| |
| |||||||
Log-Analyse und Auswertung: Kontrolle meiner Logs plsWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
27.05.2017, 23:52
| #1 |
| |  Kontrolle meiner Logs pls Moin, ich wollte mich jetzt mal an euch wenden mir kommt mein System bissel komisch vor. Es waren paar Viren/Trojaner oder ähnliche Sachen drauf. Habe aber leider keine Logs mehr. Genutzt hab ich folgende Programme: Adwcleaner Eset hitmanpro Junkware Removal Tool Malwarebytes 3 sc cleaner also anzeigen tun mir die Programme nix mehr. Wollte trotzdem mal die Logs von FRST hochladen das vieleicht jemand drüber schauen könnte.  FRST Teil 1 Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2017
Ran by wuens (administrator) on DESKTOP-8PV836F (28-05-2017 00:39:56)
Running from C:\Users\wuens\Desktop
Loaded Profiles: wuens (Available Profiles: wuens)
Platform: Windows 10 Pro Version 1703 (X64) Language: Englisch (Vereinigte Staaten)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
() C:\Windows\KMS-R@1n.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(CMedia) C:\Program Files\UNi Xonar Audio\Customapp\AsusAudioCenter.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Azureus Software, Inc) C:\Program Files\Vuze\Azureus.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Giulio Sosio) C:\Users\wuens\Desktop\XonarSwitch.exe
(Twitch Interactive, Inc.) C:\Users\wuens\AppData\Roaming\Curse Client\Bin\Twitch.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(Twitch Interactive, Inc.) C:\Users\wuens\AppData\Roaming\Curse Client\Bin\Electron\TwitchUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Twitch Interactive, Inc.) C:\Users\wuens\AppData\Roaming\Curse Client\Bin\Electron\TwitchUI.exe
(Twitch Interactive, Inc.) C:\Users\wuens\AppData\Roaming\Curse Client\Bin\Electron\TwitchUI.exe
(Twitch Interactive, Inc.) C:\Users\wuens\AppData\Roaming\Curse Client\Bin\Electron\TwitchUI.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Blizzard Entertainment) D:\Program Files (x86)\Warcraft III\war3.exe
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_25_0_0_171.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_25_0_0_171.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Cmaudio8788] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\WINDOWS\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\WINDOWS\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-03-22] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-04-13] (Razer Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [555832 2014-03-05] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1967328 2017-04-26] ()
HKU\S-1-5-21-2322370783-745731414-697882459-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2016-12-16] (Glarysoft Ltd)
HKU\S-1-5-21-2322370783-745731414-697882459-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-2322370783-745731414-697882459-1001\...\Run: [Spotify] => C:\Users\wuens\AppData\Roaming\Spotify\Spotify.exe [7067760 2017-02-17] (Spotify Ltd)
HKU\S-1-5-21-2322370783-745731414-697882459-1001\...\Run: [Azureus] => C:\Program Files\Vuze\Azureus.exe [444552 2017-03-01] (Azureus Software, Inc)
HKU\S-1-5-21-2322370783-745731414-697882459-1001\...\Run: [XonarSwitch] => C:\Users\wuens\Desktop\XonarSwitch.ex
HKU\S-1-5-21-2322370783-745731414-697882459-1001\...\MountPoints2: {9124a403-c7a4-11e6-b040-ac220bc16b43} - "F:\setup.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Startup: C:\Users\wuens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-05-17]
ShortcutTarget: Twitch.lnk -> C:\Users\wuens\AppData\Roaming\Curse Client\Bin\Twitch.exe (Twitch Interactive, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4b06580c-4825-4f12-b3de-0e21df74d765}: [DhcpNameServer] 192.168.178.1
ManualProxies:
Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-04-28] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-28] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-28] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-28] (Oracle Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: ozzprux4.default
FF ProfilePath: C:\Users\wuens\AppData\Roaming\Mozilla\Firefox\Profiles\ozzprux4.default [2017-05-28]
FF Homepage: Mozilla\Firefox\Profiles\ozzprux4.default -> google.de
FF Extension: (Adblock Plus) - C:\Users\wuens\AppData\Roaming\Mozilla\Firefox\Profiles\ozzprux4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-05-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-11] ()
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-28] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1228198.dll [2017-02-27] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936456 2015-05-14] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-09-09] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe [384000 2014-10-11] (ASUSTeK Computer Inc.) [File not signed]
S3 debugregsvc; C:\WINDOWS\System32\debugregsvc.dll [74752 2017-03-17] (Microsoft Corporation)
S3 DeveloperToolsService; C:\WINDOWS\System32\DeveloperToolsSvc.exe [103936 2017-03-17] (Microsoft Corporation)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [383016 2017-05-24] (EasyAntiCheat Ltd)
U2 HiPatchService; d:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-04-17] (Hi-Rez Studios) [File not signed]
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2016-12-21] () [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-05-03] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2121736 2017-02-06] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2183696 2017-02-06] (Electronic Arts)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [401024 2017-05-02] (Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [178312 2017-05-02] (Razer Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-19] (Microsoft Corporation)
S3 SshBroker; C:\WINDOWS\System32\SshBroker.dll [373760 2017-03-17] (Microsoft Corporation)
S3 SshProxy; C:\WINDOWS\System32\SshProxy.dll [266240 2017-03-17] (Microsoft Corporation)
S2 terana; C:\Users\wuens\AppData\Local\terana\terana.dll [908288 2017-05-27] (IntertSect Alliance Pty Ltd) [File not signed] <==== ATTENTION
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S4 WebManagement; C:\WINDOWS\system32\WebManagement.exe [1034240 2017-03-17] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [472800 2017-03-21] (Wondershare)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15368 2015-05-14] ()
R3 cmudaxp; C:\WINDOWS\system32\drivers\cmudaxp.sys [2818168 2016-06-22] (C-Media Inc)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2016-12-21] (Glarysoft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-12-21] (REALiX(tm))
R3 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2014-10-11] (ASUSTeK Computer Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a2b0acab06663645\nvlddmkm.sys [14456944 2017-05-02] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-05-02] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [947712 2017-03-21] (Realtek )
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [52240 2016-10-30] (Razer Inc)
R3 rzmpos; C:\WINDOWS\System32\drivers\rzmpos.sys [48144 2016-10-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-28 00:39 - 2017-05-28 00:40 - 00017371 _____ C:\Users\wuens\Desktop\FRST.txt
2017-05-28 00:39 - 2017-05-28 00:39 - 02429952 _____ (Farbar) C:\Users\wuens\Desktop\FRST64.exe
2017-05-28 00:39 - 2017-05-28 00:39 - 00000000 ____D C:\FRST
2017-05-28 00:14 - 2017-05-28 00:14 - 00000000 ____D C:\Program Files\HitmanPro
2017-05-28 00:12 - 2017-05-28 00:12 - 00000224 _____ C:\WINDOWS\system32\.crusader
2017-05-27 23:52 - 2017-05-27 23:52 - 00000000 ____D C:\Program Files (x86)\ESET
2017-05-27 20:12 - 2017-05-28 00:13 - 00187320 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-27 20:12 - 2017-05-28 00:13 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-27 20:12 - 2017-05-28 00:13 - 00093624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-27 20:12 - 2017-05-28 00:13 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-27 20:12 - 2017-05-27 20:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-27 20:12 - 2017-05-27 20:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-27 20:12 - 2017-05-27 20:12 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-27 20:12 - 2017-05-09 16:37 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-27 20:04 - 2017-05-27 23:51 - 00000000 ____D C:\AdwCleaner
2017-05-27 18:06 - 2017-05-27 18:08 - 00250866 _____ C:\WINDOWS\ntbtlog.txt
2017-05-27 14:04 - 2017-05-27 14:04 - 00659500 _____ C:\WINDOWS\Minidump\052717-10546-01.dmp
2017-05-27 14:02 - 2017-05-27 14:02 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2017-05-27 14:02 - 2017-05-27 14:02 - 00000000 ____D C:\Users\wuens\AppData\Local\terana
2017-05-27 14:02 - 2017-05-27 14:02 - 00000000 ____D C:\Program Files (x86)\BJBMD
2017-05-27 14:02 - 2017-05-27 14:02 - 00000000 ____D C:\Program Files (x86)\{6CA0BF23-8E52-4D8D-A2A7-266CA0ABA229}
2017-05-26 19:09 - 2017-05-26 19:09 - 00034330 _____ C:\Users\wuens\Desktop\[Sound-Park.ru] Falco - Discography -.torrent
2017-05-26 19:08 - 2017-05-26 19:08 - 00037284 _____ C:\Users\wuens\Desktop\[Sound-Park.ru] Evanescence - Ð Ð Ñ Ð Ð Ð Ñ Ð Ñ Ð Ñ -.torrent
2017-05-24 07:35 - 2017-05-24 07:35 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-23 13:22 - 2017-05-26 19:16 - 00000000 ____D C:\Users\wuens\AppData\Roaming\Mp3tag
2017-05-22 23:48 - 2017-05-22 23:51 - 00000000 ____D C:\ProgramData\HitmanPro
2017-05-22 16:55 - 2017-05-22 16:55 - 00000000 ____D C:\ProgramData\AVS4YOU
2017-05-22 16:54 - 2017-05-22 16:54 - 00000000 ____D C:\Users\wuens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2017-05-22 16:54 - 2017-05-22 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2017-05-22 16:54 - 2017-05-22 16:54 - 00000000 ____D C:\Program Files (x86)\AVS4YOU
2017-05-21 12:06 - 2017-05-21 12:30 - 00000000 ____D C:\Users\wuens\AppData\Roaming\Tunngle
2017-05-21 12:06 - 2017-05-21 12:30 - 00000000 ____D C:\Program Files (x86)\Tunngle
2017-05-21 12:06 - 2016-04-26 15:10 - 00048824 _____ (Tunngle.net GmbH) C:\WINDOWS\system32\Drivers\tap0901t.sys
2017-05-21 11:14 - 2017-05-21 11:14 - 00000000 ____D C:\Users\wuens\AppData\Roaming\GarenaPlus
2017-05-21 11:13 - 2017-05-21 11:14 - 00000000 ____D C:\ProgramData\GarenaMessenger
2017-05-18 22:50 - 2017-05-23 07:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-18 19:21 - 2017-05-22 23:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-18 19:21 - 2017-05-18 19:21 - 00000000 ____D C:\Users\wuens\AppData\Roaming\Mozilla
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\zwjvhcytwbc
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\xibfo.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\uivgphjr
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\tzhdw
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\togl
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\tnlcyha
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\zzmbkjttcv.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\zyowns
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\zyadeizbstq.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\zxykwvw
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\zxntsmpkns
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\zxlhpcxet
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\zvybg
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\zvxxfsps
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\zvxuplfqaiv.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\zufsomdnqb
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\zprns
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\zph
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\znubd
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\zmulmsalvp.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\zmpm.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\zlvlgaoro.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\zkvadtmlfi
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\zkgl
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\zhbezzk.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\zgtn.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\zgdzvuq
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\zfxbo
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\zerryde
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\zdo
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\zbu.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\zayfbnltwb
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\yzvlitevcp
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\yztg.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ywjmsytb
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ywcotf.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\yueiza
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\yrvdebxgrzt
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\yruogei.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\yqwnxmuqkr.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\yqjwaqwjrgn
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ypwgam
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ypn
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ypb
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ynbpico.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\yjbyky
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\yifbtom
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\yhvfljhx
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\yft.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\yfguqg.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\yfddtyco.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\yeubbz
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\yeqc.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ybnso
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ybcwdcj.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\yajdu
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\yacxpunyz
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xxfxt
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xwolbkcl
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xwfjdkdtixu
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xuyoohmb
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xsdi
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xrjnqaxgslz
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xrjmwls.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xratz.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xogeiasqdx
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xnrwoffi.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xnaaiqyn
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xlaoaq
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xkiazoygsu.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xivldzk
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xitroqxj.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xhxj.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xhliavnncf.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xhjvdk
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xhi.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xhepiahgu.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xfor.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xei.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xdu.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xdnu
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xbwudob.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xbeumyws.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\xabxrnwognq.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wztapis.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wvpmojcpagc.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wvmaql.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wuienx.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wtkvqxla.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wriuwbh
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wrfmrz
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wqnbogohpa
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wpushbesv
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wpa
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wooq
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wnzrlwgymia
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wnwpuad
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wnwis
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wmsxmgb
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wmcwjfwebcg.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wmcbsqz
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wmaeoulj.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wltgfaapaxg
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wlagsxpfnjc
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wkaig
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wjjkwjxof.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wjd.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wio
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\winwis
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wgjy
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wgfzxqxc.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wgekhz
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wchut
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\wbyqcoru
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\vylysjgigsp
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\vydky
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\vxamvnvecd
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\vwx.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\vwvpxtf.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\vuzy.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\vutlo
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\vtccpjjxhbl.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\vrt
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\vrb
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\vqzkhuu
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\vpymgh.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\vlzenqzgwi
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\vlv
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\vltbvctcek
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\vlhw
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\vky.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\vhuya
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\vhgdwwy.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\vgkauki
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\vexcv.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\vekhfmquvd.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\vedcfvtun
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\vcwbqe
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\uykjvcews
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\uvhkeoo.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\uuknvmo.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\usbsjhq
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\urupvqobgah
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\urfoeuqrrvx
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\upwhfcfpq
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\upqsk.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\umckcky
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\umblkiu
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ukqsipcp
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ujurc
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ujupkolaxz.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ujmb
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ujemlvpjgb
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\uilhoi.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\uhgxcxne.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ugh.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\udixx.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ubomomrwsdk.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\uaqqwmjt.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\txkpazbbtc
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\tvumtdvg
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\tviuuwtwvs
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\tubh.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\tttpgilubhz.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\trpcwzo
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\trjhziwhqax
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\tqkrkktdw
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\tplabizkfi
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\tparier
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\tmksiwyo.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\tmiduq
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\tmhmpisgrjb
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\tjerrruiu.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\tixbprzs.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\tgysztaa.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\tgp.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\teatwcjgoq
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\tcu.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\szanch.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\sxngztzr
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\swucw
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\swrosmstc.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\swmx.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\svh.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\surl.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\strlohjio
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\sthnpbr.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\srt.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\srceeuuzog
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\sqrvkkbktxz.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\sntlrnm.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\slvwlpnaqo
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\slfzi.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\skjqlknoa.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\skcx.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\sjzadmi.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\sjfso
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\sghtkpu
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\sfxzlgg
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\sfsz.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\sbm
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\sao
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rzyxt
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rzuc.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rybqxma
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rxlxmq
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rwwmb
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rwumiig
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rvitifkhda.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ruwy.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rumiqlhw.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rtssxvscl
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rtsquze.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rrbddpfknf
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rquw
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rpz.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rnixg
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rnaxcorvnpm.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rmkgnn.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rlxrf
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rkdkyehqiv
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rjzxhrd
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rilkwzwyil.xml
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\riffaw.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rifbww.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rhw.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rhrrf
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rfmfahwb
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rfbddh.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rex.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rckntimj.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rbw
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rbou.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\rbc
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qzegqoobxiy.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qxbus.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qwdspx
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qvt
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\quqsl
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qttwzyei.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qswzofzltsi
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qsopsnklrnj.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qrpcq.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qqqt.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qqqewpfdl.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qqmnchoguw
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qpghwlpi.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qogqdj
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qnretzig.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qncintxhpbv
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qmlr
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qldlx
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qjhrojfdm
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qhyfrlwcpck
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qheefqe.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qebywplco
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qcyfwezkrw
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qcw
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qbvhrrhf
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qbt
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qbqeurlah
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qbdvroefxtf.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\qayekwvmsh
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\pwlwjlqf
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\pwalonerzam
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\pwa
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\pvsbacopgo.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\puxozpwjj.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ptuhkoey
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ptfcgaof.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ptcwmepfq.xml
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\psxulyb.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\psuezqksw.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\pqognjycvt.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\pqjjgvrcrr.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ppmurgqnqi
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\pplmagu.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\pjtdqi.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\pjjipw
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\phcioojd.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\pgsh
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\pgmxllhrgl
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\pffkxpns
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\pepxq
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\pefaimbebk.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\pedcjlq.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\pdqrcouep
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\pctk
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\pcpmvigyknw.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\pcnbisr
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\pclkwlz.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\pbzcnzjjax
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\pathdekgnl.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\oylo
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\oybbndhpat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\oxxpcqneqfk.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\oxsta
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ousspnt.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ourtunrnnc
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\otvbczqzr.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\otorwgb.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\otngpkqlgc
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\oqljnan
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\oqipw
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\opnaypiuh
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\opn
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\oofzxmm.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\oofsbkfk.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\oocihv
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ooaomuyhvz.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\onuhfaqdr.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\omgkwcqmzh
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\olwz
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\olvkvxg
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\olhitsu
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\olhdsirhbjm.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\olcfhmx.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\okbzdweogsf.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ojlw
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\oicryjbsxhd.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ohfmfxmgnvd
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ogn.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ogknbwh.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\odpeuveeirg
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\odklrkid
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\odieozehykz
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ocduhsoaeky.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\obfbsckxiuv
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\nysjggwyrz
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\nybrohbe
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\nvolurg
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\nvdkhnrqwn
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ntpp.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\nreadmitf
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\nqxtrw
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\npx
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\npuailglpt.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\noyqt
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\nnzey
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\nlzvfpgxhuw.xml
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\netcd.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ndpxrjvfik.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\narceunvfsr.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\mzquaye
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\mxdvmytw.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\mwzhlh.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\mwuwz.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\mvxgdkyrjxt
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\mvhxlyyr.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\mvfhxic
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\msbwl
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\mrprxeehpe
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\mpvauzxwdz
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\mpuqpwyjjoe.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\mpr
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\mlfml.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\mkyszmt
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\minowwpnhw.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\mimsxzkfsba
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\mhymnl.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\mhefcltipun.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\mftkul
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\mfpfkyzrxe
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\mflohpswrxl.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\mcrrrdylbyb.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\mbufohzbd.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\mbpbf.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\mbcuyqp
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\maynwlp.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\lzjqvgauzfs
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\lxjydaq.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\lwohwwxa
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\lwcnbd.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\lvzw.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\lvjfqnrfy.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ltm
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ltcbbxm
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\lrwldsbcq
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\lrotxpqhol
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\lqya.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\lqpksm
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\lptdlhqltgj
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\lnuzijew
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\lnm.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\lmti
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\lmkwvtfa.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\lljl
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\lklnirnii
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\litvwn
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\liif.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\lhlcj.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\lffhqjpt.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\lfdwrke
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\lex.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\lervczxc
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\lepkgvz
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ldypa
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ldna.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\lbial
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\kza
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\kykkyyjuomq
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\kxfziwiehxe
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ktkvvqws.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\kppamcnflm.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\kokjkgnayl.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\knkpjcuzkb
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\knk.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\kmgbr
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\kkxlvn
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\kkrk.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\kjvzwobzke.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\kjvgkvsar
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\kjj
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\khzpcmbe
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\kgqeevfnt.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\kfzlj
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\kfkegdfzsmf.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\kffzqte
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\kdi
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\kcd
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\kblu.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\kagoeryt
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\kaddzumq.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\jxvemnjznu
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\jxqxva.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\jvpytddxshm.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\jvanbm.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\junn
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\jtdznq
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\jsslx
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\jsgzsb
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\jscxtijpp.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\jresfclof
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\jmpx
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\jkne
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\jhvyfmljeob
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\jfuwpyqkkiu
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\jfilvhux
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\jes
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\jeoc
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\jecbuzopv.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\jdlshte
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\jclas
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\jazdltqdat.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\iyao
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ixrmyzmuf.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ivz.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\iuzsgndntd
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\itshnv.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ithugwck.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\isnvgwxvzx.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ipldozicq
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ipdnxhip
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\iooy
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\iobspad
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\imisiwl.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ilppyukvb.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ikvd.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ikugogpknz
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ikitzfwrlzd
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ihxkhtew
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\igy
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\igwyc
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ifwyys
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ifvbafbi.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ifhfyantlzc
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ifh
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\iecx
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\idzfxu
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\iduxw.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ict.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ibqvywo.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\iarssnndg
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\hzooveshuhi
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\hznd
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\hxpuo.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\hxokmtz.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\hwsfdvw
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\hvbzrysf
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\hulemjbpzih.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\huiqk
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\htzs.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\htubwk.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\htmhmor
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\hsxps
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\hrqwp
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\hrfumedgw.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\hqwxnfwmq.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\hqofa
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\hoboh.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\hmzimwaq.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\hiushfclfla.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\higwf
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\hhxjfatux.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\hgu.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\hgdxppghmnp.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\hfbtzuzg
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\hfaptb.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\hbqnkzjqm.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\hbduxvmv
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\gzswrdxw.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\gxveh.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\gxiglgpq.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\gwyphivwam
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\gwegf.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\gwcogj
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\gvsgjc
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\gtkrjpla
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\gsztiwpu
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\gswxesatox.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\gswssvrjl
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\gqr
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\gksspjwk.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\gjrxn.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\gityrsbrb
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\giemuzl.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ghgeryzg
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ghdvcccqxcv.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ggjxmqh.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\gfgr
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\gecrm.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\gdsbvd
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\gck
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\gcgii.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\gbx.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\gazeenlg
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ganwg
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\fzzu.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\fyvyvw.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\fxwpiwys
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\fxhn
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\fsopbrrnag
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\fsjfcnvfjr
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\frznpwqgbxt
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\fqat.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\fonbotjzdzr
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\fnyj.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\fnxe.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\fnwncbqssp.xml
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\fmlgoxxnn.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\fkuuzbgv.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\fjpkjgod
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\fhsongrcc
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\fhg
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\fhagevihj.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\fcibhhrxsu
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ezafudvoiyt.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\evpk
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\eswjlbv
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\erauoi
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\eqartqwjeg
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\epvvbcvej
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\epuzw.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\eng
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\eiwxqfsa
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ehe.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\egskehx.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\egeegu
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\efwxeovrva
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\eesejbzog.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\eebifxejokv
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\edsljcdivuy.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\edovnmlhmu.xml
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ecqooiby
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ebwmf
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ebeblkboibi
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\eafryqglx
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\dzna
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\dxrnzku.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\dtxfol
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\dqeavzgp.xml
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\dqajfj.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\dpfrqyaznoo
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\dows
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\dogequdlcho
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\dmuuqmc.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\dmtlsnues.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\dkfd.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\djzobvavx.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\dizbniz.xml
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\dgppwo.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\dgckkqqq.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\dfswulgomz.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\dfol.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\dfdenbmhi
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\detwvkklv.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\defhdp.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\dbsbm
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\daltzc
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\daflhn
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\cxoab
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\cwr
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ctxnogspj.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ctsn
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\cqbt.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\cprceg
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\cntaml.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\cjsvjsn
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\cixpn
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\civwzqm.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\cheng.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\cguaohd
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\cfclssx.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\cdntf.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\cbqynozbpo.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\cbgvboorrjj.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\cakqt
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\bzyz.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\bzkhikmncyf
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\byoqvakieh.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\bycuny
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\bxqecmpfn.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\bulcyfilrrd.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\bsxkwl.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\bsmobir.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\bpajjydv
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\bmpedqmgmxo
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\blxcchdo.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\bloulzqvnrd
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\bfsdlrscmiv
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\betjex.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\bacdzugy
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\azuxhafgo.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\azepwokxctz
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ayyyufnvi.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\axxvniyw
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\auqopa
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\auemdu.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\aso.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\arsimaqa
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\arembuqqlhl.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\aqluxxpvzxz
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\apluecjxljh.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\aotnjwxb.xml
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\alswcpnkwg
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\alpzadzk
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\akophcvl
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\akjgqsepny.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ajnzyssdz.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ajfm.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\aihwg
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\ahlkupje
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\agd
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\afocvlmwd
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\aesvs.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\adpgegoatcl
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\aclcvmx.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\abqj
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\SysWOW64\aaydghedumh
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\rnni.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\refyhravcw.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\qgqkumwr.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\pxluctu.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\pnaphwmzlgp
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\oaap
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\nhs
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\lzuovdq
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\lyi
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\lqrbl
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\kragnbr.dat
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\jnpltjziixr
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\iurduaasebj
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\hihw
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\grgqrvb
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\fas.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\err.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\ejxebk
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\eewo.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\ecisfvuhpa.ini
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\dwbwxg
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\dehidfjtpt
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\cpznhdhikek
2017-05-18 16:22 - 2017-05-18 16:22 - 00000032 _____ C:\WINDOWS\baxqskha.dat
2017-05-18 16:10 - 2017-05-18 16:10 - 00000000 ____D C:\Users\wuens\AppData\Local\Mos_Eisley_Main_A
2017-05-18 11:46 - 2017-05-18 11:46 - 00000000 ____D C:\ProgramData\USOShared
2017-05-18 11:46 - 2017-05-18 11:46 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-18 11:29 - 2017-05-28 00:13 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-18 08:48 - 2017-05-18 08:48 - 00000000 ____D C:\Users\wuens\AppData\Local\ElevatedDiagnostics
2017-05-18 08:09 - 2017-05-18 08:09 - 00000000 ____D C:\Users\wuens\AppData\Local\KADOKAWA
2017-05-17 19:30 - 2017-05-17 19:30 - 01207319 _____ C:\WINDOWS\unins000.exe
2017-05-17 18:44 - 2017-05-22 15:26 - 00000000 ____D C:\Users\wuens\Documents\Wondershare Video Converter Ultimate
2017-05-17 18:37 - 2017-05-22 16:55 - 00000000 ____D C:\Users\wuens\AppData\Roaming\AVS4YOU
2017-05-17 18:37 - 2010-05-11 13:17 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2017-05-17 18:19 - 2017-05-23 17:57 - 00000000 ____D C:\ProgramData\Wondershare Video Converter Ultimate
2017-05-17 18:19 - 2017-05-17 18:19 - 00000000 ____D C:\Users\wuens\Documents\Wondershare MediaServer
2017-05-17 18:19 - 2017-05-17 18:19 - 00000000 ____D C:\Users\wuens\AppData\Roaming\Wondershare Video Converter Ultimate
2017-05-17 18:19 - 2017-05-17 18:19 - 00000000 ____D C:\ProgramData\Wondershare
2017-05-17 18:19 - 2017-05-17 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2017-05-17 18:19 - 2017-05-17 18:19 - 00000000 ____D C:\Program Files (x86)\Wondershare
2017-05-17 18:19 - 2015-02-27 14:38 - 00721263 _____ () C:\WINDOWS\SysWOW64\WSCM64.dll
2017-05-17 18:19 - 2015-02-27 14:38 - 00214528 _____ () C:\WINDOWS\SysWOW64\WSCM32.dll
2017-05-17 18:19 - 2015-02-27 10:35 - 00000232 _____ C:\WINDOWS\SysWOW64\dllhost.exe.config
2017-05-17 18:15 - 2017-05-27 18:25 - 00000008 __RSH C:\Users\wuens\ntuser.pol
2017-05-17 18:07 - 2017-05-27 19:03 - 00004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2BFF24BE-1DE2-471E-87B5-2639B8A9DA3B}
2017-05-17 18:02 - 2017-05-17 18:02 - 00000000 ____D C:\WINDOWS\system32\sstmp
2017-05-17 18:02 - 2017-05-17 18:02 - 00000000 ____D C:\Users\wuens\AppData\Local\CrashRpt
2017-05-17 18:01 - 2016-05-05 13:23 - 00556216 __RSH (FFmpeg Project) C:\WINDOWS\SysWOW64\avutil-lav-55.dll
2017-05-17 18:01 - 2016-05-05 13:23 - 00537784 __RSH (FFmpeg Project) C:\WINDOWS\SysWOW64\swscale-lav-4.dll
2017-05-17 18:01 - 2016-05-05 13:23 - 00405176 __RSH (Intel Corp.) C:\WINDOWS\SysWOW64\IntelQuickSyncDecoder.dll
2017-05-17 18:01 - 2016-05-05 13:23 - 00276152 __RSH C:\WINDOWS\SysWOW64\libbluray.dll
2017-05-17 18:01 - 2016-05-05 13:23 - 00000493 __RSH C:\WINDOWS\SysWOW64\LAVFilters.Dependencies.manifest
2017-05-17 18:01 - 2016-05-05 13:22 - 10766520 __RSH (FFmpeg Project) C:\WINDOWS\SysWOW64\avcodec-lav-57.dll
2017-05-17 18:01 - 2016-05-05 13:22 - 01699000 __RSH (FFmpeg Project) C:\WINDOWS\SysWOW64\avformat-lav-57.dll
2017-05-17 18:01 - 2016-05-05 13:22 - 00188088 __RSH (FFmpeg Project) C:\WINDOWS\SysWOW64\avfilter-lav-6.dll
2017-05-17 18:01 - 2016-05-05 13:22 - 00160440 __RSH (FFmpeg Project) C:\WINDOWS\SysWOW64\avresample-lav-3.dll
2017-05-17 18:01 - 2004-10-10 09:50 - 00278528 _____ (Real Networks, Inc) C:\WINDOWS\SysWOW64\pncrt.dll
2017-05-17 18:01 - 2004-07-02 17:33 - 00327749 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\drvc.dll
2017-05-17 18:01 - 2004-04-05 10:31 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2017-05-17 18:01 - 2004-04-05 10:31 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2017-05-17 17:38 - 2017-05-17 18:18 - 00000000 ____D C:\Users\wuens\AppData\Roaming\Anvsoft
2017-05-16 13:27 - 2017-05-16 13:29 - 00000000 ____D C:\Users\wuens\Desktop\Bewerbung usw
2017-05-15 18:36 - 2017-05-15 18:36 - 00051627 _____ C:\WINDOWS\uninstaller.dat
2017-05-10 08:52 - 2017-05-10 08:52 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-10 08:52 - 2017-03-10 23:17 - 00536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-05-10 08:52 - 2017-03-10 23:17 - 00525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-05-10 08:52 - 2017-03-10 23:17 - 00254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-05-10 08:52 - 2017-03-10 23:17 - 00233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-05-10 08:51 - 2017-05-02 00:38 - 40201848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 35388864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 35281528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 28623480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 11056456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 11024384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 10547440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 09245744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 09014792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 08805232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 03792320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 03247736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 01278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 01276128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 01054144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 00995736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 00993872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 00991168 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 00960960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 00911992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 00821184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 00776048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 00688968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 00651200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 00618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 00612088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 00609912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 00577728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-05-10 08:51 - 2017-05-02 00:38 - 00499320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-05-10 08:37 - 2017-05-02 00:38 - 01988032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438205.dll
2017-05-10 08:37 - 2017-05-02 00:38 - 01589696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438205.dll
2017-05-10 08:36 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-10 08:36 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-10 08:36 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-10 08:36 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-10 08:36 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-10 08:36 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-10 08:36 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-10 08:36 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-10 08:36 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-10 08:36 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-10 08:36 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-10 08:36 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-10 08:36 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-10 08:36 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-10 08:36 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-10 08:36 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-10 08:36 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-10 08:36 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-10 08:36 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-10 08:36 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-10 08:36 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-10 08:36 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-10 08:36 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-10 08:36 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-10 08:36 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-10 08:36 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-10 08:36 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-10 08:36 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-10 08:36 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-10 08:36 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-10 08:36 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-10 08:36 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-10 08:36 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-10 08:36 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-10 08:36 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-10 08:36 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-10 08:36 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-10 08:36 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-10 08:36 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-10 08:36 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-10 08:36 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-10 08:36 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-10 08:36 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-10 08:36 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-10 08:36 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-10 08:36 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-10 08:36 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-10 08:36 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-10 08:36 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-10 08:36 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-10 08:36 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-10 08:36 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-10 08:36 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-10 08:36 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-10 08:36 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-10 08:36 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-10 08:36 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-10 08:36 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-10 08:36 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-10 08:36 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-10 08:36 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-10 08:36 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-10 08:36 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-10 08:36 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-10 08:36 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-10 08:36 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-10 08:36 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-10 08:36 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-10 08:36 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-10 08:36 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-10 08:36 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-10 08:36 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-10 08:36 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-10 08:36 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-10 08:36 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-10 08:36 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-10 08:36 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-10 08:36 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-10 08:36 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-10 08:36 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-10 08:36 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-10 08:36 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-10 08:36 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-10 08:36 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-10 08:36 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-10 08:36 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-10 08:36 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-10 08:36 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-10 08:36 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-10 08:36 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-10 08:36 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-10 08:36 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-10 08:36 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-10 08:36 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-10 08:36 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-10 08:36 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-10 08:36 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-10 08:36 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-10 08:36 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-10 08:36 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-10 08:36 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-10 08:36 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-10 08:36 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-10 08:36 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-10 08:36 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-10 08:36 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-10 08:36 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-10 08:36 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-10 08:36 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-10 08:36 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-10 08:36 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-10 08:36 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-10 08:36 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-10 08:36 - 2017-04-19 09:07 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-10 08:36 - 2017-04-19 09:06 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-10 08:36 - 2017-04-19 09:04 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-10 08:36 - 2017-04-19 09:02 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-10 08:36 - 2017-04-19 08:19 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-10 08:36 - 2017-04-19 08:18 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-10 08:36 - 2017-04-19 08:16 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-10 08:36 - 2017-04-19 08:15 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-10 08:36 - 2017-04-19 08:14 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-10 08:36 - 2017-04-19 08:13 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-10 08:36 - 2017-04-19 08:13 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-10 08:36 - 2017-04-19 08:12 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-10 08:36 - 2017-04-19 08:12 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-10 08:36 - 2017-04-19 08:12 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-10 08:36 - 2017-04-19 08:11 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-10 08:36 - 2017-04-19 08:11 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-10 08:36 - 2017-04-19 08:10 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-10 08:36 - 2017-04-19 08:10 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-10 08:36 - 2017-04-19 08:10 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-10 08:36 - 2017-04-19 08:08 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-10 08:36 - 2017-04-19 08:08 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-10 08:36 - 2017-04-19 08:07 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-10 08:36 - 2017-04-19 08:07 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-10 08:36 - 2017-04-19 08:06 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-10 08:36 - 2017-04-19 08:04 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-10 08:36 - 2017-04-19 08:04 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-10 08:36 - 2017-04-19 08:02 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-10 08:36 - 2017-04-19 08:01 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-10 08:36 - 2017-04-19 07:59 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-10 08:36 - 2017-04-19 07:59 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-10 08:36 - 2017-04-19 07:58 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-10 08:36 - 2017-04-19 07:37 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-10 08:36 - 2017-04-19 07:36 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-10 08:36 - 2017-04-19 07:35 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-10 08:36 - 2017-04-19 07:34 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-10 08:36 - 2017-04-19 07:34 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-10 08:36 - 2017-04-19 07:34 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-10 08:36 - 2017-04-19 07:32 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-10 08:36 - 2017-04-19 07:30 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-10 08:36 - 2017-04-19 07:29 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-10 08:36 - 2017-04-14 02:35 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-10 08:36 - 2017-04-14 02:35 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-10 08:36 - 2017-04-14 02:35 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-10 08:36 - 2017-04-14 02:33 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-10 08:36 - 2017-04-14 02:32 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-10 08:36 - 2017-04-14 02:30 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-10 08:36 - 2017-04-14 02:25 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-10 08:36 - 2017-04-14 02:25 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-10 08:36 - 2017-04-14 01:43 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-10 08:36 - 2017-04-14 01:43 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-10 08:36 - 2017-04-14 01:41 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-10 08:36 - 2017-04-14 01:41 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-10 08:36 - 2017-04-14 01:40 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-10 08:36 - 2017-04-14 01:39 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-10 08:36 - 2017-04-14 01:39 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-10 08:36 - 2017-04-14 01:39 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-10 08:36 - 2017-04-14 01:39 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-10 08:36 - 2017-04-14 01:39 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-10 08:36 - 2017-04-14 01:38 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-10 08:36 - 2017-04-14 01:38 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-10 08:36 - 2017-04-14 01:37 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-10 08:36 - 2017-04-14 01:37 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-10 08:36 - 2017-04-14 01:37 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-10 08:36 - 2017-04-14 01:37 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-10 08:36 - 2017-04-14 01:36 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-10 08:36 - 2017-04-14 01:36 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-10 08:36 - 2017-04-14 01:35 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-10 08:36 - 2017-04-14 01:35 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-10 08:36 - 2017-04-14 01:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-10 08:36 - 2017-04-14 01:34 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-10 08:36 - 2017-04-14 01:34 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-10 08:36 - 2017-04-14 01:33 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-10 08:36 - 2017-04-14 01:33 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-10 08:36 - 2017-04-14 01:31 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-10 08:36 - 2017-04-14 01:31 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-10 08:36 - 2017-04-14 01:29 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-10 08:36 - 2017-04-14 01:29 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-10 08:36 - 2017-04-14 01:29 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-10 08:36 - 2017-04-14 01:29 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-10 08:36 - 2017-04-14 01:29 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-10 08:36 - 2017-04-14 01:28 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-10 08:36 - 2017-04-14 01:26 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-10 08:36 - 2017-04-14 01:25 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-10 08:36 - 2017-04-14 01:24 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-10 08:36 - 2017-04-14 01:21 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-10 08:36 - 2017-04-14 01:21 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-10 08:36 - 2017-04-14 01:18 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-10 08:36 - 2017-04-14 01:18 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-10 08:36 - 2017-04-14 01:15 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-10 08:36 - 2017-04-14 01:15 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-10 08:36 - 2017-04-14 01:13 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-10 08:36 - 2017-04-14 01:13 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-10 08:36 - 2017-04-14 01:08 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-10 08:36 - 2017-04-14 01:06 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-10 08:36 - 2017-04-14 01:04 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-10 08:36 - 2017-04-14 01:01 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-10 08:22 - 2017-05-10 08:22 - 00004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-10 08:22 - 2017-05-03 22:21 - 00175736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-05-10 08:22 - 2017-05-03 22:21 - 00143480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-05-05 14:53 - 2017-05-06 10:15 - 00000000 ____D C:\Users\wuens\AppData\Local\Ubisoft Game Launcher
2017-05-05 14:53 - 2017-05-06 10:15 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2017-05-02 16:08 - 2017-05-02 16:08 - 00000000 ____D C:\Users\wuens\Documents\Benutzerdefinierte Office-Vorlagen
2017-05-02 10:09 - 2017-05-02 10:09 - 00109696 _____ (Razer Inc.) C:\WINDOWS\system32\RzChromaSDK64.dll
2017-05-02 10:09 - 2017-05-02 10:09 - 00102016 _____ (Razer Inc.) C:\WINDOWS\SysWOW64\RzChromaSDK.dll
2017-05-02 08:40 - 2017-05-02 08:40 - 00048776 _____ (Razer Inc.) C:\WINDOWS\SysWOW64\RzAPIChromaSDK.dll
2017-05-01 19:05 - 2017-05-17 18:11 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.6
2017-05-01 19:05 - 2017-05-01 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.6
2017-04-29 17:07 - 2017-04-29 17:07 - 00000000 ____D C:\Users\wuens\AppData\Local\SummerCamp
2017-04-29 16:37 - 2017-04-29 16:37 - 00000000 ____D C:\Users\wuens\AppData\Local\Agony
2017-04-28 20:17 - 2017-04-28 20:17 - 00000000 ____D C:\Users\wuens\AppData\Local\mpress
2017-04-28 20:12 - 2017-05-28 00:12 - 00003142 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2017-04-28 17:40 - 2017-04-28 17:40 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2017-04-28 16:58 - 2015-09-09 18:16 - 01449984 _____ (Giulio Sosio) C:\Users\wuens\Desktop\XonarSwitch.exe
2017-04-28 15:28 - 2017-04-28 15:28 - 00000000 ____D C:\Users\wuens\AppData\Local\Publishers
|
|
27.05.2017, 23:56
| #2 |
| | Kontrolle meiner Logs pls FRST Teil 2
__________________Code:
ATTFilter ==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-28 00:39 - 2017-03-27 19:24 - 00000000 ____D C:\Users\wuens\AppData\Roaming\Azureus
2017-05-28 00:19 - 2017-04-07 10:54 - 04846194 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-28 00:19 - 2016-12-21 19:28 - 02394986 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-28 00:19 - 2016-12-21 19:28 - 00636190 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-28 00:18 - 2017-04-07 10:46 - 00000000 ____D C:\Users\wuens
2017-05-28 00:16 - 2017-04-07 10:45 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-28 00:16 - 2016-12-21 20:04 - 00000000 ____D C:\Users\wuens\AppData\LocalLow\Mozilla
2017-05-28 00:14 - 2017-03-30 18:42 - 00000000 ____D C:\Users\wuens\AppData\Roaming\Curse Client
2017-05-28 00:13 - 2017-04-26 11:45 - 00000000 ____D C:\Users\wuens\AppData\Local\CrashDumps
2017-05-28 00:13 - 2017-04-07 10:50 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-28 00:12 - 2017-03-18 13:40 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-05-28 00:12 - 2016-12-21 20:51 - 00000000 ____D C:\Users\wuens\AppData\Local\Battle.net
2017-05-27 21:40 - 2016-12-21 22:16 - 00000000 ____D C:\Users\wuens\AppData\Roaming\uTorrent
2017-05-27 20:39 - 2017-04-20 15:08 - 00000000 ____D C:\Users\wuens\AppData\LocalLow\uTorrent
2017-05-27 20:26 - 2017-04-07 17:33 - 00000000 ____D C:\WINDOWS\Minidump
2017-05-27 20:26 - 2016-12-21 22:02 - 00000000 ____D C:\Users\wuens\AppData\Roaming\Dopamine
2017-05-27 18:46 - 2017-04-07 10:44 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-27 18:25 - 2017-04-07 09:59 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-05-27 18:07 - 2016-12-24 16:07 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-05-27 17:24 - 2017-01-24 17:44 - 00000000 ____D C:\Users\wuens\AppData\Roaming\TS3Client
2017-05-27 13:40 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-27 13:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-26 21:44 - 2016-12-21 20:31 - 00000000 ____D C:\Users\wuens\AppData\Roaming\vlc
2017-05-26 17:29 - 2017-02-25 15:07 - 00622120 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-05-26 14:18 - 2016-12-21 20:04 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5
2017-05-24 04:43 - 2017-02-25 15:06 - 00383016 _____ (EasyAntiCheat Ltd) C:\WINDOWS\SysWOW64\EasyAntiCheat.exe
2017-05-23 07:32 - 2016-12-21 20:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-22 23:21 - 2016-12-21 20:06 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-22 19:31 - 2016-12-21 22:17 - 00000000 ____D C:\Users\wuens\AppData\Local\JDownloader v2.0
2017-05-22 16:58 - 2016-12-21 20:49 - 00000000 ____D C:\Users\wuens\Desktop\Programme
2017-05-21 15:25 - 2017-04-07 10:44 - 00295256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-21 12:08 - 2016-12-21 19:22 - 00000000 ____D C:\Users\wuens\AppData\Local\VirtualStore
2017-05-21 12:06 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-20 15:30 - 2017-02-11 16:09 - 00000000 ____D C:\Users\wuens\AppData\Local\Spotify
2017-05-20 14:33 - 2017-02-11 16:08 - 00000000 ____D C:\Users\wuens\AppData\Roaming\Spotify
2017-05-18 22:50 - 2016-12-21 20:04 - 00001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-05-18 16:10 - 2017-02-24 18:00 - 00000000 ____D C:\Users\wuens\AppData\Local\UnrealEngine
2017-05-18 09:54 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-18 09:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-17 19:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-17 19:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\System
2017-05-17 19:30 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-17 19:30 - 2016-12-21 19:47 - 00014678 _____ C:\WINDOWS\unins000.dat
2017-05-17 18:23 - 2017-04-24 18:24 - 00000591 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlast Whistleblower.lnk
2017-05-17 18:23 - 2017-04-12 11:17 - 00001010 _____ C:\Users\wuens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch.lnk
2017-05-17 18:23 - 2017-04-07 10:48 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-17 18:23 - 2017-03-29 07:09 - 00001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-05-17 18:23 - 2017-03-27 19:24 - 00001863 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
2017-05-17 18:23 - 2017-02-11 16:09 - 00001856 _____ C:\Users\wuens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2017-05-17 18:23 - 2017-02-11 16:09 - 00001850 _____ C:\Users\wuens\Desktop\Spotify.lnk
2017-05-17 18:23 - 2017-01-30 11:19 - 00000712 _____ C:\Users\wuens\Desktop\uTorrent.lnk
2017-05-17 18:23 - 2017-01-09 10:45 - 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-05-17 18:23 - 2017-01-09 10:45 - 00002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-05-17 18:23 - 2016-12-24 18:52 - 00000705 _____ C:\Users\wuens\Desktop\Music.lnk
2017-05-17 18:23 - 2016-12-22 14:55 - 00001023 _____ C:\Users\wuens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2017-05-17 18:23 - 2016-12-21 22:16 - 00002640 _____ C:\Users\wuens\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2017-05-17 18:23 - 2016-12-21 21:43 - 00001890 _____ C:\Users\wuens\Desktop\Dopamine.lnk
2017-05-17 18:23 - 2016-12-21 21:20 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-05-17 18:23 - 2016-12-21 21:20 - 00002006 _____ C:\Users\wuens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dopamine.lnk
2017-05-17 18:23 - 2016-12-21 21:15 - 00001014 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2017-05-17 18:23 - 2016-12-21 20:04 - 00001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2017-05-17 18:23 - 2016-12-21 20:01 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-05-17 18:23 - 2016-12-21 19:28 - 00001023 _____ C:\Users\wuens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2017-05-17 18:17 - 2017-03-29 07:09 - 00000000 ____D C:\Program Files\iPod
2017-05-17 18:15 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Globalization
2017-05-17 18:03 - 2017-02-13 11:47 - 00000000 ____D C:\Users\wuens\AppData\Roaming\NVIDIA
2017-05-17 18:02 - 2017-02-25 21:17 - 00000000 ____D C:\Program Files\UNi Xonar Audio
2017-05-17 18:02 - 2016-12-21 21:15 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-05-17 07:30 - 2016-12-21 19:59 - 00000000 ____D C:\ProgramData\IObit
2017-05-15 09:04 - 2017-03-18 20:27 - 00000000 ____D C:\Users\wuens\AppData\Roaming\SmartSteamEmu
2017-05-12 10:31 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-11 07:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-10 16:06 - 2016-12-21 19:22 - 00000000 ____D C:\Users\wuens\AppData\Local\Packages
2017-05-10 09:43 - 2016-12-31 15:15 - 00000000 ____D C:\Users\wuens\Documents\My Games
2017-05-10 08:48 - 2016-12-21 19:22 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-10 08:40 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-10 08:40 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-10 08:40 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-10 08:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-10 08:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-10 08:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-10 08:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-10 08:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-10 08:40 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-10 08:40 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-10 08:40 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-10 08:40 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-10 08:22 - 2017-04-07 10:50 - 00004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-10 08:22 - 2017-04-07 10:50 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-10 08:22 - 2017-04-07 10:50 - 00003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-10 08:22 - 2017-04-07 10:50 - 00003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-10 08:22 - 2017-04-07 10:50 - 00003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-10 08:22 - 2017-04-07 10:50 - 00003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-10 08:22 - 2017-04-07 10:50 - 00003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-05-10 08:22 - 2017-04-07 10:45 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-10 08:22 - 2017-04-07 10:45 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-10 08:22 - 2017-04-07 10:45 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-05-06 12:12 - 2016-12-21 20:49 - 00000000 ____D C:\Users\wuens\Desktop\Spiele
2017-05-06 10:11 - 2017-04-07 10:50 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-05-05 11:05 - 2016-12-21 19:30 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2017-05-03 22:21 - 2017-02-13 11:43 - 00048248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-05-03 22:21 - 2017-02-13 11:37 - 01893496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-05-03 22:21 - 2017-02-13 11:37 - 01755256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-05-03 22:21 - 2017-02-13 11:37 - 01477240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-05-03 22:21 - 2017-02-13 11:37 - 01317496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-05-03 22:21 - 2017-02-13 11:37 - 00121464 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-05-03 21:28 - 2016-12-21 19:30 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-05-03 12:51 - 2016-12-21 21:20 - 00000000 ____D C:\Program Files (x86)\Dopamine
2017-05-02 00:38 - 2017-04-25 19:31 - 04092088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-05-02 00:38 - 2017-04-25 19:31 - 03607464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-05-02 00:38 - 2017-03-21 12:55 - 00059448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-05-02 00:38 - 2017-03-21 12:55 - 00045061 _____ C:\WINDOWS\system32\nvinfo.pb
2017-05-01 22:52 - 2017-04-07 10:45 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-05-01 22:51 - 2017-04-07 10:45 - 06437312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-05-01 22:51 - 2017-04-07 10:45 - 02479552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-05-01 22:51 - 2017-04-07 10:45 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-05-01 22:51 - 2017-04-07 10:45 - 00548800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-05-01 22:51 - 2017-04-07 10:45 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-05-01 22:51 - 2017-04-07 10:45 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-05-01 22:51 - 2017-04-07 10:45 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-05-01 19:23 - 2017-04-14 18:27 - 00000000 ____D C:\Users\wuens\Documents\Warcraft III
2017-04-29 03:05 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 03:05 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-28 19:46 - 2016-12-21 19:46 - 00000000 ____D C:\Program Files\Java
2017-04-28 17:41 - 2016-12-21 19:24 - 00000000 ___RD C:\Users\wuens\OneDrive
2017-04-28 17:40 - 2016-12-21 19:46 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2017-04-28 17:40 - 2016-12-21 19:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-04-28 17:40 - 2016-12-21 19:45 - 00000000 ____D C:\ProgramData\Oracle
2017-04-28 17:40 - 2016-12-21 19:45 - 00000000 ____D C:\Program Files (x86)\Java
2017-04-28 17:39 - 2016-12-21 19:46 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-05-24 11:48
==================== End of FRST.txt ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2017
Ran by wuens (28-05-2017 00:40:20)
Running from C:\Users\wuens\Desktop
Windows 10 Pro Version 1703 (X64) (2017-04-07 08:53:19)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2322370783-745731414-697882459-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2322370783-745731414-697882459-503 - Limited - Disabled)
Guest (S-1-5-21-2322370783-745731414-697882459-501 - Limited - Disabled)
wuens (S-1-5-21-2322370783-745731414-697882459-1001 - Administrator - Enabled) => C:\Users\wuens
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2322370783-745731414-697882459-1001\...\uTorrent) (Version: 3.5.0.43804 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{A2116AF9-FA9D-41EA-9874-1E40B227D4DE}) (Version: 12.2.5.195 - Adobe Systems, Inc)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.8.198 - Adobe Systems, Inc.)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.00.92 - ASUSTeK Computer Inc.)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.5.1 - Sereby Corporation)
Ansel (Version: 382.05 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
ASUS Ai Charger (HKLM-x32\...\{7FB64E72-9B0E-4460-A821-040C341E414A}) (Version: 1.05.00 - ASUSTeK Computer Inc.)
AVS Audio Converter 8.0 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 8.0.2.541 - Online Media Technologies Ltd.)
Batman Arkham Knight (HKLM-x32\...\{0F4673C2-B7F4-4771-96FD-1AB79B1C1923}_is1) (Version: - Rocksteady Studios)
BioShock Infinite (HKLM-x32\...\BioShock Infinite_is1) (Version: - )
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Cheat Engine 6.6 (HKLM-x32\...\Cheat Engine 6.6_is1) (Version: - Cheat Engine)
CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
Dopamine (HKLM-x32\...\{88964D1B-8C83-4D7D-A7B7-3334536110A4}) (Version: 1.3.0.918 - Digimezzo)
Driver Booster 4.2 (HKLM-x32\...\Driver Booster_is1) (Version: 4.2.0 - IObit)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Glary Utilities PRO 5.66 (HKLM-x32\...\Glary Utilities 5) (Version: 5.66.0.87 - Glarysoft Ltd)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{164600BE-9CEC-44E6-9B38-2B12D5FE2342}) (Version: 12.6.0.100 - Apple Inc.)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{82f2609e-68ba-408d-963f-530ad8809435}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{577ff5ba-39aa-4d8c-a3a9-f95012763438}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation)
Mozilla Firefox 53.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 de)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.2 - Mozilla)
Mp3tag v2.80 (HKLM-x32\...\Mp3tag) (Version: v2.80 - Florian Heidenreich)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
MSI Kombustor 3.5.0 (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version: - MSI Co., LTD)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.2.12697 - Electronic Arts, Inc.)
Outils de vérification linguistique 2016 de Microsoft Office*- Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Outlast 2 (HKLM-x32\...\Outlast 2_is1) (Version: - )
Outlast: Whistleblower (HKLM-x32\...\T3V0bGFzdFdoaXN0bGVibG93ZXI=_is1) (Version: 1 - )
Paladins (HKLM\...\Steam App 444090) (Version: - Hi-Rez Studios)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.1.5 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.413 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Resident Evil 7 Biohazard (HKLM-x32\...\{1ECBF8F3-7079-44CA-AD32-B2AECBCF636F}_is1) (Version: - Capcom)
SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-2322370783-745731414-697882459-1001\...\Spotify) (Version: 1.0.49.125.g72ee7853 - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Strumenti di correzione di Microsoft Office 2016 - Italiano (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TomTom MyDrive Connect 4.1.4.3031 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.4.3031 - TomTom)
Transmissions: Element 120 (HKLM\...\Steam App 365300) (Version: - Shokunin)
UNi Xonar Audio -Run only while playing audio! (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.5.0 - Azureus Software, Inc.)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wondershare Video Converter Ultimate(Build 9.0.3.0) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 9.0.3.0 - Wondershare Software)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
wxMP3gain v3.7 (HKLM-x32\...\{A8DA0F4D-7A25-4FB1-91ED-D6481CB7CD35}_is1) (Version: 3.7 - Cristiano Nunes)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2322370783-745731414-697882459-1001_Classes\CLSID\{8a1ef745-130b-4427-b600-3dadd96aa5a6}\InprocServer32 -> c:\windows\system32\dfshim.dll (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {027DA260-2F75-4C09-818C-A6A3F6EB7121} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic
Task: {131C386C-C51D-4CAB-B14F-22260609620A} - \{7D050447-0909-0805-0E11-0B080D79110F} -> No File <==== ATTENTION
Task: {1492DE31-4374-44F4-8B5F-89D2CCFA569E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {18E3A64D-8AEB-4E0C-A399-69199FD8863D} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2016-10-24] ()
Task: {1DAAC372-EE6D-4BE1-95EB-42BE75008669} - \Microsoft\Windows\DeviceSettings\Clerherdompaqward -> No File <==== ATTENTION
Task: {204D1486-DD87-4009-9B75-C283DD727442} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2016-12-16] (Glarysoft Ltd)
Task: {2144319C-FFBF-4D27-A35B-E9ED68E38F4E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {267806E3-4F73-4AA9-9EFF-3EE86F5D7229} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {3B0689A8-13C8-4CC3-8963-9ED8684F2934} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2015-03-25] (ASUSTeK Computer Inc.)
Task: {46C0CAF6-6FEA-4B04-9863-B8810989F42C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {4C6395D5-9DD3-4F69-9637-7305C5094B25} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {67CA4A3F-6EDA-4798-8A21-761AA46ABC85} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {6F870188-6ACF-4484-AEE7-81911567A23E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {75CB2956-CB4F-4756-9370-64E149606193} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {7E3FFA82-23B8-48BB-BEF8-A55484889F70} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {8E0CBFE4-0494-4641-B536-37B880258B61} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {90060EC1-7ED0-4976-8FF2-EE0FABA33F48} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2016-12-16] (Glarysoft Ltd)
Task: {90B07451-CA1B-4245-A1A6-F6653E45EF26} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {9633A941-D118-4E29-BB19-131BF8BC800C} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {B42C210D-852A-44EE-8CD8-F6A532937B83} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-28] (AVAST Software)
Task: {B503C857-2CE2-466B-845A-A67A793DBB22} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {DD328B42-2AEF-4C8C-941B-4ADBD2BAEA3D} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2014-10-11] ()
Task: {DD49795A-9A56-4F40-A9C3-27FCD4568959} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
Task: {F6D96290-FEF8-4AA7-AFBD-9CD97B978DCE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-11] (Adobe Systems Incorporated)
Task: {FC9F5668-46BD-47EA-88F7-A8A9C8E20A54} - System32\Tasks\{F470B5CB-E6AB-438C-A76E-6F34C184983B} => pcalua.exe -a "D:\Program Files (x86)\Alien Isolation\AI.exe" -d "D:\Program Files (x86)\Alien Isolation"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{42A8FBD9-F5AE-48AF-99CE-8A119E3AA355}.job => C:\WINDOWS\system32\msfeedssync.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-02-13 11:37 - 2017-05-03 22:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-17 02:28 - 2016-11-17 02:28 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-03-16 17:08 - 2017-03-16 17:08 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-04-07 10:45 - 2015-05-14 15:47 - 00936456 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2016-09-25 01:20 - 2016-09-25 01:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-12-21 19:20 - 2016-12-21 19:20 - 00026112 _____ () C:\Windows\KMS-R@1n.exe
2016-10-24 12:03 - 2016-10-24 12:03 - 00589512 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-12-21 19:43 - 2014-10-11 17:57 - 01271096 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2017-03-18 22:59 - 2017-03-19 04:30 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-22 18:14 - 2017-03-22 18:14 - 00092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-03-22 18:14 - 2017-03-22 18:14 - 01354040 _____ () C:\Program Files\iTunes\libxml2.dll
2017-03-27 19:24 - 2016-01-05 20:45 - 00105648 _____ () C:\Program Files\Vuze\aereg64.dll
2016-12-06 16:09 - 2016-12-06 16:09 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2017-04-07 10:45 - 2017-05-28 00:13 - 00034448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2017-04-07 10:45 - 2015-05-14 15:47 - 00113160 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2016-12-21 21:20 - 2017-02-06 20:18 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2017-02-13 11:37 - 2017-05-03 22:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-10 18:46 - 2016-10-10 18:46 - 00056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2016-10-10 18:46 - 2016-10-10 18:46 - 00228864 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2016-10-10 18:46 - 2016-10-10 18:46 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2016-10-10 18:46 - 2016-10-10 18:46 - 00526848 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2016-10-10 18:46 - 2016-10-10 18:46 - 00357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2016-12-21 19:43 - 2014-10-11 17:57 - 00711680 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2016-12-21 19:43 - 2014-10-11 17:57 - 00856576 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2016-12-21 19:43 - 2014-10-11 17:57 - 00803840 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2016-12-21 19:43 - 2014-10-11 17:57 - 00807936 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2016-12-21 19:39 - 2015-03-11 10:42 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2016-12-21 19:39 - 2015-03-11 10:42 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2016-12-21 19:43 - 2014-10-11 17:52 - 04346368 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2016-12-21 19:43 - 2014-10-11 17:57 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2016-12-21 19:39 - 2015-03-11 10:42 - 00828928 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll
2016-12-21 19:43 - 2014-10-11 10:57 - 00053248 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll
2016-12-21 19:43 - 2014-10-11 10:57 - 00278528 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll
2016-12-21 19:38 - 2014-09-09 11:14 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2017-02-25 21:17 - 2012-06-06 10:56 - 00143360 ____N () C:\Program Files\UNi Xonar Audio\Customapp\VmixP8.dll
2016-04-05 17:57 - 2016-04-05 17:57 - 00393608 _____ () C:\Users\wuens\AppData\Roaming\Curse Client\Bin\opus.dll
2017-03-29 01:04 - 2017-05-17 18:15 - 00535872 _____ () C:\Users\wuens\AppData\Roaming\Curse Client\Bin\Curse.Presto.Interface.dll
2017-05-15 11:59 - 2017-05-15 11:59 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2017-03-28 23:48 - 2017-04-12 11:16 - 01950528 _____ () C:\Users\wuens\AppData\Roaming\Curse Client\Bin\Electron\ffmpeg.dll
2017-03-28 23:48 - 2017-04-12 11:16 - 02270528 _____ () C:\Users\wuens\AppData\Roaming\Curse Client\Bin\Electron\libglesv2.dll
2017-03-28 23:48 - 2017-04-12 11:16 - 00088384 _____ () C:\Users\wuens\AppData\Roaming\Curse Client\Bin\Electron\libegl.dll
2014-03-03 15:07 - 2016-07-08 23:06 - 00353768 _____ () d:\program files (x86)\warcraft iii\mss32.dll
2014-03-03 15:07 - 2016-04-08 00:23 - 00132072 _____ () d:\program files (x86)\warcraft iii\redist\miles\Mp3dec.asi
2014-03-03 15:07 - 2016-04-08 00:23 - 00071656 _____ () d:\program files (x86)\warcraft iii\redist\miles\Mssdolby.m3d
2014-03-03 15:07 - 2016-04-08 00:23 - 00076264 _____ () d:\program files (x86)\warcraft iii\redist\miles\Msseax2.m3d
2014-03-03 15:07 - 2017-05-18 16:32 - 00064000 _____ () d:\program files (x86)\warcraft iii\redist\miles\Mssfast.m3d
2014-03-03 15:07 - 2016-04-08 00:23 - 00062952 _____ () d:\program files (x86)\warcraft iii\redist\miles\Reverb3.flt
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 09:24 - 2017-05-17 19:13 - 00000795 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2322370783-745731414-697882459-1001\Control Panel\Desktop\\Wallpaper -> D:\Bilder\RazerChroma_1920x1080.png
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKU\S-1-5-21-2322370783-745731414-697882459-1001\...\StartupApproved\Run: => "Spotify"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{AC2B4ACC-3D5C-490F-BFF0-0CDE6BFA9642}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe
FirewallRules: [UDP Query User{F7616C04-A078-4921-9369-38426F4C5251}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe
FirewallRules: [TCP Query User{08FE67DF-A171-49C5-9870-628811BA6DD7}C:\users\wuens\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\wuens\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{DF707267-8197-40DB-94CB-6A463EC3CE06}C:\users\wuens\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\wuens\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{CF7A1321-733C-4EE9-BC79-386A9ACE3E48}D:\program files (x86)\warcraft iii\war3.exe] => (Allow) D:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{353C4CA9-0BE8-461F-B567-0A9E9D350414}D:\program files (x86)\warcraft iii\war3.exe] => (Allow) D:\program files (x86)\warcraft iii\war3.exe
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/28/2017 12:13:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x1bb4
Startzeit der fehlerhaften Anwendung: 0x01d2d73685f339e5
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 612e581f-e5d3-42ef-b6b2-a0320df4aac0
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/27/2017 11:52:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
Error: (05/27/2017 11:52:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
Error: (05/27/2017 11:52:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
Error: (05/27/2017 11:52:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "E:\Downloads\Antivirus\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.
Error: (05/27/2017 11:41:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x2170
Startzeit der fehlerhaften Anwendung: 0x01d2d731fa58c305
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 48af1b6c-a9a0-442d-bbb6-6513381ad38b
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/27/2017 09:31:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (05/27/2017 09:31:39 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Error: (05/27/2017 09:31:39 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.
Error: (05/27/2017 09:31:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "MSDTC" in der DLL "C:\WINDOWS\system32\msdtcuiu.DLL" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
System errors:
=============
Error: (05/28/2017 12:29:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "terana" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/28/2017 12:13:44 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "HitmanPro37CrusaderBoot" wurde mit dem folgenden dienstspezifischen Fehler beendet:
Der Vorgang wurde erfolgreich beendet.
Error: (05/28/2017 12:13:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (05/28/2017 12:12:50 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8PV836F)
Description: Der Server "{4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (05/28/2017 12:12:50 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8PV836F)
Description: Der Server "{4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (05/27/2017 11:45:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Durch die Berechtigungseinstellungen für "application-specific" wird dem Benutzer "NT AUTHORITY\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (Using LRPC)" keine Berechtigung vom Typ "Local Activation" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Unavailable" (SID: Unavailable) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/27/2017 09:40:23 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8PV836F)
Description: Der Server "{4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (05/27/2017 09:40:23 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8PV836F)
Description: Der Server "{4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (05/27/2017 08:44:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "terana" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/27/2017 08:31:12 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-8PV836F)
Description: Der Server "{4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===================================
Date: 2017-05-26 21:42:06.382
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-05-26 16:27:42.943
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-05-24 17:00:23.645
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-05-24 11:48:26.015
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-05-24 09:13:26.561
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-05-23 10:02:33.422
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-05-23 00:20:52.829
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-05-22 15:31:18.969
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-05-22 12:05:15.720
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-05-22 09:56:19.077
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Xeon(R) CPU E3-1230 v3 @ 3.30GHz
Percentage of memory in use: 24%
Total physical RAM: 16321.93 MB
Available physical RAM: 12293.03 MB
Total Virtual: 20321.93 MB
Available Virtual: 15362.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.3 GB) (Free:74.12 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:292.98 GB) NTFS
Drive e: (TOSHIBA EXT) (Fixed) (Total:2794.51 GB) (Free:1188.23 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 0B963252)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 28C7BC0C)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.
==================== End of Addition.txt ============================
|
|
| Themen zu Kontrolle meiner Logs pls |
| anzeige, anzeigen, folge, folgende, hochladen, komisch, kontrolle, node.js, programme, removal, sache, sachen, system |
Linear-Darstellung
