232 _____ (Microsoft Corporation) C:\windows\system32\MMDevAPI.dll
2017-05-10 20:08 - 2017-04-28 02:34 - 00244824 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2017-05-10 20:08 - 2017-04-28 02:34 - 00241504 _____ (Microsoft Corporation) C:\windows\system32\CloudExperienceHost.dll
2017-05-10 20:08 - 2017-04-28 02:30 - 01569184 _____ (Microsoft Corporation) C:\windows\system32\gdi32full.dll
2017-05-10 20:08 - 2017-04-28 02:28 - 00453536 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2017-05-10 20:08 - 2017-04-28 02:28 - 00387864 _____ (Microsoft Corporation) C:\windows\system32\wmpps.dll
2017-05-10 20:08 - 2017-04-28 02:21 - 00073728 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2017-05-10 20:08 - 2017-04-28 02:19 - 00584192 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIRibbonRes.dll
2017-05-10 20:08 - 2017-04-28 02:19 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2017-05-10 20:08 - 2017-04-28 02:15 - 00822784 _____ (Microsoft Corporation) C:\windows\SysWOW64\Chakradiag.dll
2017-05-10 20:08 - 2017-04-28 02:15 - 00126464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2017-05-10 20:08 - 2017-04-28 02:14 - 00306688 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieproxy.dll
2017-05-10 20:08 - 2017-04-28 02:14 - 00270336 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2017-05-10 20:08 - 2017-04-28 02:12 - 00635904 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2017-05-10 20:08 - 2017-04-28 02:12 - 00236544 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2017-05-10 20:08 - 2017-04-28 02:11 - 00340480 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2017-05-10 20:08 - 2017-04-28 02:10 - 07216640 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2017-05-10 20:08 - 2017-04-28 02:10 - 00661504 _____ (Microsoft Corporation) C:\windows\SysWOW64\WpcWebFilter.dll
2017-05-10 20:08 - 2017-04-28 02:08 - 18365440 _____ (Microsoft Corporation) C:\windows\SysWOW64\edgehtml.dll
2017-05-10 20:08 - 2017-04-28 02:07 - 00372736 _____ (Microsoft Corporation) C:\windows\system32\RDXTaskFactory.dll
2017-05-10 20:08 - 2017-04-28 02:06 - 22569472 _____ (Microsoft Corporation) C:\windows\system32\edgehtml.dll
2017-05-10 20:08 - 2017-04-28 02:06 - 00691712 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2017-05-10 20:08 - 2017-04-28 02:05 - 19414016 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2017-05-10 20:08 - 2017-04-28 02:05 - 01631232 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.Resources.dll
2017-05-10 20:08 - 2017-04-28 02:04 - 00119808 _____ (Microsoft Corporation) C:\windows\system32\UserDataTimeUtil.dll
2017-05-10 20:08 - 2017-04-28 02:03 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\UIRibbonRes.dll
2017-05-10 20:08 - 2017-04-28 02:03 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2017-05-10 20:08 - 2017-04-28 02:03 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\raspppoe.sys
2017-05-10 20:08 - 2017-04-28 02:03 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\odbcconf.dll
2017-05-10 20:08 - 2017-04-28 02:02 - 00115200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bridge.sys
2017-05-10 20:08 - 2017-04-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vwifimp.sys
2017-05-10 20:08 - 2017-04-28 02:01 - 00259072 _____ (Microsoft Corporation) C:\windows\system32\Family.SyncEngine.dll
2017-05-10 20:08 - 2017-04-28 02:01 - 00233472 _____ (Microsoft Corporation) C:\windows\system32\MusNotification.exe
2017-05-10 20:08 - 2017-04-28 02:01 - 00185344 _____ (Microsoft Corporation) C:\windows\system32\DisplayManager.dll
2017-05-10 20:08 - 2017-04-28 02:01 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\Family.Client.dll
2017-05-10 20:08 - 2017-04-28 02:01 - 00090624 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Printers.dll
2017-05-10 20:08 - 2017-04-28 02:00 - 12349440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2017-05-10 20:08 - 2017-04-28 02:00 - 00196096 _____ (Microsoft Corporation) C:\windows\system32\UserDeviceRegistration.dll
2017-05-10 20:08 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.WiFi.dll
2017-05-10 20:08 - 2017-04-28 02:00 - 00165376 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2017-05-10 20:08 - 2017-04-28 02:00 - 00101888 _____ (Microsoft Corporation) C:\windows\system32\UserDeviceRegistration.Ngc.dll
2017-05-10 20:08 - 2017-04-28 02:00 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\browserbroker.dll
2017-05-10 20:08 - 2017-04-28 01:59 - 12187136 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2017-05-10 20:08 - 2017-04-28 01:59 - 00635904 _____ (Microsoft Corporation) C:\windows\system32\FlightSettings.dll
2017-05-10 20:08 - 2017-04-28 01:59 - 00375296 _____ (Microsoft Corporation) C:\windows\system32\rastlsext.dll
2017-05-10 20:08 - 2017-04-28 01:59 - 00186368 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Radios.dll
2017-05-10 20:08 - 2017-04-28 01:59 - 00122880 _____ (Microsoft Corporation) C:\windows\system32\Windows.StateRepositoryClient.dll
2017-05-10 20:08 - 2017-04-28 01:58 - 00547840 _____ (Microsoft Corporation) C:\windows\system32\Windows.Gaming.Input.dll
2017-05-10 20:08 - 2017-04-28 01:58 - 00418304 _____ C:\windows\system32\Windows.Perception.Stub.dll
2017-05-10 20:08 - 2017-04-28 01:58 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.BlockedShutdown.dll
2017-05-10 20:08 - 2017-04-28 01:58 - 00360448 _____ (Microsoft Corporation) C:\windows\system32\rdpencom.dll
2017-05-10 20:08 - 2017-04-28 01:58 - 00289792 _____ (Microsoft Corporation) C:\windows\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-10 20:08 - 2017-04-28 01:58 - 00276992 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2017-05-10 20:08 - 2017-04-28 01:58 - 00231424 _____ (Microsoft Corporation) C:\windows\system32\shutdownux.dll
2017-05-10 20:08 - 2017-04-28 01:58 - 00211968 _____ (Microsoft Corporation) C:\windows\system32\InstallAgent.exe
2017-05-10 20:08 - 2017-04-28 01:58 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Lights.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 01507840 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.FaceAnalysis.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00651264 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.AllJoyn.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00568320 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.LowLevel.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00505856 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.WiFiDirect.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00502784 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00279552 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00268800 _____ (Microsoft Corporation) C:\windows\system32\UserMgrProxy.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\credprovhost.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00223744 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2017-05-10 20:08 - 2017-04-28 01:57 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Scanners.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2017-05-10 20:08 - 2017-04-28 01:57 - 00132096 _____ (Microsoft Corporation) C:\windows\system32\PrintWSDAHost.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00947712 _____ (Microsoft Corporation) C:\windows\system32\SystemSettings.Handlers.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00912384 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.SmartCards.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00748544 _____ (Microsoft Corporation) C:\windows\system32\StoreAgent.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00692224 _____ (Microsoft Corporation) C:\windows\system32\CellularAPI.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00691200 _____ (Microsoft Corporation) C:\windows\system32\ieproxy.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00590336 _____ (Microsoft Corporation) C:\windows\system32\efswrt.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00387584 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00379904 _____ (Microsoft Corporation) C:\windows\system32\apprepsync.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00324608 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00311296 _____ (Microsoft Corporation) C:\windows\system32\SyncSettings.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00293888 _____ (Microsoft Corporation) C:\windows\system32\updatehandlers.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00260608 _____ (Microsoft Corporation) C:\windows\system32\InstallAgentUserBroker.exe
2017-05-10 20:08 - 2017-04-28 01:56 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\AuthBroker.dll
2017-05-10 20:08 - 2017-04-28 01:56 - 00088576 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 06042624 _____ (Microsoft Corporation) C:\windows\SysWOW64\Chakra.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 02084352 _____ (Microsoft Corporation) C:\windows\system32\DeviceFlows.DataModel.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 00657920 _____ (Microsoft Corporation) C:\windows\system32\rasmans.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 00431616 _____ (Microsoft Corporation) C:\windows\system32\WpAXHolder.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 00407552 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.Management.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\oleacc.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Picker.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\PrintDialogs3D.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 00252416 _____ (Microsoft Corporation) C:\windows\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 20:08 - 2017-04-28 01:55 - 00176128 _____ (Microsoft Corporation) C:\windows\system32\apprepapi.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 03664384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 02027008 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2017-05-10 20:08 - 2017-04-28 01:54 - 01509376 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 00949248 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.PointOfService.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 00472064 _____ (Microsoft Corporation) C:\windows\system32\Windows.Internal.Bluetooth.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 00425984 _____ (Microsoft Corporation) C:\windows\system32\aadcloudap.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 00339456 _____ (Microsoft Corporation) C:\windows\system32\ConhostV2.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 00329728 _____ (Microsoft Corporation) C:\windows\system32\deviceaccess.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 00284160 _____ (Microsoft Corporation) C:\windows\system32\AboveLockAppHost.dll
2017-05-10 20:08 - 2017-04-28 01:54 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\updatepolicy.dll
2017-05-10 20:08 - 2017-04-28 01:53 - 06288384 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.dll
2017-05-10 20:08 - 2017-04-28 01:53 - 03059200 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2017-05-10 20:08 - 2017-04-28 01:53 - 00671744 _____ (Microsoft Corporation) C:\windows\system32\mbsmsapi.dll
2017-05-10 20:08 - 2017-04-28 01:53 - 00579584 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-10 20:08 - 2017-04-28 01:53 - 00458752 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Enumeration.dll
2017-05-10 20:08 - 2017-04-28 01:53 - 00437248 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Usb.dll
2017-05-10 20:08 - 2017-04-28 01:51 - 02104320 _____ (Microsoft Corporation) C:\windows\system32\wlidsvc.dll
2017-05-10 20:08 - 2017-04-28 01:51 - 01913856 _____ (Microsoft Corporation) C:\windows\system32\wsp_fs.dll
2017-05-10 20:08 - 2017-04-28 01:51 - 01589760 _____ (Microsoft Corporation) C:\windows\system32\msdtctm.dll
2017-05-10 20:08 - 2017-04-28 01:51 - 01584128 _____ (Microsoft Corporation) C:\windows\system32\wsp_health.dll
2017-05-10 20:08 - 2017-04-28 01:51 - 00713216 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2017-05-10 20:08 - 2017-04-28 01:51 - 00458752 _____ (Microsoft Corporation) C:\windows\system32\RTMediaFrame.dll
2017-05-10 20:08 - 2017-04-28 01:51 - 00409600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2017-05-10 20:08 - 2017-04-28 01:51 - 00169984 _____ (Microsoft Corporation) C:\windows\system32\Windows.Energy.dll
2017-05-10 20:08 - 2017-04-28 01:50 - 03778048 _____ (Microsoft Corporation) C:\windows\system32\MFMediaEngine.dll
2017-05-10 20:08 - 2017-04-28 01:50 - 00329728 _____ (Microsoft Corporation) C:\windows\system32\fvecpl.dll
2017-05-10 20:08 - 2017-04-28 01:49 - 17198592 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2017-05-10 20:08 - 2017-04-28 01:49 - 01105408 _____ (Microsoft Corporation) C:\windows\system32\MiracastReceiver.dll
2017-05-10 20:08 - 2017-04-28 01:49 - 00864256 _____ (Microsoft Corporation) C:\windows\system32\wpnapps.dll
2017-05-10 20:08 - 2017-04-28 01:49 - 00442368 _____ (Microsoft Corporation) C:\windows\system32\PlayToDevice.dll
2017-05-10 20:08 - 2017-04-28 01:48 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dlnashext.dll
2017-05-10 20:08 - 2017-04-28 01:48 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\dialclient.dll
2017-05-10 20:08 - 2017-04-28 01:47 - 09131008 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2017-05-10 20:08 - 2017-04-28 01:47 - 03290112 _____ (Microsoft Corporation) C:\windows\system32\mispace.dll
2017-05-10 20:08 - 2017-04-28 01:47 - 01908224 _____ (Microsoft Corporation) C:\windows\system32\AzureSettingSyncProvider.dll
2017-05-10 20:08 - 2017-04-28 01:47 - 01790464 _____ (Microsoft Corporation) C:\windows\system32\LocationFramework.dll
2017-05-10 20:08 - 2017-04-28 01:47 - 01078784 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Streaming.dll
2017-05-10 20:08 - 2017-04-28 01:47 - 00942080 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2017-05-10 20:08 - 2017-04-28 01:47 - 00796672 _____ (Microsoft Corporation) C:\windows\system32\fvewiz.dll
2017-05-10 20:08 - 2017-04-28 01:47 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\SpaceControl.dll
2017-05-10 20:08 - 2017-04-28 01:46 - 02861056 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll
2017-05-10 20:08 - 2017-04-28 01:46 - 00279552 _____ (Microsoft Corporation) C:\windows\system32\PlayToReceiver.dll
2017-05-10 20:08 - 2017-04-28 01:46 - 00049664 _____ (Microsoft Corporation) C:\windows\system32\catsrvps.dll
2017-05-10 20:08 - 2017-04-28 01:45 - 23677440 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2017-05-10 20:08 - 2017-04-28 01:45 - 01217024 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Audio.dll
2017-05-10 20:08 - 2017-04-28 01:45 - 00946688 _____ (Microsoft Corporation) C:\windows\system32\wsp_sr.dll
2017-05-10 20:08 - 2017-04-28 01:45 - 00628736 _____ (Microsoft Corporation) C:\windows\system32\uReFS.dll
2017-05-10 20:08 - 2017-04-28 01:45 - 00411648 _____ (Microsoft Corporation) C:\windows\system32\SensorsApi.dll
2017-05-10 20:08 - 2017-04-28 01:45 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2017-05-10 20:08 - 2017-04-28 01:45 - 00167936 _____ (Microsoft Corporation) C:\windows\system32\ErrorDetails.dll
2017-05-10 20:08 - 2017-04-28 01:45 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\CameraCaptureUI.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 13091328 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 04749824 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_nt.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 01366016 _____ (Microsoft Corporation) C:\windows\system32\wpncore.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 01145344 _____ (Microsoft Corporation) C:\windows\system32\EmailApis.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 01010176 _____ (Microsoft Corporation) C:\windows\system32\enterprisecsps.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 00937984 _____ (Microsoft Corporation) C:\windows\system32\MCRecvSrc.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 00896512 _____ (Microsoft Corporation) C:\windows\system32\Windows.AccountsControl.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\GamePanel.exe
2017-05-10 20:08 - 2017-04-28 01:44 - 00583680 _____ (Microsoft Corporation) C:\windows\system32\PrintDialogs.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 00410112 _____ (Microsoft Corporation) C:\windows\system32\DevicesFlowBroker.dll
2017-05-10 20:08 - 2017-04-28 01:44 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Devices.dll
2017-05-10 20:08 - 2017-04-28 01:43 - 01184256 _____ (Microsoft Corporation) C:\windows\system32\Unistore.dll
2017-05-10 20:08 - 2017-04-28 01:43 - 00646656 _____ (Microsoft Corporation) C:\windows\system32\wiaservc.dll
2017-05-10 20:08 - 2017-04-28 01:43 - 00634368 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2017-05-10 20:08 - 2017-04-28 01:43 - 00539136 _____ (Microsoft Corporation) C:\windows\system32\PlayToManager.dll
2017-05-10 20:08 - 2017-04-28 01:43 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\winspool.drv
2017-05-10 20:08 - 2017-04-28 01:43 - 00467968 _____ (Microsoft Corporation) C:\windows\system32\Geolocation.dll
2017-05-10 20:08 - 2017-04-28 01:43 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Midi.dll
2017-05-10 20:08 - 2017-04-28 01:43 - 00331264 _____ (Microsoft Corporation) C:\windows\system32\NgcCtnrSvc.dll
2017-05-10 20:08 - 2017-04-28 01:43 - 00320512 _____ (Microsoft Corporation) C:\windows\system32\thumbcache.dll
2017-05-10 20:08 - 2017-04-28 01:42 - 13441536 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2017-05-10 20:08 - 2017-04-28 01:42 - 08125440 _____ (Microsoft Corporation) C:\windows\system32\Chakra.dll
2017-05-10 20:08 - 2017-04-28 01:42 - 08076288 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2017-05-10 20:08 - 2017-04-28 01:42 - 02390016 _____ (Microsoft Corporation) C:\windows\system32\smartscreen.exe
2017-05-10 20:08 - 2017-04-28 01:42 - 01692160 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.onecore.dll
2017-05-10 20:08 - 2017-04-28 01:42 - 01021440 _____ (Microsoft Corporation) C:\windows\system32\usermgr.dll
2017-05-10 20:08 - 2017-04-28 01:42 - 00945664 _____ (Microsoft Corporation) C:\windows\system32\WpcWebFilter.dll
2017-05-10 20:08 - 2017-04-28 01:42 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-10 20:08 - 2017-04-28 01:41 - 01359872 _____ (Microsoft Corporation) C:\windows\system32\SharedStartModel.dll
2017-05-10 20:08 - 2017-04-28 01:41 - 00983040 _____ (Microsoft Corporation) C:\windows\system32\ngcsvc.dll
2017-05-10 20:08 - 2017-04-28 01:41 - 00860160 _____ (Microsoft Corporation) C:\windows\system32\mprddm.dll
2017-05-10 20:08 - 2017-04-28 01:41 - 00759296 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2017-05-10 20:08 - 2017-04-28 01:41 - 00650752 _____ (Microsoft Corporation) C:\windows\system32\RDXService.dll
2017-05-10 20:08 - 2017-04-28 01:41 - 00611328 _____ (Microsoft Corporation) C:\windows\system32\Windows.Graphics.Printing.dll
2017-05-10 20:08 - 2017-04-28 01:41 - 00591360 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2017-05-10 20:08 - 2017-04-28 01:41 - 00376832 _____ (Microsoft Corporation) C:\windows\system32\CryptoWinRT.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 04474368 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_47.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 02914816 _____ (Microsoft Corporation) C:\windows\system32\CertEnroll.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 02510848 _____ (Microsoft Corporation) C:\windows\system32\NetworkMobileSettings.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 02208768 _____ (Microsoft Corporation) C:\windows\system32\Windows.Graphics.Printing.3D.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 02096640 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2017-05-10 20:08 - 2017-04-28 01:40 - 01643008 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Speech.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 01586176 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 01040896 _____ (Microsoft Corporation) C:\windows\system32\NaturalLanguage6.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 00971264 _____ (Microsoft Corporation) C:\windows\system32\twinui.appcore.dll
2017-05-10 20:08 - 2017-04-28 01:40 - 00913920 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.dll
2017-05-10 20:08 - 2017-04-28 01:39 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\MbaeApiPublic.dll
2017-05-10 20:08 - 2017-04-28 01:38 - 05611008 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2017-05-10 20:08 - 2017-04-28 01:38 - 01490432 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-05-10 20:08 - 2017-04-28 01:38 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\usercpl.dll
2017-05-10 20:08 - 2017-04-28 01:38 - 01275392 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Bluetooth.dll
2017-05-10 20:08 - 2017-04-28 01:38 - 00765440 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.Sensors.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 04744192 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 04149248 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 03134976 _____ (Microsoft Corporation) C:\windows\system32\rdpcore.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 02895872 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 02316288 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 02286592 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 02216960 _____ (Microsoft Corporation) C:\windows\system32\OpcServices.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 01984000 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 01783296 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 01637888 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 00881664 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 00875520 _____ (Microsoft Corporation) C:\windows\system32\TokenBroker.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 03613184 _____ (Microsoft Corporation) C:\windows\system32\win32kfull.sys
2017-05-10 20:08 - 2017-04-28 01:36 - 02691072 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Logon.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 02478080 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 01844224 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 01513472 _____ (Microsoft Corporation) C:\windows\system32\win32kbase.sys
2017-05-10 20:08 - 2017-04-28 01:36 - 01328640 _____ (Microsoft Corporation) C:\windows\system32\Windows.Web.Http.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 01131008 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 00774656 _____ (Microsoft Corporation) C:\windows\system32\Windows.Web.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 00735744 _____ (Microsoft Corporation) C:\windows\system32\LogonController.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 00716800 _____ (Microsoft Corporation) C:\windows\system32\ShareHost.dll
2017-05-10 20:08 - 2017-04-28 01:35 - 03299840 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2017-05-10 20:08 - 2017-04-28 01:35 - 01121280 _____ (Microsoft Corporation) C:\windows\system32\aadtb.dll
2017-05-10 20:08 - 2017-04-28 01:35 - 00924672 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-10 20:08 - 2017-04-28 01:34 - 00999424 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2017-05-10 20:08 - 2017-04-28 01:34 - 00439296 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2017-05-10 20:08 - 2017-04-28 01:34 - 00394240 _____ (Microsoft Corporation) C:\windows\system32\rdpclip.exe
2017-05-10 20:08 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\windows\system32\LicenseManager.dll
2017-05-10 20:08 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2017-05-10 20:08 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\windows\system32\indexeddbserver.dll
2017-05-10 20:08 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\windows\system32\AppContracts.dll
2017-05-10 20:08 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Editing.dll
2017-05-10 20:08 - 2016-12-21 09:09 - 00368640 _____ (Microsoft Corporation) C:\windows\system32\OneBackupHandler.dll
2017-05-10 20:07 - 2017-04-28 02:56 - 01117024 _____ (Microsoft Corporation) C:\windows\system32\ReAgent.dll
2017-05-10 20:07 - 2017-04-28 02:49 - 00700936 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2017-05-10 20:07 - 2017-04-28 02:47 - 00699744 _____ (Microsoft Corporation) C:\windows\system32\wimgapi.dll
2017-05-10 20:07 - 2017-04-28 02:47 - 00501088 _____ (Microsoft Corporation) C:\windows\system32\spwizeng.dll
2017-05-10 20:07 - 2017-04-28 02:44 - 00062816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fsdepends.sys
2017-05-10 20:07 - 2017-04-28 02:42 - 00526176 _____ (Microsoft Corporation) C:\windows\system32\wimserv.exe
2017-05-10 20:07 - 2017-04-28 02:30 - 00322912 _____ (Microsoft Corporation) C:\windows\system32\input.dll
2017-05-10 20:07 - 2017-04-28 02:28 - 00455520 _____ (Microsoft Corporation) C:\windows\system32\securekernel.exe
2017-05-10 20:07 - 2017-04-28 02:03 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\BthTelemetry.dll
2017-05-10 20:07 - 2017-04-28 02:02 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2017-05-10 20:07 - 2017-04-28 02:01 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_ClosedCaptioning.dll
2017-05-10 20:07 - 2017-04-28 02:01 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\virtdisk.dll
2017-05-10 20:07 - 2017-04-28 02:00 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\Windows.System.Profile.RetailInfo.dll
2017-05-10 20:07 - 2017-04-28 02:00 - 00120832 _____ (Microsoft Corporation) C:\windows\system32\BluetoothApis.dll
2017-05-10 20:07 - 2017-04-28 02:00 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\Windows.StateRepositoryBroker.dll
2017-05-10 20:07 - 2017-04-28 01:59 - 00567296 _____ (Microsoft Corporation) C:\windows\system32\DevicePairing.dll
2017-05-10 20:07 - 2017-04-28 01:59 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2017-05-10 20:07 - 2017-04-28 01:58 - 00150016 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.AppDefaults.dll
2017-05-10 20:07 - 2017-04-28 01:58 - 00130560 _____ (Microsoft Corporation) C:\windows\system32\ConsentUX.dll
2017-05-10 20:07 - 2017-04-28 01:57 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\dafBth.dll
2017-05-10 20:07 - 2017-04-28 01:57 - 00157184 _____ (Microsoft Corporation) C:\windows\system32\bthserv.dll
2017-05-10 20:07 - 2017-04-28 01:56 - 00267264 _____ (Microsoft Corporation) C:\windows\system32\vaultcli.dll
2017-05-10 20:07 - 2017-04-28 01:55 - 00231424 _____ (Microsoft Corporation) C:\windows\system32\bthprops.cpl
2017-05-10 20:07 - 2017-04-28 01:50 - 01476608 _____ (Microsoft Corporation) C:\windows\system32\RecoveryDrive.exe
2017-05-10 20:07 - 2017-04-28 01:50 - 00380416 _____ (Microsoft Corporation) C:\windows\system32\LocationApi.dll
2017-05-10 20:07 - 2017-04-28 01:50 - 00338944 _____ (Microsoft Corporation) C:\windows\system32\adsnt.dll
2017-05-10 20:07 - 2017-04-28 01:48 - 00337920 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll
2017-05-10 20:07 - 2017-04-28 01:47 - 00649216 _____ (Microsoft Corporation) C:\windows\system32\vds.exe
2017-05-10 20:07 - 2017-04-28 01:46 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\wbengine.exe
2017-05-10 20:07 - 2017-04-28 01:46 - 01443328 _____ (Microsoft Corporation) C:\windows\system32\VSSVC.exe
2017-05-10 20:07 - 2017-04-28 01:46 - 00501248 _____ (Microsoft Corporation) C:\windows\system32\imapi2.dll
2017-05-10 20:07 - 2017-04-28 01:46 - 00374784 _____ (Microsoft Corporation) C:\windows\system32\resutils.dll
2017-05-10 20:07 - 2017-04-28 01:45 - 00130560 _____ (Microsoft Corporation) C:\windows\system32\SpaceAgent.exe
2017-05-10 20:07 - 2017-04-28 01:43 - 00600576 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2017-05-10 20:07 - 2017-04-28 01:43 - 00560128 _____ (Microsoft Corporation) C:\windows\system32\AppReadiness.dll
2017-05-10 20:07 - 2017-04-28 01:41 - 00890368 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2017-05-10 20:07 - 2017-04-28 01:41 - 00828416 _____ (Microsoft Corporation) C:\windows\system32\appwiz.cpl
2017-05-10 20:07 - 2017-04-28 01:40 - 00886784 _____ (Microsoft Corporation) C:\windows\system32\CPFilters.dll
2017-05-10 20:07 - 2017-04-28 01:40 - 00770560 _____ (Microsoft Corporation) C:\windows\system32\bisrv.dll
2017-05-10 20:07 - 2017-04-28 01:39 - 00673792 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2017-05-10 20:07 - 2017-04-28 01:34 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\spaceman.exe
2017-05-10 20:07 - 2017-04-28 01:33 - 01817088 _____ (Microsoft Corporation) C:\windows\system32\ResetEngine.dll
2017-05-08 06:36 - 2017-05-08 06:36 - 00001213 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-05-06 09:06 - 2017-05-06 09:06 - 00380724 _____ C:\windows\Minidump\050617-7000-01.dmp
2017-04-30 22:56 - 2017-05-13 21:32 - 00001753 _____ C:\Users\Floh\Desktop\Neues Textdokument.txt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-28 20:37 - 2016-08-10 11:49 - 00000000 ____D C:\windows\system32\SleepStudy
2017-05-28 19:56 - 2016-08-10 16:29 - 01859918 _____ C:\windows\system32\perfh007.dat
2017-05-28 19:56 - 2016-08-10 16:29 - 00626176 _____ C:\windows\system32\perfc007.dat
2017-05-28 19:56 - 2016-08-10 11:57 - 04510752 _____ C:\windows\system32\PerfStringBackup.INI
2017-05-28 19:51 - 2017-01-23 19:13 - 00000000 ____D C:\Users\Public\Documents\phase6_18_Daten
2017-05-28 19:51 - 2016-12-30 15:10 - 00000000 ____D C:\Users\Floh\AppData\LocalLow\Mozilla
2017-05-28 19:51 - 2016-12-18 16:58 - 00000000 ____D C:\Users\Floh
2017-05-28 19:50 - 2016-08-12 13:27 - 00065536 _____ C:\windows\system32\spu_storage.bin
2017-05-28 19:50 - 2016-08-10 11:49 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-05-28 19:50 - 2016-07-16 08:04 - 00524288 _____ C:\windows\system32\config\BBI
2017-05-28 12:11 - 2016-12-30 20:26 - 00000000 ____D C:\Users\Floh\AppData\Local\Warframe
2017-05-28 09:49 - 2016-07-16 13:45 - 00000000 ____D C:\windows\INF
2017-05-28 08:07 - 2016-07-16 13:47 - 00000000 ____D C:\windows\AppReadiness
2017-05-27 11:07 - 2016-12-18 16:59 - 00000000 ____D C:\Users\Floh\AppData\Local\Packages
2017-05-27 11:06 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-26 08:02 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-26 08:01 - 2016-08-11 11:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-24 20:26 - 2016-07-16 13:47 - 00000000 ____D C:\windows\system32\appraiser
2017-05-24 20:26 - 2016-07-16 13:36 - 00000000 ____D C:\windows\CbsTemp
2017-05-24 08:04 - 2016-08-11 14:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-23 20:13 - 2016-12-31 13:39 - 00000000 ____D C:\windows\system32\MRT
2017-05-23 20:12 - 2016-12-31 13:39 - 132223576 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-05-22 17:13 - 2016-12-30 15:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-22 17:13 - 2016-12-30 15:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-17 15:25 - 2017-03-06 18:26 - 00000000 ____D C:\ProgramData\AMD
2017-05-17 15:25 - 2017-03-01 09:15 - 00000000 ____D C:\Program Files\AMD
2017-05-17 15:25 - 2016-12-30 15:16 - 00000000 ____D C:\AMD
2017-05-16 18:06 - 2017-01-25 02:29 - 01516416 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atiadlxx.dll
2017-05-16 18:06 - 2017-01-25 02:29 - 00777088 _____ (AMD) C:\windows\system32\atieclxx.exe
2017-05-16 18:06 - 2017-01-25 02:29 - 00551808 _____ (AMD) C:\windows\system32\atiesrxx.exe
2017-05-16 18:06 - 2017-01-25 02:29 - 00278400 _____ C:\windows\system32\clinfo.exe
2017-05-16 18:06 - 2017-01-25 02:29 - 00029048 _____ (Microsoft Corporation) C:\windows\SysWOW64\detoured.dll
2017-05-16 18:06 - 2016-08-11 12:50 - 00365440 _____ C:\windows\SysWOW64\GameManager32.dll
2017-05-16 18:06 - 2016-08-11 12:50 - 00276352 _____ C:\windows\system32\hsa-thunk64.dll
2017-05-16 18:06 - 2016-08-11 12:50 - 00191360 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\mantle64.dll
2017-05-16 18:06 - 2016-08-11 12:50 - 00169856 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\mantleaxl64.dll
2017-05-16 18:06 - 2016-08-11 12:50 - 00150912 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\mantle32.dll
2017-05-16 18:06 - 2016-08-11 12:50 - 00135040 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\mantleaxl32.dll
2017-05-14 22:13 - 2017-01-22 14:50 - 858491974 _____ C:\windows\MEMORY.DMP
2017-05-14 22:13 - 2017-01-22 14:50 - 00000000 ____D C:\windows\Minidump
2017-05-13 18:24 - 2016-07-16 13:47 - 00000000 ____D C:\windows\rescache
2017-05-13 15:22 - 2017-01-03 13:20 - 00000000 ____D C:\Users\Floh\AppData\Local\Adobe
2017-05-13 15:22 - 2016-07-16 13:47 - 00000000 ____D C:\windows\SysWOW64\Macromed
2017-05-13 15:22 - 2016-07-16 13:47 - 00000000 ____D C:\windows\system32\Macromed
2017-05-11 07:13 - 2016-08-10 11:52 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-11 07:07 - 2016-08-10 11:49 - 00358496 _____ C:\windows\system32\FNTCACHE.DAT
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ___SD C:\windows\SysWOW64\F12
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ___SD C:\windows\system32\F12
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ___RD C:\windows\ImmersiveControlPanel
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ____D C:\windows\system32\SystemResetPlatform
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ____D C:\windows\system32\oobe
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ____D C:\windows\ShellExperiences
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ____D C:\windows\Provisioning
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ____D C:\windows\PolicyDefinitions
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-10 22:37 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-10 22:37 - 2016-07-16 08:04 - 00000000 ____D C:\windows\SysWOW64\Dism
2017-05-10 19:50 - 2016-07-16 13:42 - 00073728 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll
2017-05-08 06:36 - 2016-12-30 15:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-05-08 06:35 - 2016-08-11 14:14 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-05 22:39 - 2016-12-30 17:10 - 00000000 ____D C:\Users\Floh\AppData\Roaming\Origin
2017-05-05 22:39 - 2016-12-30 17:06 - 00000000 ____D C:\ProgramData\Origin
2017-04-29 02:59 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2017-04-29 02:59 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-28 03:01 - 2016-08-10 11:54 - 02717184 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-12-18 16:59 - 2017-05-28 19:51 - 16222185 _____ () C:\Users\Floh\AppData\Local\BTServer.log
2016-08-11 14:32 - 2016-08-11 14:32 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-28 12:24

==================== Ende von FRST.txt ============================

Rakdos · 28.05.2017, 19:52

Addition

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-05-2017
durchgeführt von Floh (28-05-2017 20:48:35)
Gestartet von C:\Users\Floh\Desktop
Windows 10 Home Version 1607 (X64) (2016-12-18 14:51:20)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-638367787-3787977131-1498176509-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-638367787-3787977131-1498176509-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-638367787-3787977131-1498176509-1000 - Limited - Disabled) => C:\Users\defaultuser0
Floh (S-1-5-21-638367787-3787977131-1498176509-1001 - Administrator - Enabled) => C:\Users\Floh
Gast (S-1-5-21-638367787-3787977131-1498176509-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
Antichamber (HKLM\...\Steam App 219890) (Version:  - Alexander Bruce)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.26.48 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{0b46d918-af4f-4612-8076-5c0ae67cb2aa}) (Version: 1.2.81.41506 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{897e4d08-9554-48e9-ba07-ce6040867fa3}) (Version: 1.2.83.46341 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.83.46341 - Avira Operations GmbH & Co. KG) Hidden
Battlefleet Gothic: Armada (HKLM\...\Steam App 363680) (Version:  - Tindalos Interactive)
Binary Domain (HKLM\...\Steam App 203750) (Version:  - Devil's Details)
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.4118.0 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.5115 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.5115 - CyberLink Corp.) Hidden
Dishonored (HKLM\...\Steam App 205100) (Version:  - Arkane Studios)
FTL: Faster Than Light (HKLM\...\Steam App 212680) (Version:  - Subset Games)
Galactic Civilizations I: Ultimate Edition (HKLM\...\Steam App 214150) (Version:  - Stardock Entertainment)
Grey Goo (HKLM\...\Steam App 290790) (Version:  - Petroglyph)
Homeworld Remastered Collection (HKLM\...\Steam App 244160) (Version:  - Gearbox Software)
Hotline Miami (HKLM\...\Steam App 219150) (Version:  - Dennaton Games)
Hotline Miami 2: Wrong Number (HKLM\...\Steam App 274170) (Version:  - Dennaton Games)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1159 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Life App Explorer (HKU\S-1-5-21-638367787-3787977131-1498176509-1000\...\Host App Service) (Version: 0.272.1.252 - SweetLabs)
LIMBO (HKLM\...\Steam App 48000) (Version:  - Playdead)
LISA (HKLM\...\Steam App 335670) (Version:  - Dingaling)
LUFTRAUSERS (HKLM\...\Steam App 233150) (Version:  - Vlambeer)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
Metro 2033 (HKLM\...\Steam App 43110) (Version:  - 4A Games)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8067.2115 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-638367787-3787977131-1498176509-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 53.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 de)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.13 - Black Tree Gaming)
NOT A HERO (HKLM\...\Steam App 274270) (Version:  - Roll7)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7967.2073 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.9.38188 - Electronic Arts, Inc.)
phase6_18 (HKLM-x32\...\{20C3DEAF-801D-4C3E-9826-E62EE16DB7AB}) (Version: 1.80.0000 - phase6)
Prey (HKLM\...\Steam App 3970) (Version:  - Humanhead Studios)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.876.867.092115 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7564 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{B63CCD1C-A133-4DF8-8306-DA0387231152}) (Version: 1.00.0282 - REALTEK Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Skyrim Script Extender (SKSE) (HKLM\...\Steam App 365720) (Version:  - The SKSE Team)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sunless Sea (HKLM\...\Steam App 304650) (Version:  - Failbetter Games)
SUPERHOT (HKLM\...\Steam App 322500) (Version:  - SUPERHOT Team)
SupportAPP (HKLM\...\{0000A0AB-3A12-1EF4-A21C-9ADE1843AB04}) (Version: 1.1 - )
The Binding of Isaac (HKLM\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
This War of Mine (HKLM\...\Steam App 282070) (Version:  - 11 bit studios)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Valkyria Chronicles™ (HKLM\...\Steam App 294860) (Version:  - SEGA)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Warframe (HKLM\...\Steam App 230410) (Version:  - Digital Extremes)
Warhammer 40,000 Space Marine (HKLM\...\Steam App 55150) (Version:  - Relic)
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM\...\Steam App 20570) (Version:  - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM\...\Steam App 56400) (Version:  - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II (HKLM\...\Steam App 15620) (Version:  - Relic Entertainment)
XCOM: Enemy Unknown (HKLM\...\Steam App 200510) (Version:  - Firaxis Games)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {08665561-B73E-4DDE-B9E0-23B2F0F15EC6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {44454128-0EF9-421B-B0C2-F72969E18B9F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
Task: {629FC0E5-C039-4AFB-81A9-F344EE3FFF15} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-26] (Microsoft Corporation)
Task: {B0E03B1B-FD11-490D-BD08-D239308BD306} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {BD566748-CA6B-483B-8564-70DC1ADCDAA8} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [2016-01-08] (CyberLink Corp.)
Task: {BFBAD1DB-C5BA-4395-986E-275496DD9464} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-26] (Microsoft Corporation)
Task: {CF79F64E-8521-4785-844E-5FE4DEB30284} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {FE4C5C63-5759-49BD-B58D-488E475FE7D9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-26] (Microsoft Corporation)
Task: {FF2A155C-9513-47AE-9058-21F37DF00BAB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\windows\SYSTEM32\ism32k.dll
2017-05-10 20:08 - 2017-04-28 02:49 - 02681200 _____ () C:\windows\system32\CoreUIComponents.dll
2016-08-11 15:25 - 2015-07-20 21:19 - 00121560 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2016-08-11 15:55 - 2014-04-14 20:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-08-11 15:21 - 2014-12-12 19:24 - 00044760 _____ () C:\Windows\runSW.exe
2017-05-28 08:07 - 2017-05-09 16:38 - 02270672 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-12-31 13:36 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 18:59 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 19:00 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 19:00 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 19:00 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-10 20:08 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-10 20:08 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-11 15:25 - 2014-07-03 11:22 - 00277720 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\SkypePlugin.exe
2017-05-26 07:58 - 2017-05-26 07:58 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-26 07:58 - 2017-05-26 07:58 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-26 07:58 - 2017-05-26 07:58 - 43202048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-26 07:58 - 2017-05-26 07:58 - 02442752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\skypert.dll
2017-05-05 08:00 - 2017-05-05 08:01 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-05-05 08:00 - 2017-05-05 08:01 - 26322944 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-05-05 08:00 - 2017-05-05 08:01 - 00441856 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-05-05 08:00 - 2017-05-05 08:01 - 02139648 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-05-05 08:00 - 2017-05-05 08:01 - 02901928 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-05-05 08:00 - 2017-05-05 08:01 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2016-12-30 19:40 - 2016-12-30 19:40 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-05-05 08:00 - 2017-05-05 08:01 - 00641024 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-05 08:00 - 2017-05-05 08:01 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2017-05-05 18:54 - 2017-05-05 18:54 - 02493440 _____ () D:\Origin\libGLESv2.dll
2017-03-23 14:32 - 2017-03-10 02:13 - 00674592 _____ () D:\Steam\SDL2.dll
2016-12-30 16:50 - 2016-09-01 03:02 - 04969248 _____ () D:\Steam\v8.dll
2017-04-27 13:05 - 2017-04-26 01:55 - 02465056 _____ () D:\Steam\video.dll
2016-12-30 16:50 - 2016-01-27 09:49 - 02549760 _____ () D:\Steam\libavcodec-56.dll
2016-12-30 16:50 - 2016-01-27 09:49 - 00491008 _____ () D:\Steam\libavformat-56.dll
2016-12-30 16:50 - 2016-01-27 09:49 - 00332800 _____ () D:\Steam\libavresample-2.dll
2016-12-30 16:50 - 2016-01-27 09:49 - 00442880 _____ () D:\Steam\libavutil-54.dll
2016-12-30 16:50 - 2016-01-27 09:49 - 00485888 _____ () D:\Steam\libswscale-3.dll
2016-12-30 16:50 - 2016-09-01 03:02 - 01563936 _____ () D:\Steam\icui18n.dll
2016-12-30 16:50 - 2016-09-01 03:02 - 01195296 _____ () D:\Steam\icuuc.dll
2017-04-27 13:05 - 2017-04-26 01:55 - 00848672 _____ () D:\Steam\bin\chromehtml.DLL
2016-12-30 16:50 - 2016-07-05 00:17 - 00266560 _____ () D:\Steam\openvr_api.dll
2016-08-11 15:54 - 2014-12-08 09:28 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2014-12-08 17:28 - 2014-12-08 17:28 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2017-03-10 08:29 - 2017-01-30 23:41 - 68875552 _____ () D:\Steam\bin\cef\cef.win7\libcef.dll
2017-04-27 13:05 - 2017-04-26 01:55 - 00383776 _____ () D:\Steam\steam.dll
2016-12-30 16:50 - 2015-09-25 01:52 - 00119208 _____ () D:\Steam\winh264.dll
2015-07-22 02:18 - 2015-07-22 02:18 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-05-05 18:54 - 2017-05-05 18:54 - 00012288 _____ () D:\Origin\libEGL.DLL

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-638367787-3787977131-1498176509-1001\...\sharepoint.com -> hxxps://kettelerkolleg-files.sharepoint.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 13:47 - 2016-07-16 13:45 - 00000824 _____ C:\windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-638367787-3787977131-1498176509-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-638367787-3787977131-1498176509-1001\Control Panel\Desktop\\Wallpaper -> I:\General\Scenery\All+right+i+ll+give+you+this+instead+_40f57feac904ddf8eff0fa6b078fda87.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{9EC93779-6D43-4ED7-A1D6-848A6D876D1E}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{90A222DB-3083-4110-BA58-0F782AC4678F}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{00DE5B64-48AF-491D-841F-9B7EA716F71C}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{D2127402-3B54-47AC-B955-6BC54F479BAF}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{599E4730-E7B7-465E-B02C-0F7946694FCF}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{877ED357-D114-4DD4-A31B-0A707F616417}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{9C02783F-D7E8-44F5-B8B8-D2B8DF4AC97D}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{73A174DA-3C16-44B0-BBFB-9655E71EEFDB}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{46A92990-18BC-4DA3-A5B0-3F28BC7B0DC5}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{28386161-1E21-4CC3-A4AA-104F5B2F3AC8}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{DA8FC09F-F22C-4D3A-9858-855D6F3495DC}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{916ABEAB-41D0-4ED6-BBE6-9DD8C6AABF84}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{C400333B-AF38-4F68-B4D1-1385F7ACF799}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{4BFFD558-4995-4384-BEA1-C0D33139B678}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{DA88DA92-20D2-4B73-A313-9B65EC199939}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{057DBD49-66AE-46D6-94C8-6FEABC05F43D}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/28/2017 08:46:34 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\cyberlink\photodirector6\kernel\ces\CES_CacheAgent.exe.Manifest".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/28/2017 08:46:34 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\cyberlink\photodirector6\kernel\ces\CES_AudioCacheAgent.exe.Manifest".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/28/2017 08:46:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Error: (05/28/2017 08:46:13 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Error: (05/28/2017 08:46:02 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (05/28/2017 08:46:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Error: (05/28/2017 07:59:08 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\cyberlink\photodirector6\kernel\ces\CES_CacheAgent.exe.Manifest".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/28/2017 07:59:08 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\cyberlink\photodirector6\kernel\ces\CES_AudioCacheAgent.exe.Manifest".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/28/2017 07:58:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Error: (05/28/2017 07:58:18 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.


Systemfehler:
=============
Error: (05/28/2017 08:01:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (05/28/2017 08:01:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Floh\AppData\Local\Temp\ehdrv.sys

Error: (05/28/2017 08:01:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (05/28/2017 08:01:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Floh\AppData\Local\Temp\ehdrv.sys

Error: (05/28/2017 08:01:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (05/28/2017 08:01:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Floh\AppData\Local\Temp\ehdrv.sys

Error: (05/28/2017 07:58:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (05/28/2017 07:58:44 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Floh\AppData\Local\Temp\ehdrv.sys

Error: (05/28/2017 07:58:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (05/28/2017 07:58:44 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Floh\AppData\Local\Temp\ehdrv.sys


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-6402P CPU @ 2.80GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 8146.64 MB
Verfügbarer physikalischer RAM: 4948.79 MB
Summe virtueller Speicher: 9426.64 MB
Verfügbarer virtueller Speicher: 5313.41 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:117.64 GB) (Free:80.67 GB) NTFS
Drive d: (Data) (Fixed) (Total:871.51 GB) (Free:665.87 GB) NTFS
Drive e: (Recover) (Fixed) (Total:60 GB) (Free:42.47 GB) NTFS
Drive g: (PHASE_6_18) (CDROM) (Total:0.18 GB) (Free:0 GB) CDFS
Drive i: (BILDER) (Removable) (Total:28.89 GB) (Free:5.66 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8ABE4A17)

Partition: GPT.

========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: 8ABE4A28)

Partition: GPT.

========================================================
Disk: 2 (Size: 28.9 GB) (Disk ID: 1A4C74CE)
Partition 1: (Active) - (Size=28.9 GB) - (Type=0B)

==================== Ende von Addition.txt ============================

Antwort zur Frage:
Soweit ich erkennen kann, gibt es keine weiteren Probleme mit Pop-ups oder sonstigen Erscheinungen. Ich werde allerdings PunkBuster und das dazugehörige Battlefield entfernen, da es als Malware identifiziert wurde.

M-K-D-B · 29.05.2017, 15:15

Servus,

Gib in das Cortana-Suchfeld (Textfeld links unten in der Taskleiste) "Aufgabenplanung" ein und drücke Enter.
Wähle links Aufgabenplanugsbibliothek > Microsoft > Office aus.
Wähle den Task OfficeBackgroundTaskHandlerRegistration aus und klicke rechts auf Deaktivieren.
Schließe die Aufgabenplanung wieder.

Dann wären wir durch!
Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

Vielleicht möchtest du das Forum mit einer kleinen Spende unterstützen.

Hinweise:
Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

Cleanup
Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.
Starte deinen Rechner zum Abschluss neu auf.

Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst du diese bedenkenlos löschen.

Virenscanner + Firewall
Vorab sei erwähnt, dass man niemals die Schutzwirkung eines Virenscanners überbewerten darf! Kein Antivirusprogramm erkennt 100% der Schadsoftware.

Sofern du noch unentschieden bist, verwende MAXIMAL EIN EINZIGES der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

Emsisoft Anti-Malware (kostenpflichtig)
ESET NOD32 Antivirus (kostenpflichtig)
Microsoft Security Essentials (kostenlos)

Microsoft Security Essentials (MSE) / Windows Defender (WD) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE/WD entschieden hast, brauchst du nicht extra MSE/WD zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.

Verwende immer nur reine Virenscanner (keine Produkte mit "Suite", "Internet Security", "Endpoint" oder "Total Security" in Namen, denn diese bringen kontraproduktive Firewalls mit - die Windows-Firewall ist alles was benötigt wird)

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware , AdwCleaner und mit dem ESET Online Scanner scannen.
Diese Programme sind alle kostenlos und stören nicht den Betrieb deines Antivirenprogramms.

Absicherungen
Beim Betriebsystem Windows ist es wichtig, die automatischen Updates zu aktivieren.
Auch sicherheitsrelevante Software sollte immer in aktueller Version vorliegen.

Das zeitnahe Einspielen von Updates ist erforderlich, damit Sicherheitslücken geschlossen werden. Sicherheitslücken werden beispielsweise dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.

Besonders aufpassen bzgl. der Aktualität musst du insbesondere bei folgender Software - sofern diese überhaupt benötigt wird:

Browser (Internet Explorer, Edge, Firefox, Chrome, Opera, etc.)
Flash-Player
Java
Adobe Reader

Optionale Browsererweiterungen

Adblock Plus oder uBlock Origin (Firefox - Chrome) - können Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren
NoScript - verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. NoScript kann gerade bei technisch nicht allzu versierten Nutzern beim Surfen zum Nervfaktor werden; ob das Tool geeignet ist, muss jeder selbst mal ausprobieren und dann für sich entscheiden.

Grundsätzliches

Ändere regelmäßig deine Online-Passwörter und erstelle regelmäßig Backups deiner wichtigen Dateien oder des Systems. Genaueres dazu findest du unten im Lesestoff zu Backups.
Lade keine Software von Chip, Softonic, SourceForge oder VLC.de. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
Lade Software von einem sauberen Portal wie oder direkt beim jeweiligen Hersteller / Entwickler.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne die Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten bis nicht belegbar. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht.
Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Lesestoff:
Backup-/Image-Tools

Damit man sinnvolle Backups hat, muss man regelmäßig (z. B. wöchentlich) ein Image auf eine separate externe Festplatte erstellen. Diese externe Festplatte wird nur dann angeschlossen, wenn man das Backup erstellen will (oder etwas wiederherstellen muss), ansonsten bleibt sie aus Sicherheitsgründen sicher im Schrank verwahrt - allein schon aus dem Grund, die Backups vor "Verschlüsselungstrojanern" zu schützen.

Du solltest dich für eines der folgenden Programmen entscheiden und damit regelmäßig deine Daten sichern.

Optioin 1 - Drivesnapshot
Drive Snapshot - Disk Image Backup for Windows NT/2000/XP/2003/X64

Download (32-Bit) => http://www.drivesnapshot.de/download/snapshot.exe
Download (64-Bit) => http://www.drivesnapshot.de/download/snapshot64.exe

Screenshots:
http://www.drivesnapshot.de/images/startup.png
http://www.drivesnapshot.de/images/save3.png

Option 2 - Seagate DiscWizard
Seagate DiscWizard - Download - Filepony

Screenshots:
http://filepony.de/screenshot/seagate_discwizard5.jpg
http://filepony.de/screenshot/seagate_discwizard4.png
http://filepony.de/screenshot/seagate_discwizard3.jpg

Option 3 - Acronis TrueImage WD Edition
Acronis True Image WD Edition - Download - Filepony

Screenshots:
http://filepony.de/screenshot/acroni...d_edition1.jpg
http://filepony.de/screenshot/acroni...d_edition2.jpg

M-K-D-B · 01.06.2017, 19:17

Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine Profilnachricht inklusive Link zum Thema.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.