czlfnyii.exe entfernen

Nicky_86 · 26.07.2017, 16:44

Hallo zusammen,
habe jetzt mal ein ernstes Problem.
Dank euren Beschreibungen und euren Hilfen konnte ich bisher immer alles super bekämpfen.

Heute melde ich mich selbst mal zu Wort, da ich nicht weiter komme.

Seit kurzem springt ca alle 15min die Benutzerkontensteuerung an. Eine Software
namens czlfnyii.exe möchte Änderungen am Gerät vornehmen.

Die Datei soll wie auf den Bilder zu sehen unter meienm aktiven User liegen.
Hier findet sich diese Datei nicht.

Auch eine Suche nach der Datei blieb ohne Erfolg.

Malware Programme finden keine Bedrohungen auf meinem PC.

Wie kann ich diese Datei löschen oder dauerhaft den zugriff verweigern.

Auch die Dateien im Bild sind nicht zu finden.

Danke

https://picload.org/view/rwgpadar/img_4514.jpg.html
https://picload.org/view/rwgpawgw/img_4515.jpg.html

M-K-D-B · 26.07.2017, 20:30

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.
Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

M-K-D-B · 30.07.2017, 09:54

Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM inklusive Link zum Thema an mich falls du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

Nicky_86 · 01.08.2017, 20:03

Hallo lieber Helfer,

habe das gemacht wo du mir beschrieben hast.

FRST.EXE

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-07-2017
durchgeführt von Nicol (Administrator) auf DESKTOP-AESMRB4 (01-08-2017 20:48:34)
Gestartet von C:\Users\nicol\Desktop
Geladene Profile: Nicol (Verfügbare Profile: Nicol)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8241.41275.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8241.41275.0_x64__8wekyb3d8bbwe\HxTsr.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17062.12911.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17062.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13650648 2013-08-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2017-06-03] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2017-06-03] (Lenovo(beijing) Limited)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [866224 2017-03-16] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2017-06-03] (Synaptics Incorporated)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [571928 2017-06-03] (Vimicro)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332STI.EXE [548864 2012-03-20] (Vimicro)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-10-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe [1910424 2017-06-06] ()
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3062560 2017-07-18] (Valve Corporation)
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe [1000288 2012-05-22] (AppEx Networks Corporation)
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9773272 2017-05-19] (Piriform Ltd)
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\Run: [MailStylerWarmup] => C:\Program Files (x86)\Delivery Tech Corp\MailStyler 1\MailStyler.exe [4121136 2016-03-03] (Delivery Tech Corp.)
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [804352 2017-03-18] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2017-06-04]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
GroupPolicy: Beschränkung <==== ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.30.1
Tcpip\..\Interfaces\{4485d479-dc85-417b-827a-48be184f3958}: [DhcpNameServer] 192.168.30.1

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-11-15] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: csmnkq8q.default
FF ProfilePath: C:\Users\nicol\AppData\Roaming\Mozilla\Firefox\Profiles\csmnkq8q.default [2017-08-01]
FF Extension: (FEBE) - C:\Users\nicol\AppData\Roaming\Mozilla\Firefox\Profiles\csmnkq8q.default\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2017-06-03]
FF Extension: (Greasemonkey) - C:\Users\nicol\AppData\Roaming\Mozilla\Firefox\Profiles\csmnkq8q.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2017-06-04]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-06-04] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-06-04] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-04-06] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-04-06] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-04-06] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-04-06] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-11-15] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-11-15] (Microsoft Corporation)

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-10-29] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2251992 2017-07-03] (Broadcom Corporation.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [976600 2013-08-19] (Broadcom Corporation.)
S3 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2017-04-13] (Foxit Software Inc.)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2017-03-16] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2169696 2017-07-11] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3149672 2017-07-11] (Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2017-06-03] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [82704 2017-06-03] (Advanced Micro Devices, Inc.)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111120 2017-06-03] (Advanced Micro Devices)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [173312 2017-07-03] (Broadcom Corporation.)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7474864 2013-08-07] (Broadcom Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-27] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188352 2017-07-24] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-08-01] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-08-01] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-08-01] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-08-01] (Malwarebytes)
R1 MpKsla5c7b09a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FD07DC27-EBD0-428A-8F0D-45AFA196B49F}\MpKsla5c7b09a.sys [44928 2017-07-31] (Microsoft Corporation)
R1 MpKsldb3329ac; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4B4D014A-EE80-4A34-B02B-1FFCEDE34D12}\MpKsldb3329ac.sys [44928 2017-08-01] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek                                            )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410848 2017-06-03] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [648872 2017-06-03] (Vimicro Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-08-01 20:49 - 2017-08-01 20:49 - 004922400 _____ (AO Kaspersky Lab) C:\Users\nicol\Downloads\tdsskiller.exe
2017-08-01 20:49 - 2017-08-01 20:49 - 004922400 _____ (AO Kaspersky Lab) C:\Users\nicol\Desktop\tdsskiller.exe
2017-08-01 20:48 - 2017-08-01 20:49 - 000016867 _____ C:\Users\nicol\Desktop\FRST.txt
2017-08-01 20:48 - 2017-08-01 20:48 - 000000000 ____D C:\FRST
2017-08-01 20:48 - 2017-08-01 20:47 - 002381312 _____ (Farbar) C:\Users\nicol\Desktop\FRST64.exe
2017-08-01 20:47 - 2017-08-01 20:47 - 002381312 _____ (Farbar) C:\Users\nicol\Downloads\FRST64.exe
2017-07-31 17:39 - 2017-07-31 17:39 - 000034623 _____ C:\Users\nicol\Desktop\Anmeldung Gemeinde1.pdf
2017-07-31 17:36 - 2017-07-31 17:36 - 000040583 _____ C:\Users\nicol\Desktop\Anmeldung Gemeinde.pdf
2017-07-28 19:34 - 2017-07-28 19:34 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2090734139-1850318513-3907554720-1001
2017-07-28 19:34 - 2017-07-28 19:34 - 000000000 ___HD C:\OneDriveTemp
2017-07-26 18:35 - 2017-07-26 18:36 - 242020184 _____ (Lenovo Group Limited ) C:\Users\nicol\Downloads\0nwl01wb(1).exe
2017-07-26 17:31 - 2017-07-26 17:18 - 170242954 ____N C:\Users\nicol\Desktop\IMG_4516.MOV
2017-07-24 22:40 - 2017-07-24 22:40 - 000000000 _____ C:\Users\nicol\Desktop\Neues Textdokument.txt
2017-07-24 19:01 - 2017-08-01 18:28 - 000093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-07-24 19:01 - 2017-08-01 18:20 - 000101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-07-24 19:01 - 2017-08-01 18:20 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-07-24 19:01 - 2017-07-24 19:08 - 000188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-07-24 19:00 - 2017-08-01 18:20 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-24 19:00 - 2017-07-24 19:00 - 065033984 _____ (Malwarebytes ) C:\Users\nicol\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-07-24 19:00 - 2017-07-24 19:00 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-24 19:00 - 2017-07-24 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-24 19:00 - 2017-07-24 19:00 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-07-24 19:00 - 2017-07-24 19:00 - 000000000 ____D C:\Program Files\Malwarebytes
2017-07-24 19:00 - 2017-06-27 12:06 - 000077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-07-24 18:18 - 2017-07-24 18:39 - 000000000 ____D C:\AdwCleaner
2017-07-24 18:18 - 2017-07-24 18:18 - 008162248 _____ (Malwarebytes) C:\Users\nicol\Downloads\adwcleaner_7.0.0.0.exe
2017-07-24 18:17 - 2017-07-24 18:17 - 002611632 _____ C:\Users\nicol\Downloads\Adaware_Installer121856.exe
2017-07-24 18:17 - 2017-07-24 18:17 - 000000000 ____D C:\ProgramData\adaware
2017-07-24 17:43 - 2017-07-24 17:44 - 000000444 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2017-07-23 20:22 - 2017-07-23 20:22 - 000218129 _____ C:\Users\nicol\Downloads\h2testw_1.4.zip
2017-07-23 20:22 - 2017-07-23 20:22 - 000000000 ____D C:\Users\nicol\Downloads\h2testw_1.4
2017-07-20 22:30 - 2017-07-20 22:30 - 000070930 _____ C:\Users\nicol\Downloads\Tahin-Plätzchen.pdf
2017-07-20 22:29 - 2017-07-20 22:29 - 000072610 _____ C:\Users\nicol\Downloads\Ahle-Worschd-Kräppel.pdf
2017-07-20 22:27 - 2017-07-20 22:27 - 001235263 _____ C:\Users\nicol\Downloads\Smoothie_Flyer_wiss_Untersuchung_final.pdf
2017-07-20 17:56 - 2017-07-20 17:56 - 000002301 _____ C:\Users\Public\Desktop\MailStyler.lnk
2017-07-20 17:56 - 2017-07-20 17:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Delivery Tech Corp
2017-07-20 17:27 - 2017-07-20 17:57 - 000000000 ____D C:\Users\nicol\OneDrive\Dokumente\MailStyler
2017-07-20 17:26 - 2017-07-20 17:26 - 000003682 _____ C:\WINDOWS\System32\Tasks\xuasqgut
2017-07-20 17:26 - 2017-07-20 17:26 - 000000000 __SHD C:\Users\nicol\xuasqgut
2017-07-20 17:26 - 2017-07-20 17:26 - 000000000 ____D C:\Users\nicol\AppData\Roaming\Obsidium
2017-07-20 17:26 - 2017-07-20 17:26 - 000000000 ____D C:\Users\nicol\AppData\Roaming\Delivery Tech Corp
2017-07-20 17:26 - 2017-03-18 23:00 - 000045216 ___SH (Microsoft Corporation) C:\Users\nicol\czlfnyii.exe
2017-07-20 17:25 - 2017-07-20 17:25 - 000000000 ____D C:\ProgramData\Delivery Tech Corp
2017-07-20 17:24 - 2017-07-20 17:56 - 000000000 ____D C:\Program Files (x86)\Delivery Tech Corp
2017-07-12 18:39 - 2017-07-12 18:39 - 002653569 _____ C:\Users\nicol\Desktop\Bilanz 5 Seiten.pdf
2017-07-12 18:39 - 2017-07-07 08:57 - 000626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-07-12 18:39 - 2017-07-07 08:39 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-07-12 18:39 - 2017-07-07 08:37 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-07-12 18:39 - 2017-07-07 08:31 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-07-12 18:39 - 2017-07-07 08:31 - 001518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-07-12 18:39 - 2017-07-07 08:30 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-07-12 18:39 - 2017-07-07 08:27 - 006759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-07-12 18:39 - 2017-07-07 08:26 - 001529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-07-12 18:39 - 2017-07-07 08:26 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-07-12 18:39 - 2017-07-07 08:23 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-07-12 18:39 - 2017-07-07 08:14 - 002956800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-07-12 18:39 - 2017-07-07 08:14 - 000790016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-07-12 18:39 - 2017-07-07 08:13 - 013839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-07-12 18:39 - 2017-07-07 08:12 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-07-12 18:39 - 2017-07-07 08:05 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-07-12 18:39 - 2017-07-07 08:04 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-07-12 18:39 - 2017-07-07 08:04 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-12 18:39 - 2017-07-07 08:02 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-07-12 18:39 - 2017-07-07 08:00 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-07-12 18:39 - 2017-07-07 08:00 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-07-12 18:39 - 2017-07-07 07:58 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-07-12 18:39 - 2017-07-07 07:58 - 002298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-07-12 18:39 - 2017-06-20 07:04 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-07-12 18:39 - 2017-06-20 07:04 - 000181656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-07-12 18:39 - 2017-06-20 07:03 - 005806048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-07-12 18:39 - 2017-06-20 07:02 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-12 18:39 - 2017-06-20 07:02 - 001121928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-07-12 18:39 - 2017-06-20 07:00 - 002597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-12 18:39 - 2017-06-20 06:40 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-07-12 18:39 - 2017-06-20 06:40 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-07-12 18:39 - 2017-06-20 06:39 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-12 18:39 - 2017-06-20 06:38 - 001451008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-07-12 18:39 - 2017-06-20 06:38 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-07-12 18:39 - 2017-06-20 06:38 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-07-12 18:39 - 2017-06-20 06:36 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-07-12 18:39 - 2017-06-20 06:35 - 002132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-12 18:39 - 2017-06-20 06:34 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-07-12 18:39 - 2017-06-20 06:34 - 002211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-07-12 18:39 - 2017-06-20 06:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-07-12 18:38 - 2017-07-07 16:00 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2017-07-12 18:38 - 2017-07-07 09:27 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-07-12 18:38 - 2017-07-07 09:26 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-07-12 18:38 - 2017-07-07 09:25 - 000899824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-07-12 18:38 - 2017-07-07 09:24 - 000117664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-07-12 18:38 - 2017-07-07 09:23 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-07-12 18:38 - 2017-07-07 09:22 - 008318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-12 18:38 - 2017-07-07 09:22 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-07-12 18:38 - 2017-07-07 09:21 - 032688336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2017-07-12 18:38 - 2017-07-07 09:21 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-12 18:38 - 2017-07-07 09:20 - 002021680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-07-12 18:38 - 2017-07-07 09:20 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-07-12 18:38 - 2017-07-07 09:20 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-07-12 18:38 - 2017-07-07 09:20 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-07-12 18:38 - 2017-07-07 09:14 - 007325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-07-12 18:38 - 2017-07-07 09:14 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-07-12 18:38 - 2017-07-07 09:14 - 001760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-07-12 18:38 - 2017-07-07 09:13 - 000554392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-07-12 18:38 - 2017-07-07 09:13 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-07-12 18:38 - 2017-07-07 09:12 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-07-12 18:38 - 2017-07-07 09:12 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-07-12 18:38 - 2017-07-07 09:11 - 007904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-07-12 18:38 - 2017-07-07 09:11 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-07-12 18:38 - 2017-07-07 09:10 - 001670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-07-12 18:38 - 2017-07-07 09:10 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-07-12 18:38 - 2017-07-07 09:10 - 000254168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-07-12 18:38 - 2017-07-07 09:09 - 000041376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininitext.dll
2017-07-12 18:38 - 2017-07-07 09:07 - 001106848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-07-12 18:38 - 2017-07-07 09:07 - 000058488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-07-12 18:38 - 2017-07-07 08:57 - 000125344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2017-07-12 18:38 - 2017-07-07 08:40 - 023677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-07-12 18:38 - 2017-07-07 08:39 - 000096128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-07-12 18:38 - 2017-07-07 08:37 - 031652264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2017-07-12 18:38 - 2017-07-07 08:37 - 001339352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-07-12 18:38 - 2017-07-07 08:31 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-07-12 18:38 - 2017-07-07 08:30 - 000949920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2017-07-12 18:38 - 2017-07-07 08:30 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-07-12 18:38 - 2017-07-07 08:29 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-07-12 18:38 - 2017-07-07 08:29 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2017-07-12 18:38 - 2017-07-07 08:27 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-07-12 18:38 - 2017-07-07 08:27 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2017-07-12 18:38 - 2017-07-07 08:27 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-07-12 18:38 - 2017-07-07 08:26 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-07-12 18:38 - 2017-07-07 08:26 - 017364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-07-12 18:38 - 2017-07-07 08:26 - 001195240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-07-12 18:38 - 2017-07-07 08:25 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininitext.dll
2017-07-12 18:38 - 2017-07-07 08:24 - 001517472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-07-12 18:38 - 2017-07-07 08:23 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-07-12 18:38 - 2017-07-07 08:23 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-07-12 18:38 - 2017-07-07 08:22 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-07-12 18:38 - 2017-07-07 08:22 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2017-07-12 18:38 - 2017-07-07 08:20 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-12 18:38 - 2017-07-07 08:20 - 008331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-07-12 18:38 - 2017-07-07 08:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2017-07-12 18:38 - 2017-07-07 08:19 - 007149056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-07-12 18:38 - 2017-07-07 08:19 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-07-12 18:38 - 2017-07-07 08:19 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-07-12 18:38 - 2017-07-07 08:18 - 007336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-12 18:38 - 2017-07-07 08:18 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2017-07-12 18:38 - 2017-07-07 08:18 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-07-12 18:38 - 2017-07-07 08:18 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2017-07-12 18:38 - 2017-07-07 08:17 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-07-12 18:38 - 2017-07-07 08:17 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-07-12 18:38 - 2017-07-07 08:17 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-12 18:38 - 2017-07-07 08:17 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-07-12 18:38 - 2017-07-07 08:16 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-12 18:38 - 2017-07-07 08:16 - 000545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-07-12 18:38 - 2017-07-07 08:15 - 008238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-07-12 18:38 - 2017-07-07 08:15 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-07-12 18:38 - 2017-07-07 08:14 - 008211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-07-12 18:38 - 2017-07-07 08:14 - 003784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-07-12 18:38 - 2017-07-07 08:14 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-07-12 18:38 - 2017-07-07 08:14 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-07-12 18:38 - 2017-07-07 08:13 - 005892096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-07-12 18:38 - 2017-07-07 08:12 - 004730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-12 18:38 - 2017-07-07 08:12 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-12 18:38 - 2017-07-07 08:12 - 002499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-07-12 18:38 - 2017-07-07 08:12 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-07-12 18:38 - 2017-07-07 08:12 - 001142272 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-07-12 18:38 - 2017-07-07 08:12 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-07-12 18:38 - 2017-07-07 08:11 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-07-12 18:38 - 2017-07-07 08:11 - 001888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-07-12 18:38 - 2017-07-07 08:11 - 001812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-07-12 18:38 - 2017-07-07 08:10 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-07-12 18:38 - 2017-07-07 08:10 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-07-12 18:38 - 2017-07-07 08:10 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll
2017-07-12 18:38 - 2017-07-07 08:09 - 020504576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-07-12 18:38 - 2017-07-07 08:09 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-07-12 18:38 - 2017-07-07 08:08 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-07-12 18:38 - 2017-07-07 08:07 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-07-12 18:38 - 2017-07-07 08:07 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2017-07-12 18:38 - 2017-07-07 08:06 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-07-12 18:38 - 2017-07-07 08:06 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2017-07-12 18:38 - 2017-07-07 08:06 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2017-07-12 18:38 - 2017-07-07 08:05 - 019335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-12 18:38 - 2017-07-07 08:05 - 011870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-12 18:38 - 2017-07-07 08:05 - 005719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-07-12 18:38 - 2017-07-07 08:05 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-07-12 18:38 - 2017-07-07 08:05 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-07-12 18:38 - 2017-07-07 08:04 - 005961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-12 18:38 - 2017-07-07 08:04 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-07-12 18:38 - 2017-07-07 08:04 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-07-12 18:38 - 2017-07-07 08:04 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2017-07-12 18:38 - 2017-07-07 08:03 - 006123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-07-12 18:38 - 2017-07-07 08:03 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-07-12 18:38 - 2017-07-07 08:03 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-07-12 18:38 - 2017-07-07 08:02 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-07-12 18:38 - 2017-07-07 08:01 - 006287360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-07-12 18:38 - 2017-07-07 08:01 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-12 18:38 - 2017-07-07 08:00 - 007596544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-07-12 18:38 - 2017-07-07 08:00 - 002588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-07-12 18:38 - 2017-07-07 08:00 - 001626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-07-12 18:38 - 2017-07-07 08:00 - 001565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-07-12 18:38 - 2017-07-07 07:59 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-07-12 18:38 - 2017-07-07 07:59 - 003656704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-12 18:38 - 2017-07-07 07:59 - 001494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-07-12 18:38 - 2017-07-07 07:59 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-07-12 18:38 - 2017-07-07 07:59 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-07-12 18:38 - 2017-07-07 07:58 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-07-12 18:38 - 2017-07-07 07:58 - 001237504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-07-12 18:38 - 2017-07-07 07:55 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2017-07-12 18:38 - 2017-07-07 07:55 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-07-12 18:38 - 2017-07-07 07:53 - 001301504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-07-12 18:38 - 2017-07-07 07:53 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-07-12 18:38 - 2017-07-02 00:52 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-07-12 18:38 - 2017-06-20 08:17 - 000034720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-07-12 18:38 - 2017-06-20 08:16 - 000335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-07-12 18:38 - 2017-06-20 08:15 - 000233376 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-07-12 18:38 - 2017-06-20 08:11 - 001395152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-07-12 18:38 - 2017-06-20 08:11 - 000411992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2017-07-12 18:38 - 2017-06-20 08:10 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-07-12 18:38 - 2017-06-20 08:10 - 001930320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-07-12 18:38 - 2017-06-20 08:08 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-07-12 18:38 - 2017-06-20 08:06 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-07-12 18:38 - 2017-06-20 08:05 - 001057832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-07-12 18:38 - 2017-06-20 08:04 - 004847424 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-07-12 18:38 - 2017-06-20 08:03 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-07-12 18:38 - 2017-06-20 08:03 - 000102312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialUIBroker.exe
2017-07-12 18:38 - 2017-06-20 08:02 - 002645688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-07-12 18:38 - 2017-06-20 08:02 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-07-12 18:38 - 2017-06-20 08:00 - 000142752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-07-12 18:38 - 2017-06-20 07:59 - 006554928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-07-12 18:38 - 2017-06-20 07:59 - 001220072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-07-12 18:38 - 2017-06-20 07:59 - 000467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-07-12 18:38 - 2017-06-20 07:58 - 000833160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-07-12 18:38 - 2017-06-20 07:57 - 002681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-07-12 18:38 - 2017-06-20 07:57 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-07-12 18:38 - 2017-06-20 07:34 - 000192416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-07-12 18:38 - 2017-06-20 07:15 - 001620368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-07-12 18:38 - 2017-06-20 07:15 - 000455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2017-07-12 18:38 - 2017-06-20 07:14 - 001150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-07-12 18:38 - 2017-06-20 07:13 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-07-12 18:38 - 2017-06-20 07:13 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2017-07-12 18:38 - 2017-06-20 07:12 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-07-12 18:38 - 2017-06-20 07:12 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-07-12 18:38 - 2017-06-20 07:12 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2017-07-12 18:38 - 2017-06-20 07:11 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-07-12 18:38 - 2017-06-20 07:11 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-07-12 18:38 - 2017-06-20 07:10 - 000722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-07-12 18:38 - 2017-06-20 07:10 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-07-12 18:38 - 2017-06-20 07:10 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2017-07-12 18:38 - 2017-06-20 07:10 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-07-12 18:38 - 2017-06-20 07:09 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2017-07-12 18:38 - 2017-06-20 07:09 - 000406032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-07-12 18:38 - 2017-06-20 07:09 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2017-07-12 18:38 - 2017-06-20 07:09 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2017-07-12 18:38 - 2017-06-20 07:09 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-07-12 18:38 - 2017-06-20 07:09 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-07-12 18:38 - 2017-06-20 07:09 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-07-12 18:38 - 2017-06-20 07:08 - 004469840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-07-12 18:38 - 2017-06-20 07:08 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-07-12 18:38 - 2017-06-20 07:08 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-07-12 18:38 - 2017-06-20 07:08 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2017-07-12 18:38 - 2017-06-20 07:08 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-07-12 18:38 - 2017-06-20 07:08 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-07-12 18:38 - 2017-06-20 07:08 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-07-12 18:38 - 2017-06-20 07:07 - 002475136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-07-12 18:38 - 2017-06-20 07:07 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-07-12 18:38 - 2017-06-20 07:07 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2017-07-12 18:38 - 2017-06-20 07:07 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2017-07-12 18:38 - 2017-06-20 07:07 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-07-12 18:38 - 2017-06-20 07:07 - 000510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-07-12 18:38 - 2017-06-20 07:07 - 000346016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-07-12 18:38 - 2017-06-20 07:07 - 000138656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-07-12 18:38 - 2017-06-20 07:06 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-07-12 18:38 - 2017-06-20 07:06 - 000847872 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-07-12 18:38 - 2017-06-20 07:06 - 000754592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-07-12 18:38 - 2017-06-20 07:06 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-12 18:38 - 2017-06-20 07:06 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-07-12 18:38 - 2017-06-20 07:06 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-07-12 18:38 - 2017-06-20 07:06 - 000278944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-07-12 18:38 - 2017-06-20 07:05 - 004447744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-07-12 18:38 - 2017-06-20 07:05 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-07-12 18:38 - 2017-06-20 07:05 - 000585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-07-12 18:38 - 2017-06-20 07:05 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-07-12 18:38 - 2017-06-20 07:05 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-07-12 18:38 - 2017-06-20 07:05 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-07-12 18:38 - 2017-06-20 07:05 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-07-12 18:38 - 2017-06-20 07:05 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-07-12 18:38 - 2017-06-20 07:04 - 001818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-07-12 18:38 - 2017-06-20 07:04 - 001425920 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-07-12 18:38 - 2017-06-20 07:04 - 001178528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-07-12 18:38 - 2017-06-20 07:04 - 001177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-07-12 18:38 - 2017-06-20 07:04 - 001077496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2017-07-12 18:38 - 2017-06-20 07:04 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2017-07-12 18:38 - 2017-06-20 07:04 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-07-12 18:38 - 2017-06-20 07:04 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-07-12 18:38 - 2017-06-20 07:04 - 000049656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msasn1.dll
2017-07-12 18:38 - 2017-06-20 07:03 - 002077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-07-12 18:38 - 2017-06-20 07:03 - 000864240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-07-12 18:38 - 2017-06-20 07:03 - 000443728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2017-07-12 18:38 - 2017-06-20 07:02 - 000354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-07-12 18:38 - 2017-06-20 07:01 - 004536320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-07-12 18:38 - 2017-06-20 07:01 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-07-12 18:38 - 2017-06-20 07:01 - 003803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-07-12 18:38 - 2017-06-20 07:01 - 001076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-07-12 18:38 - 2017-06-20 07:01 - 000176032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-07-12 18:38 - 2017-06-20 07:00 - 002171392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-07-12 18:38 - 2017-06-20 06:59 - 002938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-07-12 18:38 - 2017-06-20 06:59 - 001674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-07-12 18:38 - 2017-06-20 06:56 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-07-12 18:38 - 2017-06-20 06:54 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-07-12 18:38 - 2017-06-20 06:49 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2017-07-12 18:38 - 2017-06-20 06:49 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-07-12 18:38 - 2017-06-20 06:46 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-12 18:38 - 2017-06-20 06:45 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll
2017-07-12 18:38 - 2017-06-20 06:45 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-07-12 18:38 - 2017-06-20 06:43 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-07-12 18:38 - 2017-06-20 06:43 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2017-07-12 18:38 - 2017-06-20 06:43 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2017-07-12 18:38 - 2017-06-20 06:43 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-07-12 18:38 - 2017-06-20 06:43 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-07-12 18:38 - 2017-06-20 06:43 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-07-12 18:38 - 2017-06-20 06:43 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2017-07-12 18:38 - 2017-06-20 06:42 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2017-07-12 18:38 - 2017-06-20 06:42 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2017-07-12 18:38 - 2017-06-20 06:42 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-07-12 18:38 - 2017-06-20 06:42 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-07-12 18:38 - 2017-06-20 06:42 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-07-12 18:38 - 2017-06-20 06:42 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-07-12 18:38 - 2017-06-20 06:41 - 000734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-07-12 18:38 - 2017-06-20 06:41 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2017-07-12 18:38 - 2017-06-20 06:41 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-07-12 18:38 - 2017-06-20 06:41 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-07-12 18:38 - 2017-06-20 06:41 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-07-12 18:38 - 2017-06-20 06:40 - 000342016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-07-12 18:38 - 2017-06-20 06:40 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-07-12 18:38 - 2017-06-20 06:40 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-07-12 18:38 - 2017-06-20 06:40 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-07-12 18:38 - 2017-06-20 06:39 - 002814464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2017-07-12 18:38 - 2017-06-20 06:39 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-07-12 18:38 - 2017-06-20 06:39 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2017-07-12 18:38 - 2017-06-20 06:39 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2017-07-12 18:38 - 2017-06-20 06:39 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-07-12 18:38 - 2017-06-20 06:38 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-07-12 18:38 - 2017-06-20 06:38 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-12 18:38 - 2017-06-20 06:38 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2017-07-12 18:38 - 2017-06-20 06:37 - 002008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-07-12 18:38 - 2017-06-20 06:35 - 002679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-07-12 18:38 - 2017-06-20 06:35 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-07-12 18:38 - 2017-06-20 06:34 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-07-12 18:38 - 2017-06-20 06:34 - 001492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-07-12 18:38 - 2017-06-20 06:34 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-07-12 18:38 - 2017-06-20 06:31 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-07-12 18:38 - 2017-06-20 06:30 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdmaud.drv
2017-07-12 18:38 - 2017-06-20 06:30 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-07-12 18:38 - 2017-06-20 06:28 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-07-12 18:37 - 2017-07-07 09:27 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-07-12 18:37 - 2017-07-07 09:27 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-07-12 18:37 - 2017-07-07 09:27 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-07-12 18:37 - 2017-07-07 09:27 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-07-12 18:37 - 2017-07-07 09:22 - 000119384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-07-12 18:37 - 2017-07-07 09:17 - 001017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-07-12 18:37 - 2017-07-07 09:15 - 002444696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-07-12 18:37 - 2017-07-07 09:14 - 001171032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2017-07-12 18:37 - 2017-07-07 09:13 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-07-12 18:37 - 2017-07-07 09:13 - 000147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2017-07-12 18:37 - 2017-07-07 09:12 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-07-12 18:37 - 2017-07-07 09:10 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-07-12 18:37 - 2017-07-07 09:10 - 001337848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-07-12 18:37 - 2017-07-07 09:10 - 000372128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 002229152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 001854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 001693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 001458584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 001100704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 000992672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 000848280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 000846752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-07-12 18:37 - 2017-07-07 09:08 - 000844704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 000699808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 000672672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 000506776 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 000399264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-07-12 18:37 - 2017-07-07 08:27 - 001640448 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-07-12 18:37 - 2017-07-07 08:27 - 001050624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-07-12 18:37 - 2017-07-07 08:27 - 000859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-07-12 18:37 - 2017-07-07 08:27 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2017-07-12 18:37 - 2017-07-07 08:27 - 000443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-07-12 18:37 - 2017-07-07 08:25 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-07-12 18:37 - 2017-07-07 08:24 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-07-12 18:37 - 2017-07-07 08:23 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-07-12 18:37 - 2017-07-07 08:23 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll
2017-07-12 18:37 - 2017-07-07 08:22 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-07-12 18:37 - 2017-07-07 08:21 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2017-07-12 18:37 - 2017-07-07 08:21 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-07-12 18:37 - 2017-07-07 08:19 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-07-12 18:37 - 2017-07-07 08:19 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2017-07-12 18:37 - 2017-07-07 08:18 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-07-12 18:37 - 2017-07-07 08:17 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-07-12 18:37 - 2017-07-07 08:17 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-07-12 18:37 - 2017-07-07 08:17 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-07-12 18:37 - 2017-07-07 08:16 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-07-12 18:37 - 2017-07-07 08:14 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-07-12 18:37 - 2017-07-07 08:14 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-07-12 18:37 - 2017-07-07 08:13 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-07-12 18:37 - 2017-07-07 08:12 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-07-12 18:37 - 2017-07-07 08:12 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-07-12 18:37 - 2017-07-07 08:12 - 001420800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-07-12 18:37 - 2017-07-07 08:12 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-07-12 18:37 - 2017-07-07 08:11 - 003139584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-07-12 18:37 - 2017-07-07 08:11 - 002649600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-07-12 18:37 - 2017-07-07 08:11 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-07-12 18:37 - 2017-07-07 08:11 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-07-12 18:37 - 2017-07-07 08:11 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-07-12 18:37 - 2017-07-07 08:10 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-12 18:37 - 2017-07-07 08:10 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-07-12 18:37 - 2017-07-07 08:07 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-07-12 18:37 - 2017-07-07 08:07 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2017-07-12 18:37 - 2017-07-07 08:05 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-07-12 18:37 - 2017-07-07 08:04 - 001703424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-07-12 18:37 - 2017-07-07 08:04 - 001403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-07-12 18:37 - 2017-06-20 08:18 - 001564576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-07-12 18:37 - 2017-06-20 08:18 - 000096672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-07-12 18:37 - 2017-06-20 08:17 - 000629152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-07-12 18:37 - 2017-06-20 08:17 - 000544160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-07-12 18:37 - 2017-06-20 08:17 - 000334240 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-07-12 18:37 - 2017-06-20 08:17 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-07-12 18:37 - 2017-06-20 08:16 - 001214880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-07-12 18:37 - 2017-06-20 08:04 - 000472728 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-07-12 18:37 - 2017-06-20 08:03 - 000179608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-07-12 18:37 - 2017-06-20 08:02 - 000426912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-07-12 18:37 - 2017-06-20 08:00 - 000558920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-07-12 18:37 - 2017-06-20 08:00 - 000255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-07-12 18:37 - 2017-06-20 07:59 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-07-12 18:37 - 2017-06-20 07:59 - 000583304 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-07-12 18:37 - 2017-06-20 07:58 - 000406072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-07-12 18:37 - 2017-06-20 07:58 - 000203168 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-07-12 18:37 - 2017-06-20 07:16 - 000970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2017-07-12 18:37 - 2017-06-20 07:16 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-07-12 18:37 - 2017-06-20 07:14 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-07-12 18:37 - 2017-06-20 07:13 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-12 18:37 - 2017-06-20 07:13 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2017-07-12 18:37 - 2017-06-20 07:13 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
2017-07-12 18:37 - 2017-06-20 07:12 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-07-12 18:37 - 2017-06-20 07:12 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-07-12 18:37 - 2017-06-20 07:10 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-07-12 18:37 - 2017-06-20 07:10 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-07-12 18:37 - 2017-06-20 07:09 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2017-07-12 18:37 - 2017-06-20 07:09 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-07-12 18:37 - 2017-06-20 07:09 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-07-12 18:37 - 2017-06-20 07:09 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2017-07-12 18:37 - 2017-06-20 07:09 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-07-12 18:37 - 2017-06-20 07:09 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2017-07-12 18:37 - 2017-06-20 07:08 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2017-07-12 18:37 - 2017-06-20 07:08 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-07-12 18:37 - 2017-06-20 07:07 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-07-12 18:37 - 2017-06-20 07:07 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-07-12 18:37 - 2017-06-20 07:07 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-07-12 18:37 - 2017-06-20 07:07 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-07-12 18:37 - 2017-06-20 07:06 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-07-12 18:37 - 2017-06-20 07:06 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-07-12 18:37 - 2017-06-20 07:06 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-07-12 18:37 - 2017-06-20 07:06 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-07-12 18:37 - 2017-06-20 07:05 - 002873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2017-07-12 18:37 - 2017-06-20 07:05 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-07-12 18:37 - 2017-06-20 07:05 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-07-12 18:37 - 2017-06-20 07:05 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2017-07-12 18:37 - 2017-06-20 07:05 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-07-12 18:37 - 2017-06-20 07:04 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-07-12 18:37 - 2017-06-20 07:03 - 001396224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-07-12 18:37 - 2017-06-20 07:02 - 003204096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-07-12 18:37 - 2017-06-20 07:02 - 002804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-07-12 18:37 - 2017-06-20 07:02 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-07-12 18:37 - 2017-06-20 07:02 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-07-12 18:37 - 2017-06-20 07:02 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2017-07-12 18:37 - 2017-06-20 07:01 - 003332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-07-12 18:37 - 2017-06-20 07:01 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-07-12 18:37 - 2017-06-20 07:01 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-07-12 18:37 - 2017-06-20 07:01 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-07-12 18:37 - 2017-06-20 07:00 - 003057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-07-12 18:37 - 2017-06-20 06:59 - 001357824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-07-12 18:37 - 2017-06-20 06:58 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-07-12 18:37 - 2017-06-20 06:57 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2017-07-12 18:37 - 2017-06-20 06:57 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2017-07-12 18:37 - 2017-06-20 06:56 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-07-12 18:37 - 2017-06-20 06:56 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdmaud.drv
2017-07-12 18:09 - 2017-07-12 18:09 - 001077755 _____ C:\Users\nicol\Downloads\scanner@fuhrmann-steuerberatung.de_20170712_07.rar
2017-07-12 18:06 - 2017-07-12 18:06 - 001539146 _____ C:\Users\nicol\Downloads\scanner@fuhrmann-steuerberatung.de_20170712_07.tif
2017-07-11 18:25 - 2017-07-11 18:25 - 000000000 ____D C:\Users\nicol\AppData\Local\Foxit PhantomPDF
2017-07-11 18:16 - 2017-07-11 18:16 - 000001162 _____ C:\Users\Public\Desktop\Foxit PhantomPDF.lnk
2017-07-11 18:16 - 2017-07-11 18:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2017-07-11 17:44 - 2017-07-12 18:09 - 000748096 _____ C:\Users\nicol\Desktop\Bilanz_GuV.pptx
2017-07-11 17:38 - 2017-07-11 17:38 - 000045502 _____ C:\Users\nicol\Desktop\Bilanz lang.pdf
2017-07-11 17:26 - 2017-07-12 18:01 - 000360786 _____ C:\Users\nicol\Desktop\Präsentation Liquidität.pptx
2017-07-11 17:25 - 2017-07-11 17:25 - 000381033 _____ C:\Users\nicol\Downloads\Präsentation11.pptx
2017-07-04 14:59 - 2017-07-04 14:59 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-07-03 21:55 - 2017-07-12 18:46 - 000001347 _____ C:\Users\nicol\Desktop\GoPro - Verknüpfung.lnk
2017-07-03 21:42 - 2017-07-03 21:42 - 000000000 ____D C:\Users\nicol\AppData\Roaming\AMD
2017-07-03 21:21 - 2017-07-03 21:22 - 000000000 ____D C:\Users\nicol\AppData\Local\ConnectedDevicesPlatform
2017-07-03 21:21 - 2017-07-03 21:21 - 000000020 ___SH C:\Users\nicol\ntuser.ini
2017-07-03 21:21 - 2017-07-03 21:21 - 000000000 ____D C:\Users\nicol\AppData\Local\DBG
2017-07-03 20:46 - 2017-07-03 20:46 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-07-03 20:46 - 2017-07-03 19:58 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-07-03 20:43 - 2017-07-03 20:43 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-07-03 20:43 - 2017-07-03 20:43 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-07-03 20:43 - 2017-07-03 20:43 - 000000000 ____D C:\Program Files\MSBuild
2017-07-03 20:43 - 2017-07-03 20:43 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-07-03 20:43 - 2017-07-03 20:43 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-07-03 20:42 - 2017-02-10 12:26 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-07-03 20:42 - 2017-02-10 12:26 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-07-03 20:42 - 2017-02-10 12:26 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-07-03 20:42 - 2017-02-10 12:21 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-07-03 20:42 - 2017-02-10 12:21 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-07-03 20:42 - 2017-02-10 12:21 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-07-03 20:38 - 2017-07-03 20:38 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2017-07-03 20:12 - 2017-07-03 20:12 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2017-07-03 20:12 - 2017-07-03 20:12 - 000007623 _____ C:\WINDOWS\diagerr.xml
2017-07-03 20:11 - 2017-08-01 18:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-03 20:11 - 2017-07-03 20:11 - 000022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-07-03 20:11 - 2017-07-03 20:11 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-07-03 20:11 - 2017-07-03 20:11 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-07-03 20:08 - 2017-07-03 20:08 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-07-03 20:08 - 2017-07-03 20:08 - 000000000 ____D C:\ProgramData\USOShared
2017-07-03 20:04 - 2017-07-03 20:08 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-07-03 20:03 - 2017-07-31 19:07 - 000000000 ____D C:\Users\nicol
2017-07-03 20:03 - 2017-07-03 20:03 - 000000000 _SHDL C:\Users\nicol\Vorlagen
2017-07-03 20:03 - 2017-07-03 20:03 - 000000000 _SHDL C:\Users\nicol\Startmenü
2017-07-03 20:03 - 2017-07-03 20:03 - 000000000 _SHDL C:\Users\nicol\Netzwerkumgebung
2017-07-03 20:03 - 2017-07-03 20:03 - 000000000 _SHDL C:\Users\nicol\Lokale Einstellungen
2017-07-03 20:03 - 2017-07-03 20:03 - 000000000 _SHDL C:\Users\nicol\Eigene Dateien
2017-07-03 20:03 - 2017-07-03 20:03 - 000000000 _SHDL C:\Users\nicol\Druckumgebung
2017-07-03 20:03 - 2017-07-03 20:03 - 000000000 _SHDL C:\Users\nicol\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-07-03 20:03 - 2017-07-03 20:03 - 000000000 _SHDL C:\Users\nicol\AppData\Local\Verlauf
2017-07-03 20:03 - 2017-07-03 20:03 - 000000000 _SHDL C:\Users\nicol\AppData\Local\Anwendungsdaten
2017-07-03 20:03 - 2017-07-03 20:03 - 000000000 _SHDL C:\Users\nicol\Anwendungsdaten
2017-07-03 20:01 - 2017-07-03 20:01 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-07-03 20:01 - 2017-07-03 20:01 - 000000000 ____D C:\Program Files\Synaptics
2017-07-03 20:01 - 2017-07-03 20:01 - 000000000 ____D C:\Program Files (x86)\USB Camera
2017-07-03 20:00 - 2017-07-03 20:00 - 000000000 _____ C:\WINDOWS\ativpsrm.bin
2017-07-03 19:59 - 2017-07-03 20:05 - 000000000 ____D C:\Program Files\AMD
2017-07-03 19:59 - 2017-07-03 19:59 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2017-07-03 19:59 - 2017-07-03 19:59 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-07-03 19:59 - 2017-07-03 19:59 - 000000000 ____D C:\Program Files\Realtek
2017-07-03 19:59 - 2017-07-03 19:59 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-07-03 19:59 - 2017-03-18 22:56 - 002233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-07-03 19:58 - 2017-08-01 06:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-07-03 19:58 - 2017-07-24 18:36 - 000394400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-03 18:54 - 2017-07-03 18:54 - 002251992 _____ (Broadcom Corporation.) C:\WINDOWS\system32\BtwRSupportService.exe
2017-07-03 18:54 - 2017-07-03 18:54 - 001441792 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrWi212a.dll
2017-07-03 18:54 - 2017-07-03 18:54 - 000279040 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrJDec.dll
2017-07-03 18:54 - 2017-07-03 18:54 - 000222720 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BRCOI12I.DLL
2017-07-03 18:54 - 2017-07-03 18:54 - 000188160 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\btwampfl.sys
2017-07-03 18:54 - 2017-07-03 18:54 - 000173312 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\bcbtums.sys
2017-07-03 18:54 - 2017-07-03 18:54 - 000069978 _____ C:\WINDOWS\system32\Drivers\BCM20702A1_001.002.014.1443.1485.hex
2017-07-03 18:54 - 2017-07-03 18:54 - 000066264 _____ (Broadcom Corporation.) C:\WINDOWS\system32\btwdi.dll
2017-07-03 18:54 - 2017-07-03 18:54 - 000050688 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BRPRTINK.DLL
2017-07-03 18:44 - 2017-07-03 21:21 - 000000000 ___DC C:\WINDOWS\Panther
2017-07-03 18:40 - 2017-07-03 18:44 - 000000036 _____ C:\WINDOWS\progress.ini
2017-07-03 18:23 - 2017-07-03 21:21 - 000000000 ____D C:\Windows10Upgrade
2017-07-03 18:23 - 2017-07-03 21:20 - 000000000 ___HD C:\$GetCurrent
2017-07-03 18:23 - 2017-07-03 18:23 - 000000809 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-Update-Assistent.lnk
2017-07-03 18:23 - 2017-07-03 18:23 - 000000797 _____ C:\Users\nicol\Desktop\Windows 10-Update-Assistent.lnk
2017-07-03 18:15 - 2017-07-03 18:15 - 000000000 ____D C:\Users\nicol\AppData\Roaming\GoPro
2017-07-03 18:13 - 2017-07-03 18:13 - 004216840 _____ (Microsoft Corporation) C:\Users\nicol\Downloads\vcredist_x86.exe
2017-07-03 18:00 - 2017-07-03 18:00 - 000000000 ____D C:\WINDOWS\UpdateAssistant

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-08-01 18:25 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-01 18:25 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-01 18:24 - 2017-06-03 17:51 - 002282380 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-01 18:24 - 2017-03-20 06:41 - 001038580 _____ C:\WINDOWS\system32\perfh007.dat
2017-08-01 18:24 - 2017-03-20 06:41 - 000227994 _____ C:\WINDOWS\system32\perfc007.dat
2017-08-01 18:20 - 2017-06-03 18:19 - 000000000 ____D C:\Users\nicol\AppData\LocalLow\Mozilla
2017-08-01 07:05 - 2017-06-03 19:24 - 000000000 ____D C:\Users\nicol\AppData\Roaming\UseNeXT
2017-07-31 19:19 - 2017-06-04 13:42 - 000002172 _____ C:\Users\nicol\Desktop\Call of Duty(R) 4 - Bots.lnk
2017-07-31 18:33 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-07-31 17:39 - 2017-06-03 18:34 - 000000000 ____D C:\Users\nicol\AppData\Roaming\Foxit Software
2017-07-28 19:34 - 2017-06-03 17:54 - 000002387 _____ C:\Users\nicol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-07-28 19:34 - 2017-06-03 17:54 - 000000000 ___RD C:\Users\nicol\OneDrive
2017-07-27 20:38 - 2017-06-04 14:29 - 000000000 ____D C:\Program Files (x86)\Origin
2017-07-26 17:59 - 2017-06-04 14:28 - 000000000 ____D C:\Users\nicol\AppData\Local\ElevatedDiagnostics
2017-07-24 19:51 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-07-24 19:07 - 2017-06-03 20:32 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-07-24 19:07 - 2017-03-18 13:40 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-07-23 21:34 - 2017-06-03 18:36 - 000000000 ____D C:\ProgramData\Sonos,_Inc
2017-07-18 22:35 - 2017-06-03 19:37 - 000000000 ____D C:\Program Files (x86)\Steam
2017-07-18 19:20 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-07-15 11:35 - 2017-06-03 19:36 - 000000000 ____D C:\Users\nicol\AppData\Roaming\WhatsApp
2017-07-14 16:47 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-07-12 19:17 - 2017-06-03 17:51 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ___RD C:\Program Files\Windows Defender
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\migwiz
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-07-12 18:55 - 2017-06-03 19:36 - 000002242 _____ C:\Users\nicol\Desktop\WhatsApp.lnk
2017-07-12 18:55 - 2017-06-03 19:36 - 000000000 ____D C:\Users\nicol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2017-07-12 18:55 - 2017-06-03 19:36 - 000000000 ____D C:\Users\nicol\AppData\Local\WhatsApp
2017-07-12 18:55 - 2017-06-03 19:35 - 000000000 ____D C:\Users\nicol\AppData\Local\SquirrelTemp
2017-07-12 18:50 - 2017-06-19 15:05 - 000000000 ____D C:\Program Files\ReviverSoft
2017-07-12 18:46 - 2017-06-19 15:05 - 000001292 _____ C:\Users\nicol\Desktop\Windows 10 Manager.lnk
2017-07-12 18:46 - 2017-06-19 15:05 - 000001282 _____ C:\Users\nicol\Desktop\1-Click Cleaner.lnk
2017-07-12 18:46 - 2017-06-18 19:26 - 000001258 _____ C:\Users\nicol\Desktop\MP3 to iPod Audio Book Converter.lnk
2017-07-12 18:46 - 2017-06-18 19:14 - 000001190 _____ C:\Users\nicol\Desktop\Syncios.lnk
2017-07-12 18:46 - 2017-06-05 11:11 - 000001072 _____ C:\Users\nicol\Desktop\HeavyLoad.lnk
2017-07-12 18:46 - 2017-06-03 19:24 - 000001930 _____ C:\Users\nicol\Desktop\UseNeXT by Tangysoft.lnk
2017-07-12 18:46 - 2017-06-03 18:28 - 000001080 _____ C:\Users\nicol\Desktop\SpeedFan.lnk
2017-07-12 18:42 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-07-12 18:41 - 2017-06-03 18:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-07-12 18:39 - 2017-06-03 18:50 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-11 18:22 - 2017-06-04 16:01 - 000000000 ____D C:\Users\nicol\AppData\Local\Adobe
2017-07-11 18:16 - 2017-06-03 18:34 - 000000000 ____D C:\Users\Public\Foxit Software
2017-07-11 18:15 - 2017-06-04 14:29 - 000000000 ____D C:\ProgramData\Package Cache
2017-07-11 18:15 - 2017-06-03 18:34 - 000000000 ____D C:\Program Files (x86)\Foxit Software
2017-07-11 17:26 - 2017-06-03 17:51 - 000000000 ____D C:\Users\nicol\AppData\Local\Packages
2017-07-05 09:57 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\appcompat
2017-07-04 21:43 - 2017-06-04 15:49 - 000000458 __RSH C:\ProgramData\ntuser.pol
2017-07-04 21:43 - 2017-06-03 18:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-04 21:43 - 2017-06-03 18:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-07-04 14:59 - 2017-06-11 12:38 - 000000000 ____D C:\Users\Public\CineForm
2017-07-04 14:58 - 2017-06-03 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2017-07-03 21:46 - 2017-06-11 12:37 - 000000000 ____D C:\Users\nicol\AppData\Local\GoPro
2017-07-03 21:21 - 2017-06-04 16:15 - 000000000 ____D C:\Users\nicol\AppData\Local\StartIsBack
2017-07-03 20:56 - 2017-03-18 23:03 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-07-03 20:51 - 2017-03-18 23:06 - 000000000 ____D C:\WINDOWS\Setup
2017-07-03 20:43 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-07-03 20:43 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\MUI
2017-07-03 20:43 - 2017-03-18 22:56 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-07-03 20:43 - 2017-03-18 22:56 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-07-03 20:43 - 2017-03-18 22:56 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-07-03 20:43 - 2017-03-18 22:56 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-07-03 20:13 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows NT
2017-07-03 20:12 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-07-03 20:12 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\Registration
2017-07-03 20:12 - 2017-03-18 13:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-07-03 20:11 - 2015-07-10 13:04 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-07-03 20:10 - 2017-03-18 23:03 - 000000000 __RSD C:\WINDOWS\Media
2017-07-03 20:10 - 2017-03-18 23:03 - 000000000 __RHD C:\Users\Public\Libraries
2017-07-03 20:08 - 2017-06-19 15:05 - 000000000 ____D C:\Users\nicol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yamicsoft
2017-07-03 20:08 - 2017-06-18 19:26 - 000000000 ____D C:\Users\nicol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3 to iPod Audio Book Converter
2017-07-03 20:08 - 2017-06-18 11:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HolmeZ
2017-07-03 20:08 - 2017-06-11 13:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImpactWinter
2017-07-03 20:08 - 2017-06-11 12:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoPro
2017-07-03 20:08 - 2017-06-05 11:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HeavyLoad
2017-07-03 20:08 - 2017-06-04 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-07-03 20:08 - 2017-06-04 14:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
2017-07-03 20:08 - 2017-06-04 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blur(TM)
2017-07-03 20:08 - 2017-06-03 19:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2017-07-03 20:08 - 2017-06-03 19:43 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2017-07-03 20:08 - 2017-06-03 19:39 - 000000000 ____D C:\WINDOWS\SHELLNEW
2017-07-03 20:08 - 2017-06-03 19:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-07-03 20:08 - 2017-06-03 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-07-03 20:08 - 2017-06-03 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2017-07-03 20:08 - 2017-06-03 18:28 - 000000000 ____D C:\Users\nicol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-07-03 20:08 - 2017-06-03 18:28 - 000000000 ____D C:\Users\nicol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2017-07-03 20:08 - 2017-06-03 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-07-03 20:08 - 2017-06-03 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-07-03 20:08 - 2017-03-18 23:03 - 000000000 ____D C:\ProgramData\USOPrivate
2017-07-03 20:08 - 2017-03-18 23:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-03 20:05 - 2017-06-04 13:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2017-07-03 20:05 - 2017-06-03 19:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2017-07-03 20:05 - 2017-06-03 19:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2017-07-03 20:05 - 2017-06-03 18:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2017-07-03 20:05 - 2017-06-03 18:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2017-07-03 20:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-07-03 20:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\spool
2017-07-03 20:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-07-03 20:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\System
2017-07-03 20:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2017-07-03 20:05 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Common Files\System
2017-07-03 20:05 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-07-03 20:04 - 2017-06-03 18:31 - 000000000 ____D C:\Users\nicol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Syncios
2017-07-03 20:04 - 2015-07-10 13:04 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-07-03 20:03 - 2017-03-18 13:40 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-07-03 20:01 - 2017-03-20 06:43 - 000000000 ____D C:\WINDOWS\HoloShell
2017-07-03 20:01 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\PrintDialog
2017-07-03 20:01 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\MiracastView

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-06-04 14:35 - 2017-06-04 14:35 - 000079466 _____ () C:\ProgramData\cl.1496579652.bdinstall.bin
2017-07-03 19:59 - 2017-07-03 19:59 - 000000000 ____H () C:\ProgramData\DP45977C.lfl

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\nicol\czlfnyii.exe


Einige Dateien in TEMP:
====================
2017-07-03 21:38 - 2017-07-03 21:57 - 000000000 ____D () C:\Users\nicol\AppData\Local\Temp\SynciosDeviceService.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-07-26 18:43

==================== Ende von FRST.txt ============================

Nicky_86 · 01.08.2017, 20:08

Addition.txt

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-07-2017
durchgeführt von Nicol (01-08-2017 20:49:34)
Gestartet von C:\Users\nicol\Desktop
Windows 10 Pro Version 1703 (X64) (2017-07-03 19:20:59)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2090734139-1850318513-3907554720-500 - Administrator - Enabled)
DefaultAccount (S-1-5-21-2090734139-1850318513-3907554720-503 - Limited - Disabled)
Gast (S-1-5-21-2090734139-1850318513-3907554720-501 - Limited - Disabled)
Nicol (S-1-5-21-2090734139-1850318513-3907554720-1001 - Administrator - Enabled) => C:\Users\nicol

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Activision(R) (HKLM-x32\...\{589A63D3-89E1-4D9B-8DBC-6039BB27289E}) (Version: 1.00.0000 - Activision) Hidden
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (HKLM-x32\...\{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (HKLM-x32\...\{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios)
AMD Catalyst Install Manager (HKLM\...\{9268D25B-C6DE-1579-01AB-E61CC0C6C8A8}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.26.0 - AppEx Networks)
Apple Application Support (32-Bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Blur(TM) (HKLM-x32\...\InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}) (Version: 1.00.0000 - Activision)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite DCP-J4110DW (HKLM-x32\...\{DD98C438-D769-4677-AA87-3481FA32D20C}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch (HKLM-x32\...\{5D7767FA-7FE8-4627-9F09-AEF7A25F1E07}) (Version: 1.1 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch (HKLM-x32\...\InstallShield_{5D7767FA-7FE8-4627-9F09-AEF7A25F1E07}) (Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch (HKLM-x32\...\{E5141379-B2D9-4BBC-BB2A-5805541571DD}) (Version: 1.2 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch (HKLM-x32\...\InstallShield_{E5141379-B2D9-4BBC-BB2A-5805541571DD}) (Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch (HKLM-x32\...\{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}) (Version: 1.3 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch (HKLM-x32\...\InstallShield_{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}) (Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (HKLM-x32\...\{3BD633E0-4BF8-4499-9149-88F0767D449C}) (Version: 1.4 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (HKLM-x32\...\InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}) (Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch (HKLM-x32\...\InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}) (Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch (HKLM-x32\...\{8503C901-85D7-4262-88D2-8D8B2A7B08B8}) (Version: 1.5 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version: 1.7 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version:  - ) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.3 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.3 - Lenovo)
Foxit PhantomPDF Business (HKLM-x32\...\{05594894-9B62-4D66-BC12-4DA14CA22F28}) (Version: 7.3.6.321 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.3.0.14878 - Foxit Software Inc.)
GoPro Studio (HKLM-x32\...\{BE06FF1A-83A0-42F2-913E-6E405393145C}) (Version: 5.12.5383 - GoPro, Inc.) Hidden
HeavyLoad V3.3 (64 bit) (HKLM\...\HeavyLoad_is1) (Version: 3.3 - JAM Software)
HolmeZ (HKLM-x32\...\{886AF6B6-CEFA-4B18-946F-3389B3EAB53F}) (Version: 2.2.0 - HolmeZ SoftSolutions Pte. Ltd.)
ImpactWinter (HKLM-x32\...\ImpactWinter_is1) (Version:  - )
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.7800 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}) (Version: 1.12.824.1 - Vimicro)
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.223.143 - Lenovo)
MailStyler (HKLM-x32\...\{77C1C524-CCF5-49C8-8B30-516A46559092}) (Version: 1.3.3 - Delivery Tech Corp.)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3 - Mozilla)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.16.25850 - Electronic Arts, Inc.)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Quik (HKLM\...\{DF7EE9CB-0369-44F3-9B91-BF05A2D4891D}) (Version: 0.1.5383 - GoPro, Inc.) Hidden
Quik (HKLM-x32\...\{b15a4fb5-7637-45ca-b230-33d94af786a7}) (Version: 2.3.0.5383 - GoPro, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Setup Launcher Unicode 2 (HKLM-x32\...\Setup Launcher Unicode 2) (Version: 2 - Delivery Tech Corp)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 35.3.39010 - Sonos, Inc.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
StartIsBack++ (HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\StartIsBack) (Version: 2.0.9 - startisback.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Strumenti di correzione di Microsoft Office 2016 - Italiano (HKLM\...\{90160000-001F-0410-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Syncios 6.1.4 (HKLM-x32\...\Syncios) (Version: 6.1.4 - Anvsoft)
Update for Skype for Business 2016 (KB3127980) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{63487652-EA1D-4817-B4EB-B3D29A441B8F}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB3127980) 64-Bit Edition (HKLM\...\{90160000-012B-0407-1000-0000000FF1CE}_Office16.PROPLUS_{63487652-EA1D-4817-B4EB-B3D29A441B8F}) (Version:  - Microsoft)
UpdateAssistant (HKLM-x32\...\{B302EECB-0DA5-46E6-8A58-127440F22CF1}) (Version: 1.7.0.0 - Microsoft Corporation) Hidden
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
VFW_Codec32 (HKLM-x32\...\{ECDB3455-70F4-4EE6-B89E-3B4C5E9FF592}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (HKLM\...\{AE4073DE-7596-4E3B-9DE3-18BE2C3EFAA6}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WhatsApp (HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\WhatsApp) (Version: 0.2.5093 - WhatsApp)
Windows 10 Manager (HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\Windows 10 Manager 2.1.0) (Version: 2.1.0 - Yamicsoft)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22211 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2090734139-1850318513-3907554720-1001_Classes\CLSID\{865e5e76-ad83-4dca-a109-50dc2113ce9b}\InprocServer32 -> C:\Users\nicol\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2090734139-1850318513-3907554720-1001_Classes\CLSID\{99E2B362-3E4E-4255-9B29-41A7F40777BA}\InprocServer32 -> C:\Users\nicol\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2090734139-1850318513-3907554720-1001_Classes\CLSID\{99E2B362-3E4E-4255-9B29-41A7F40777BB}\InprocServer32 -> C:\Users\nicol\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2090734139-1850318513-3907554720-1001_Classes\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c9}\InprocServer32 -> C:\Users\nicol\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2090734139-1850318513-3907554720-1001_Classes\CLSID\{AD1405D2-30CF-4877-8468-1EE1C52C759F}\InprocServer32 -> C:\Users\nicol\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2090734139-1850318513-3907554720-1001_Classes\CLSID\{c71c41f1-ddad-42dc-a8fc-f5bfc61df958}\InprocServer32 -> C:\Users\nicol\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2090734139-1850318513-3907554720-1001_Classes\CLSID\{E5C31EC8-C5E6-4E07-957E-944DB4AAD85E}\InprocServer32 -> C:\Users\nicol\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2016-03-09] (Foxit Software Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-03-31] (Foxit Software Inc.)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-10-29] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-03-31] (Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0610F87F-A550-450A-A035-5C456A9E7B6C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-05-19] (Piriform Ltd)
Task: {68FB7FD1-276B-4523-91AA-FD7DC3AD791D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {8C32E0CE-CA4D-49F5-8215-03E94C016E86} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {D60E0F0A-9505-4292-A327-665F31384C79} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {DB4D389B-3BFA-402E-91F2-8F6A535DAC32} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2017-06-26] (Microsoft Corporation)
Task: {E797B448-1CDD-4CB3-9646-D66654AF3A7E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2017-06-26] (Microsoft Corporation)
Task: {EC2425F0-9A52-4D41-8BFE-26F13DFF8319} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {FB962ED9-828F-485B-8A20-E89CD3EB2EEA} - System32\Tasks\xuasqgut => C:\Users\nicol\xuasqgut\czlfnyii.exe [2016-10-09] (AutoIt Team)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-10-29 09:41 - 2012-10-29 09:41 - 000073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2017-07-24 19:00 - 2017-06-27 12:06 - 002260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-19 16:03 - 2013-08-19 16:03 - 000049368 _____ () C:\Program Files\Lenovo\Bluetooth Software\btwleapi.dll
2017-06-03 19:48 - 2005-04-22 06:36 - 000143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-07-16 19:33 - 2017-07-16 19:33 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-16 19:33 - 2017-07-16 19:33 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-16 19:33 - 2017-07-16 19:33 - 043573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-16 19:33 - 2017-07-16 19:33 - 002435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll
2017-03-16 17:15 - 2017-03-16 17:15 - 000037808 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
2017-07-04 21:44 - 2017-07-04 21:44 - 003139496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-07-26 15:52 - 2017-07-26 15:52 - 010631168 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-07-26 15:52 - 2017-07-26 15:52 - 002640896 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.26.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2017-07-04 21:46 - 2017-07-04 21:47 - 001199816 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8241.41275.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2017-07-04 21:46 - 2017-07-04 21:47 - 013207232 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8241.41275.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Core.dll
2017-07-07 17:49 - 2017-07-07 17:49 - 000020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-07-07 17:49 - 2017-07-07 17:49 - 027590144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-07-07 17:49 - 2017-07-07 17:49 - 000428032 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-07-07 17:49 - 2017-07-07 17:49 - 020649984 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-07-07 17:49 - 2017-07-07 17:49 - 002305536 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-07-07 17:49 - 2017-07-07 17:49 - 002856448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-07-04 21:44 - 2017-07-04 21:44 - 003139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-07-04 21:48 - 2017-07-04 21:49 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-06-03 19:07 - 2017-06-03 19:08 - 000680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-07-07 17:49 - 2017-07-07 17:49 - 001127936 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-07-04 21:48 - 2017-07-04 21:49 - 001062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2017-07-26 15:51 - 2017-07-26 15:51 - 024054272 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17062.12911.0_x64__8wekyb3d8bbwe\Video.UI.exe
2017-07-26 15:51 - 2017-07-26 15:51 - 009161728 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17062.12911.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-07-04 21:46 - 2017-07-04 21:46 - 003500456 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17062.12911.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-07-26 15:52 - 2017-07-26 15:52 - 032960512 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17062.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe
2017-07-26 15:52 - 2017-07-26 15:52 - 009161728 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17062.14111.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-07-04 21:46 - 2017-07-04 21:46 - 003500456 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17062.14111.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-07-26 15:52 - 2017-07-26 15:52 - 013154304 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17062.14111.0_x64__8wekyb3d8bbwe\Music.Visuals.dll
2017-06-03 19:48 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\Software\Classes\exefile:  <==== ACHTUNG
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\Software\Classes\.exe:  =>  <==== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 13:04 - 2017-06-19 14:02 - 000000901 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 hxxp://www.driver-soft.com
127.0.0.1 www.driver-soft.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\nicol\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\6102910-red-wallpaper-windows-10.jpg
DNS Servers: 192.168.30.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "GoPro Tray App"
HKLM\...\StartupApproved\Run32: => "Syncios device service"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "331BigDog"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "332BigDog"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\StartupApproved\Run: => "AppEx Accelerator UI"
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\StartupApproved\Run: => "MailStylerWarmup"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{1466E967-9B26-4815-982D-751F62C0E979}C:\program files (x86)\sonos\sonos.exe] => (Allow) C:\program files (x86)\sonos\sonos.exe
FirewallRules: [UDP Query User{0C02B12D-7E16-4857-AA33-DCF57C6374CA}C:\program files (x86)\sonos\sonos.exe] => (Allow) C:\program files (x86)\sonos\sonos.exe
FirewallRules: [{79FB4F26-BB0F-471A-BE55-A3A926C4213E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{DE55A65B-655C-47FF-BAF0-012FFA6F4459}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{36E76A0E-6B3B-4698-8314-295FBB56C4D1}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe

==================== Wiederherstellungspunkte =========================

11-07-2017 18:15:25 Installed Foxit PhantomPDF Business
01-08-2017 18:50:09 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/01/2017 06:30:02 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Fehler bei der Installation des Kaufnachweises. 0xC004E016
Teil-Pkey=R6V36
ACID=?
Genauer Fehler[?]

Error: (08/01/2017 06:20:28 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: CC4BT BrtCC4BT: [2017/08/01 18:20:28.516]: [00004504]: Failed to launch Main Process.

Error: (08/01/2017 06:20:28 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe".
Die abhängige Assemblierung "Microsoft.VC80.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/01/2017 06:20:08 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Fehler bei der Installation des Kaufnachweises. 0xC004E016
Teil-Pkey=R6V36
ACID=?
Genauer Fehler[?]

Error: (07/26/2017 03:48:12 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: CC4BT BrtCC4BT: [2017/07/26 15:48:12.234]: [00011760]: Failed to launch Main Process.

Error: (07/26/2017 03:48:12 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe".
Die abhängige Assemblierung "Microsoft.VC80.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/24/2017 07:41:05 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Fehler bei der Installation des Kaufnachweises. 0xC004E016
Teil-Pkey=R6V36
ACID=?
Genauer Fehler[?]

Error: (07/24/2017 07:32:50 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: CC4BT BrtCC4BT: [2017/07/24 19:32:50.476]: [00008624]: Failed to launch Main Process.

Error: (07/24/2017 07:32:50 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe".
Die abhängige Assemblierung "Microsoft.VC80.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/24/2017 07:08:26 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Fehler bei der Installation des Kaufnachweises. 0xC004E016
Teil-Pkey=R6V36
ACID=?
Genauer Fehler[?]


Systemfehler:
=============
Error: (08/01/2017 06:20:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/01/2017 06:20:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (08/01/2017 06:19:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (08/01/2017 06:19:57 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎01.‎08.‎2017 um 07:11:02 unerwartet heruntergefahren.

Error: (08/01/2017 06:59:56 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/31/2017 06:27:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/31/2017 05:31:05 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/30/2017 11:58:32 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/30/2017 09:37:44 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/28/2017 07:29:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2017-08-01 20:46:28.740
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-01 20:46:28.737
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-01 19:27:11.890
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-01 19:27:11.632
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-01 19:24:59.011
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-01 19:24:58.764
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-01 19:24:46.898
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-01 19:24:46.474
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-01 19:16:21.516
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-01 19:15:50.903
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD A10-4600M APU with Radeon(tm) HD Graphics 
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 7602.6 MB
Verfügbarer physikalischer RAM: 5013.53 MB
Summe virtueller Speicher: 8818.6 MB
Verfügbarer virtueller Speicher: 5976.85 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:488.1 GB) (Free:408.41 GB) NTFS
Drive d: (Ablage) (Fixed) (Total:931.51 GB) (Free:726.71 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 489 GB) (Disk ID: C4B6C905)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=488.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=871 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7B7640AA)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

TDSKILLER

Code:

ATTFilter

20:49:59.0480 0x10a8  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
20:50:13.0418 0x10a8  ============================================================
20:50:13.0418 0x10a8  Current date / time: 2017/08/01 20:50:13.0418
20:50:13.0418 0x10a8  SystemInfo:
20:50:13.0419 0x10a8  
20:50:13.0419 0x10a8  OS Version: 10.0.15063 ServicePack: 0.0
20:50:13.0419 0x10a8  Product type: Workstation
20:50:13.0419 0x10a8  ComputerName: DESKTOP-AESMRB4
20:50:13.0419 0x10a8  UserName: Nicol
20:50:13.0419 0x10a8  Windows directory: C:\WINDOWS
20:50:13.0419 0x10a8  System windows directory: C:\WINDOWS
20:50:13.0419 0x10a8  Running under WOW64
20:50:13.0419 0x10a8  Processor architecture: Intel x64
20:50:13.0419 0x10a8  Number of processors: 4
20:50:13.0419 0x10a8  Page size: 0x1000
20:50:13.0419 0x10a8  Boot type: Normal boot
20:50:13.0419 0x10a8  CodeIntegrityOptions = 0x00000001
20:50:13.0419 0x10a8  ============================================================
20:50:13.0536 0x10a8  KLMD registered as C:\WINDOWS\system32\drivers\76854961.sys
20:50:13.0537 0x10a8  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 15063.0, osProperties = 0x19
20:50:14.0669 0x10a8  System UUID: {5630DC75-AC8E-E6AC-496D-DF1257AA0EF9}
20:50:15.0745 0x10a8  Drive \Device\Harddisk0\DR0 - Size: 0x7A43282000 ( 489.05 Gb ), SectorSize: 0x200, Cylinders: 0xF961, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:50:15.0746 0x10a8  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:50:15.0753 0x10a8  ============================================================
20:50:15.0753 0x10a8  \Device\Harddisk0\DR0:
20:50:15.0753 0x10a8  MBR partitions:
20:50:15.0753 0x10a8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:50:15.0753 0x10a8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3D031CC2
20:50:15.0753 0x10a8  \Device\Harddisk1\DR1:
20:50:15.0753 0x10a8  MBR partitions:
20:50:15.0753 0x10a8  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
20:50:15.0753 0x10a8  ============================================================
20:50:15.0754 0x10a8  C: <-> \Device\Harddisk0\DR0\Partition2
20:50:15.0802 0x10a8  D: <-> \Device\Harddisk1\DR1\Partition1
20:50:15.0802 0x10a8  ============================================================
20:50:15.0802 0x10a8  Initialize success
20:50:15.0802 0x10a8  ============================================================
20:50:28.0930 0x1868  ============================================================
20:50:28.0930 0x1868  Scan started
20:50:28.0930 0x1868  Mode: Manual; 
20:50:28.0930 0x1868  ============================================================
20:50:28.0930 0x1868  KSN ping started
20:50:29.0283 0x1868  KSN ping finished: true
20:50:30.0141 0x1868  ================ Scan system memory ========================
20:50:30.0141 0x1868  System memory - ok
20:50:30.0142 0x1868  ================ Scan services =============================
20:50:30.0202 0x1868  [ AAB860A5E606B9621E130D8C29D3F305, 93466620433B27F3BCFECDA26DD420AD1E5219034BA3B4E930EDED6D6728AE5C ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
20:50:30.0208 0x1868  1394ohci - ok
20:50:30.0231 0x1868  [ 4140B14929C555E9513D59A2EEB5C471, 39A8400B3AA7FB1D8EBE87E65F89881AB23B6AE911BECAEC1FD86C7DADD4F1AA ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
20:50:30.0234 0x1868  3ware - ok
20:50:30.0260 0x1868  [ D3DB4E3C096EFF74FB6E73E37CB66DD7, 451BE72D50D2316690910B86ACA1EBB5C0F3FE688BAB806EC94BCCB6F3798A0A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
20:50:30.0277 0x1868  ACPI - ok
20:50:30.0321 0x1868  [ 3E5E5DAE5CAEC0209C93D3AD8128D8A0, 5CFA4D715AE8D928EA11F213C5A7B0B1C1705D2A8FF041E0A1988E645E669C54 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
20:50:30.0322 0x1868  AcpiDev - ok
20:50:30.0332 0x1868  [ F72D7CC7E7A97A09757313F3B4C7E17A, 36E3363380C51A2DB58D3177655A0A75DAA977C00C5A9C60A189068C0AFDC643 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
20:50:30.0335 0x1868  acpiex - ok
20:50:30.0343 0x1868  [ F04B6F53FBDB2B6B0451AE53DE19F0C9, 41A8C314A46867BAA45CD9666AAF734AD45B74E2033A8E66D93E17CDDAD66578 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
20:50:30.0344 0x1868  acpipagr - ok
20:50:30.0351 0x1868  [ C347A6095F3BE417D24F1E1349F4AF0F, 72C9D759BB132985AF55860658DC01F08590A2BD7E976FCF25E1314C5AA1D37B ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
20:50:30.0352 0x1868  AcpiPmi - ok
20:50:30.0358 0x1868  [ 686BFFC47454DD2F58795C2EE891CA9F, 6CC4B6679914742D700A8373DED2DD9A821CA5284D4D73493BA0855DB8E6520A ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
20:50:30.0359 0x1868  acpitime - ok
20:50:30.0368 0x1868  [ E13DE7CD2B62254DD4FF658B7798A37D, 9FCCC90DEF6BE83F8C41D4552D235A7BB5534954D2E7CB7B1C336A31FCCAB3AD ] ACPIVPC         C:\WINDOWS\System32\drivers\AcpiVpc.sys
20:50:30.0369 0x1868  ACPIVPC - ok
20:50:30.0409 0x1868  [ FBDA59118E59B3722248C66BAD89CAA9, 11AB83499757E3143834348DE39E85D56EC853071C96337C3ADD8A1E374C6CBC ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
20:50:30.0435 0x1868  ADP80XX - ok
20:50:30.0462 0x1868  [ AC1928C2F7505BD556C552F153B062AB, B48EA30F76DEA57868CA74CC775DD60257021A3DE10CE101B8BEFA1CE9D22CF4 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
20:50:30.0476 0x1868  AFD - ok
20:50:30.0492 0x1868  [ 1D914C996F2C3134E2344BB74F79BCF6, D27AF01BA29784555AF7D2E89A3A65E81D6AFE1D3C7E8F9367F06D9DF5F88069 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
20:50:30.0498 0x1868  ahcache - ok
20:50:30.0505 0x1868  [ 41856B40EE15F96DEC8755AB01FA3CF7, 33C3C899AF9CA15BE5A4CF097FF43DF3F0DBA0E48B6F1E28AE3E76AD76A1C361 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
20:50:30.0507 0x1868  AJRouter - ok
20:50:30.0516 0x1868  [ F485CA5559DB37A4882467A4F7D58BEA, A1C648EFE12A5A3356BC0949372ADD0FF0CA2F5A8F992EB71C87E9C0D5C92BB2 ] ALG             C:\WINDOWS\System32\alg.exe
20:50:30.0519 0x1868  ALG - ok
20:50:30.0532 0x1868  [ 65C894F15B66ACC19A85946FFA085907, A8B89D9BCD852E7865A8BD3D88E48148B0F0AE523DDC27AD8DC733C9FA048BB0 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
20:50:30.0538 0x1868  AMD External Events Utility - ok
20:50:30.0544 0x1868  AMD FUEL Service - ok
20:50:30.0555 0x1868  [ 9C39FBA94FFEF04561D13ED0D1B50DD0, 53FA118DEF37F0BA6030B9CB4C17019E6B5934941514756D66143B7BB66D7CA1 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
20:50:30.0559 0x1868  AmdK8 - ok
20:50:30.0566 0x1868  amdkmdag - ok
20:50:30.0590 0x1868  [ EC798C417D07CF78A531B9F27A0BB83B, E38F66EBE18CB841D647E06F3AB61600A56718CF23713ED36FF4BC70690D3A86 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
20:50:30.0605 0x1868  amdkmdap - ok
20:50:30.0615 0x1868  [ 046F999A71546AEA90FFBFF7663F2059, 599265D28C28D2A604151F687148556C8D94EE1B114607A3E97DFEC726C86EFB ] amdkmpfd        C:\WINDOWS\system32\drivers\amdkmpfd.sys
20:50:30.0618 0x1868  amdkmpfd - ok
20:50:30.0629 0x1868  [ 395D56FA2E22A10AE4774440D086F559, 24D7CBE9B82DC8900D9A5E345347FEC330D47FDBD1517A2AC10218BA2A9DFAA9 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
20:50:30.0633 0x1868  AmdPPM - ok
20:50:30.0641 0x1868  [ EB729A9ADCB9F9C406B533F95E2F67D4, EDCB8E39C503FF30ECB82F368242179E2788C12B4FD9B557F38380A934E7D8E7 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
20:50:30.0643 0x1868  amdsata - ok
20:50:30.0656 0x1868  [ 3B5C5C696F33FE61F1922533B03B9316, C9BAAA9B02547C66A276A31958DFD2A289C5963A4EE3FF306535565240D816CC ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
20:50:30.0662 0x1868  amdsbs - ok
20:50:30.0670 0x1868  [ A7D45A303FF8A9493C96C4B804051E6E, 6074C264876A398039D3F89905A486ABA5BDACA038B79920A34323B38CFCB358 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
20:50:30.0671 0x1868  amdxata - ok
20:50:30.0679 0x1868  [ A2EFE3869B976296E097DEF368280F95, 121CD4A16146A9DF59D6E415181F48CA0D1DCD4D2B6BC4CBDABC2F3D296E28C6 ] amd_sata        C:\WINDOWS\system32\drivers\amd_sata.sys
20:50:30.0682 0x1868  amd_sata - ok
20:50:30.0690 0x1868  [ 625396421C29FB305C6C6235D01130B8, 3FAF8D3B530F1B74B2C9B0ED3377836746CE2D0A4008E1BC454095671AC9E1AF ] amd_xata        C:\WINDOWS\system32\drivers\amd_xata.sys
20:50:30.0691 0x1868  amd_xata - ok
20:50:30.0702 0x1868  [ 5180537517C27375B1F2CB37ED599FAF, 121BF0E3BDE068CC1E1E9B24DC334BA29348725E9BFB790699E4CC66664A4C3D ] AppID           C:\WINDOWS\system32\drivers\appid.sys
20:50:30.0707 0x1868  AppID - ok
20:50:30.0716 0x1868  [ F7FEBF66A705F18DC063DFD259F15102, 394DA8A7355573C4D81C375450DF5C5B2FA6360E246B06FDE8E7F9ADF21360FA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
20:50:30.0720 0x1868  AppIDSvc - ok
20:50:30.0730 0x1868  [ 13D7FEA71091D1EAD8ADDD10BFFEA06D, A707CAC76CBF0334E2FCE3220147B382F5E44DEF9E23DD459CF7C40F27771695 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
20:50:30.0733 0x1868  Appinfo - ok
20:50:30.0745 0x1868  [ 7DEFAE8665BCEDDC2C9983138D69D7A5, BDD39E55DDFD33114EC36CBE79298149E6A920A6B8F440A8C1F7A7003D1867C9 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:50:30.0747 0x1868  Apple Mobile Device Service - ok
20:50:30.0754 0x1868  [ EAF36A714E16A69B8B4ED7591CBA77B6, 11FE2A5D991FB8AF78F4E78FB6DF02005EC5404DC298FE2D4E7774BB0011AB52 ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
20:50:30.0755 0x1868  applockerfltr - ok
20:50:30.0767 0x1868  [ 290469FC9FDE400248DA3E528E729BC2, D9ABBEB76673D136698AA2F53C8EB1EAFBBDE365ACCA9AE348523B346143CA9C ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
20:50:30.0773 0x1868  AppMgmt - ok
20:50:30.0794 0x1868  [ FFAE5D5B096BBF43A1E917331727FD17, AF4DB56FEB2D9A671BFE9E0BF9BC89E71A503DBDF2B25CA32FA17948FC38AB0D ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
20:50:30.0808 0x1868  AppReadiness - ok
20:50:30.0837 0x1868  [ E3404B730D313C5EA99969ACF3B5436B, 02513749EE7C08E4079D2F8B976D53F3CFDD05735C2A813699B6CB9F742F5219 ] AppVClient      C:\WINDOWS\system32\AppVClient.exe
20:50:30.0857 0x1868  AppVClient - ok
20:50:30.0868 0x1868  [ 2D2DF2463FACFBF2FEE39DCCDF49D1B5, F083C1B5B2284AB818431ECC6C9A61EBAFA241840727B97DD0E3B4FF0CBD07C5 ] AppvStrm        C:\WINDOWS\system32\drivers\AppvStrm.sys
20:50:30.0871 0x1868  AppvStrm - ok
20:50:30.0882 0x1868  [ B86E646CE67FE9D75C0D762B19B465FC, B50C45A06AC6862DB4B183F567D55AE289EB05E6A1B32CC3AEBB6163C4296D79 ] AppvVemgr       C:\WINDOWS\system32\drivers\AppvVemgr.sys
20:50:30.0886 0x1868  AppvVemgr - ok
20:50:30.0896 0x1868  [ 2207D2A001A3C30B825F191CD2A76C91, A43EA8CB9E2D1A1FB2DDC738827514588BFFA420A2D618DBCA55614BE2E3B45D ] AppvVfs         C:\WINDOWS\system32\drivers\AppvVfs.sys
20:50:30.0900 0x1868  AppvVfs - ok
20:50:30.0979 0x1868  [ 4C63CB8375AE0BD0BD6496850D8A14B5, 7E29C8CD1F122CFA917AD835AD4B82B482FD0BEC5F4664816C0A2F39B85F49C4 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
20:50:31.0042 0x1868  AppXSvc - ok
20:50:31.0059 0x1868  [ 44695679881DEB85CAD7C249B151066E, A44413ACA911DDB5757DE9F9ECC3968979C47617CF9DF81B24E7ECDE7E0D54BC ] APXACC          C:\WINDOWS\system32\DRIVERS\appexDrv.sys
20:50:31.0065 0x1868  APXACC - ok
20:50:31.0074 0x1868  [ 6E456A94B9BD7F6B4758729BCEDE40C3, 2F3146AC960992FA947A8E8C4D5497624A5BC69B7A3EECA117AD599C70DDE8E3 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
20:50:31.0078 0x1868  arcsas - ok
20:50:31.0084 0x1868  [ 766F3A7E42AFCF74265FAC78987D1665, 8FE82913DF5CF79B49B28B3CD782AF09FF30585A37473AE3E518A26C5D6453D0 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
20:50:31.0086 0x1868  AsyncMac - ok
20:50:31.0093 0x1868  [ 01733BEEE02E51F712330D5909BD701C, A583B482DBE701A752EDFDEAE2EF16D7160DFEA6077E0C8EF013828E285D960A ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
20:50:31.0094 0x1868  atapi - ok
20:50:31.0106 0x1868  [ 2A38B5218A7BE3CE0E0B3D92E3844782, 2B0799EF6E5A5EE65AC91E394F6C0EDE95067BB96567FD25DA0C003F9FB7E84E ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
20:50:31.0110 0x1868  AtiHDAudioService - ok
20:50:31.0132 0x1868  [ 435DC20A3642BA5974FC30A6C8AAAB66, 841CFC54B3FC1A07AD3E20FF9FD5B490EA1197E410E16984B4640B2737C210BB ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
20:50:31.0147 0x1868  AudioEndpointBuilder - ok
20:50:31.0190 0x1868  [ 132A5D82E9BC66F6B013AE28C4A182BC, 2DB8FD551575F3CDA5DD2BFAB5277FE11FC467F9A8B5218D00C1A8DCBF8E0209 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
20:50:31.0221 0x1868  Audiosrv - ok
20:50:31.0233 0x1868  [ 6086B5EE0DA4600B2EC2725D82DEB74E, C67CA7021D710CFDCF62B17A2B2890E61E4F1E3D956312688454FD85738C303F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
20:50:31.0237 0x1868  AxInstSV - ok
20:50:31.0257 0x1868  [ 0914A5E66C0775CE11960452A6434FEC, 978C1E20023841FBFEF0CEAFE09EDB679612C8E5986C6E40C1F6D0835112D13E ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
20:50:31.0269 0x1868  b06bdrv - ok
20:50:31.0278 0x1868  [ F8129321B1874D4386F7FEB754BC3380, 7264E7E2A339E456C0A1A40FDFAE0D202905467400B93FA0700498B86172337F ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
20:50:31.0280 0x1868  BasicDisplay - ok
20:50:31.0287 0x1868  [ E2BFD01BD0ECF2BDE9420022147952A4, 7798211996143067787881A1362D07B95CF688E96192E3627D30347C719D40CB ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
20:50:31.0289 0x1868  BasicRender - ok
20:50:31.0302 0x1868  [ 6FED40EC0DB11DF1B2AD08621FBDDED6, 06258C9C9B7C231A6900E1E237001A4E5513F74CEA7B4DFAB56490D455AB0549 ] bcbtums         C:\WINDOWS\system32\drivers\bcbtums.sys
20:50:31.0307 0x1868  bcbtums - ok
20:50:31.0505 0x1868  [ 626993CA204D0DE1C3023F635C013F2B, 264CF2883EBD7A005AA1D17BAEF367E489F11B93ABDFD0BDF87F50748A82A883 ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys
20:50:31.0670 0x1868  BCM43XX - ok
20:50:31.0749 0x1868  [ 43907773F7563AF4DF0999D47522E802, 2563666842008E202B6A64435F06169A259D6DC56D16AF7359114C20A4FA4400 ] BcmBtRSupport   C:\WINDOWS\system32\BtwRSupportService.exe
20:50:31.0801 0x1868  BcmBtRSupport - ok
20:50:31.0811 0x1868  [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
20:50:31.0812 0x1868  bcmfn2 - ok
20:50:31.0828 0x1868  [ C3B27514035315E3C1FCE64E69E253ED, 03AF100927077AD608C5EA47A17081CEA849F44C471AF978F410B83E2ABA5AE7 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
20:50:31.0838 0x1868  BDESVC - ok
20:50:31.0845 0x1868  [ ED03D2ACE378C9EB8BB957ABBD85B951, E9AE3025DC4956B736651B20AEA665909C2B468F9AE3E317F545DD4EEEA7D9E8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
20:50:31.0846 0x1868  Beep - ok
20:50:31.0873 0x1868  [ 1FDC6CB56572203E6F4BF4E3FB30B886, 81D5C77C823DC078EEEB2DABEE5203D542C824E04FEDD96AA58F96037C065155 ] BFE             C:\WINDOWS\System32\bfe.dll
20:50:31.0892 0x1868  BFE - ok
20:50:31.0930 0x1868  [ 5C0D4DBACB90D9ECE77907F4F6CF9EF6, FC29F03FB7E58A9ED17A34BC2D8E39533070B8B23D1A110622C3A213BF48CD2D ] BITS            C:\WINDOWS\System32\qmgr.dll
20:50:31.0959 0x1868  BITS - ok
20:50:31.0978 0x1868  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:50:31.0989 0x1868  Bonjour Service - ok
20:50:31.0999 0x1868  [ 2342B8619193B0D9FAC0D02C69DCE74A, 06A1512C9750ACD154DE8873DE6628355B7195759CE54FA96097EA6D56BE320E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
20:50:32.0001 0x1868  bowser - ok
20:50:32.0029 0x1868  [ 29052CEB6E1DA5F58D20F7A28F392D5B, AFA283D3F61A9D32BAD3132A24ACC6AC0586803EE5EDF1B11779DEE32B865ABA ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
20:50:32.0049 0x1868  BrokerInfrastructure - ok
20:50:32.0060 0x1868  [ 9C7F445B018AB4744B6E0C657B5D1833, 83D04F5E3D4BA46BBD8A67764A60F5731F86B0BE3A85C2858E002ABCC362F592 ] Browser         C:\WINDOWS\System32\browser.dll
20:50:32.0064 0x1868  Browser - ok
20:50:32.0077 0x1868  [ DB109DA005B6FE2A350C5DD7CA768DFD, 241A0BFAEFB1B165C00EE75E8CA382B5935F5DF447DAD5AE9022B2B78317668E ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
20:50:32.0084 0x1868  BrYNSvc - ok
20:50:32.0092 0x1868  [ AF57F0B0E284BE06860A7B701341324D, F94E44C777FDC049158B7BF73DAFCDB103D08493AC898D1C928771650F664412 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
20:50:32.0094 0x1868  BthAvrcpTg - ok
20:50:32.0104 0x1868  [ 4C0FCF1BF33A706D2D23C122D5AF990C, 8FF78C6ABF1DB8D9EF318D2C71EA29E65EC80BCA24BC53CE1F521182733383CC ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
20:50:32.0107 0x1868  BthEnum - ok
20:50:32.0116 0x1868  [ 729CC10B1658178F0F009FE0E9159281, B0F692CAB2BE47415C8A8CCCE8D53CDDF2B70518536ACF91CF96D74ADD04AF9C ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
20:50:32.0119 0x1868  BthHFEnum - ok
20:50:32.0127 0x1868  [ 336A9C0254A0178ED50281B6EDF5B836, C9C454C6EC4FF5897B1873A7E90D1CE8122E43783E978A570CEA75E15F65DE97 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
20:50:32.0128 0x1868  bthhfhid - ok
20:50:32.0146 0x1868  [ D8428BEF4033C7BFCD981074E2318F89, 9C0692F8387BAD94CCA4E36B59701A7A7B8FDCB5377B4C2CA75424583835E112 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
20:50:32.0156 0x1868  BthHFSrv - ok
20:50:32.0166 0x1868  [ 096C2A149591410A44F1C6CBE4866729, 4ED981A9AA10979C305DEC6E02DD0FF445C64055B5493007BDD5283B4626C0B9 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
20:50:32.0169 0x1868  BthLEEnum - ok
20:50:32.0177 0x1868  [ 5428242193611BF91DDBF4F58900A55A, 91D59B0D0C7CA3DBBA8CA7CAD1E24845A224F451FC1880BE8CB7C1585AC79080 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
20:50:32.0179 0x1868  BTHMODEM - ok
20:50:32.0189 0x1868  [ C6F015FD9D143AE33DB3E9A7A148F3B6, 927F9E07C2D5622238C65E666FE747F52304DE6B97D56BF4921B29634FE57AFF ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
20:50:32.0193 0x1868  BthPan - ok
20:50:32.0224 0x1868  [ E70109BF66B396C5F5FCF87CDB580989, A50E60293242CD58D1D774AB20D3C4024CE9A104D05FFE8516996B7FBCE83AB6 ] BTHPORT         C:\WINDOWS\System32\drivers\BTHport.sys
20:50:32.0247 0x1868  BTHPORT - ok
20:50:32.0260 0x1868  [ 6927D295017E9F1A5D655A8F3A122672, 4B686C93056924580390440B49C721BD9039D5C972994D8EA96CA848B786B693 ] bthserv         C:\WINDOWS\system32\bthserv.dll
20:50:32.0264 0x1868  bthserv - ok
20:50:32.0273 0x1868  [ FA5CE6301192DD6ED4AA747B2C88FD42, F06A7748FCB6BBF0BB0A8348F505A1703EF2D1B59DC5BA6B600951200463F876 ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
20:50:32.0276 0x1868  BTHUSB - ok
20:50:32.0287 0x1868  [ 8B8B304DF17084338326BC4ACC2716C5, 426D56742D0E3E8471EE28FC5E0158223826770DF5BED88D5863D265A070A45D ] btwampfl        C:\WINDOWS\system32\DRIVERS\btwampfl.sys
20:50:32.0291 0x1868  btwampfl - ok
20:50:32.0303 0x1868  [ 49665DD72F8DB515AB51D04984DB1D38, 8ABE06213D11309E6A2A6C21223852C33E28B4C9A5E9E6CAE20D4F6142F153F2 ] btwaudio        C:\WINDOWS\system32\drivers\btwaudio.sys
20:50:32.0308 0x1868  btwaudio - ok
20:50:32.0320 0x1868  [ 1611FFAFBB372A3BDA5ABDA3F9202882, D491A4F0F59B5C8779169C853F6CF27D13B59135335CCE243D3A54052B7B97A8 ] btwavdt         C:\WINDOWS\System32\drivers\btwavdt.sys
20:50:32.0326 0x1868  btwavdt - ok
20:50:32.0359 0x1868  [ C58D34F917746407D40388E73F052513, 10CF38833470CA428D213B04FA6FE7879DAC8FD8AE68025D1C6B839974DE8870 ] btwdins         C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
20:50:32.0382 0x1868  btwdins - ok
20:50:32.0393 0x1868  [ C3C8974D99F976C927165363855690CD, 2B73E11FE341DE581CFF655E58C5671B83F4331529C30DADCAA9B6BE615D5E1F ] btwl2cap        C:\WINDOWS\system32\DRIVERS\btwl2cap.sys
20:50:32.0394 0x1868  btwl2cap - ok
20:50:32.0401 0x1868  [ BF79442906F4BB3DC4A81EA6B82EAD60, 2B67731D1C43C83A19CDC4ACE9605C9F3DA7347CC64C420DD00F8828227E939F ] btwrchid        C:\WINDOWS\System32\drivers\btwrchid.sys
20:50:32.0403 0x1868  btwrchid - ok
20:50:32.0411 0x1868  [ 102CAA11BA89290D48FBFD2E04274BA0, 9C6786AD6C8BE5AF7538BAD553C401B0D7443E533CDE59E975CF3E07EF262F0C ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
20:50:32.0413 0x1868  buttonconverter - ok
20:50:32.0421 0x1868  [ 029434AC0A3935F9125ABBD08BF7C30B, 742338B882488CA83F502ACEBFEDC2783B8D9D6C391FE1088988276315A065F6 ] CAD             C:\WINDOWS\System32\drivers\CAD.sys
20:50:32.0423 0x1868  CAD - ok
20:50:32.0432 0x1868  [ 307AE8BC9B45772DA02FB952A1D86C35, 4983AC71C8E164D9E6669D345925B4FBEDD0A0A4566887E7ECC56C996B66DBD4 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
20:50:32.0436 0x1868  CapImg - ok
20:50:32.0446 0x1868  [ B6E5AD7C83A5254DEE9D86023C0E5A81, 40F297406A025378A6273535475C1FF8C99BC6502B17C0E161131DA754D7974B ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
20:50:32.0449 0x1868  cdfs - ok
20:50:32.0481 0x1868  [ A0E5905465CBCCB63FE915F5B08752A8, 435B39A8B1684FFE9F2720A2CD11AF5A5F55E701709939756322C2CD6A22E0FA ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
20:50:32.0504 0x1868  CDPSvc - ok
20:50:32.0525 0x1868  [ 618DA70D0D90DF3602259C1B121794DD, D2AF7967DE38F3B7C10824A1C900A145F45C57C0F179753A85989406600C4279 ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
20:50:32.0525 0x1868  CDPUserSvc - ok
20:50:32.0541 0x1868  [ ABE77AD954BC3D72F559CF0C381E50BC, D0F24B023D7CADD4893AAF223A9BAC00B2C58D552E0C314B506C01767FB74133 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
20:50:32.0556 0x1868  cdrom - ok
20:50:32.0556 0x1868  [ 62E13528B9F900A5662E243D4315F10B, B3F4868E80A3A2EDEC19E5AA32C96FF90B08D6B9BD35B80EA01E6A098D46040B ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
20:50:32.0572 0x1868  CertPropSvc - ok
20:50:32.0588 0x1868  [ 05EA22CFC40EDE05BF6E3BC782E5204C, F0C9C692FC31387E9D19426D3253317B6BA86D7118E3884C11E3287695006443 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
20:50:32.0588 0x1868  cht4iscsi - ok
20:50:32.0656 0x1868  [ 863E1C9F6750446DFB9EDCAEC3531367, 88C5EE76FD85640EB1440DEFC7B6CB918E18DC09507BA91FAE285370B8C7D56A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
20:50:32.0703 0x1868  cht4vbd - ok
20:50:32.0703 0x1868  [ 3E416539352B007AD0610BF34AC15D31, E2041129770B24AE95C5EC4B507477C72DFE8CB08D412E2621BF67207F9DEB8C ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
20:50:32.0703 0x1868  circlass - ok
20:50:32.0723 0x1868  [ 616E1ED94FA7F96D429D985FDB203D2E, EA681C442AA0F7D424C8DABD8D1C14653E61BDE740C0BC4C6C308B5FB4FE67AA ] CldFlt          C:\WINDOWS\system32\drivers\cldflt.sys
20:50:32.0724 0x1868  CldFlt - ok
20:50:32.0724 0x1868  [ 1BF9D74451B8AF166105E28F1D7A5C27, D76BDE26658AE5A46D15F54F7753D398A9E39B21191A7A8FFA95E1097F52EEB7 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
20:50:32.0740 0x1868  CLFS - ok
20:50:32.0772 0x1868  [ 4351225ABE115E9B81639CFC87B980BB, 366532C832729982C7485BB43C883E897E2E4C37F4C517A321E18DEBF165C7AC ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
20:50:32.0787 0x1868  ClipSVC - ok
20:50:32.0787 0x1868  [ 5118CFC33BBB51C7E3ED441B7085AD26, 8D33864FF750926C4B95827FFAD24C558DE8A90FC5B2663084DEAB5ADBBFAFD2 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
20:50:32.0787 0x1868  clreg - ok
20:50:32.0819 0x1868  [ 232F3A3AC3A2FB32C5C46503A6517073, 9E0232E095471E6C8825E870F5842838F1AE515E56410F6A5CC3D58A9A4AF33A ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
20:50:32.0821 0x1868  CmBatt - ok
20:50:32.0841 0x1868  [ 3413CE81E02C091F33C4C3DD3071630F, 4758A2BB2FD453E9867C04CC420D12B279BB97E3C4E664A7058EA5F1EC63D04C ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
20:50:32.0856 0x1868  CNG - ok
20:50:32.0856 0x1868  [ E1BFF774FF67CA951A5DFF0E104FB132, 68809C4B72C54CEDE3AD33F5634E15A0225A67B391F9012EC7CEBA8AFC6EC3D5 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
20:50:32.0856 0x1868  cnghwassist - ok
20:50:32.0872 0x1868  [ DFDAEDB857BC18764F0D8ECDCC3C1499, AE12E908BAF53C605A17A9FB1AFD6BFBEC75EBE45D893541281473C197C71FED ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys
20:50:32.0872 0x1868  CompositeBus - ok
20:50:32.0888 0x1868  COMSysApp - ok
20:50:32.0888 0x1868  [ 04532711732BE9DBC364E88E4A9EC18A, FCEB1F486E146A3FE7307397C1EB6760BFD8A327545F81C546F7134B08615B9E ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
20:50:32.0888 0x1868  condrv - ok
20:50:32.0925 0x1868  [ D270EE296EDA16437812C04B4CD61561, 76D974DBFFCE7E7A4DFC7010385FA7FA4FEB9FB2B1C8D13BABFEBABB93DEAC82 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
20:50:32.0941 0x1868  CoreMessagingRegistrar - ok
20:50:32.0956 0x1868  [ 1F7F1A15B807BC7B241BB2FEEA79BC92, D756E2247757C274F3470B46FCDBB63317C05E8E66FDA9DB7ABF3A6820933D4C ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
20:50:32.0956 0x1868  CryptSvc - ok
20:50:32.0988 0x1868  [ EFB2A77F0CD1B8A79899C1D37B01CA86, 9FA32E0853FA93513ACA2CD4203DE8BC22268ABCA4BBDB366307C106F4FD5917 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
20:50:32.0988 0x1868  CSC - ok
20:50:33.0025 0x1868  [ F010BDED808E86E1046F08865C11EDF2, 48FE0D176F7FA1F04685C0A1FD4FFB6464B6B88883D7D50E05C9C6C0636E895A ] CscService      C:\WINDOWS\System32\cscsvc.dll
20:50:33.0040 0x1868  CscService - ok
20:50:33.0040 0x1868  [ F51953EC4B9AACD92A3B3CE66E05CEF4, D39C9696213F53F89209000F245AC178B342A84E46EE766B634BB8DB86A26BB8 ] dam             C:\WINDOWS\system32\drivers\dam.sys
20:50:33.0040 0x1868  dam - ok
20:50:33.0087 0x1868  [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
20:50:33.0103 0x1868  DcomLaunch - ok
20:50:33.0125 0x1868  [ 1175E107082287A58A756239F48E1A73, 0DB2017061D94FAC95CEBD7C4729E42018A92698D72CEE3EA412A9D14DB8D552 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
20:50:33.0141 0x1868  defragsvc - ok
20:50:33.0156 0x1868  [ BBCAC50027D030E07EC7E5C36469FAFF, FEF39659F21D2AE676E4882FBAF5A881C534BB7EA26E5EFF9F7B5F8B952D6532 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
20:50:33.0172 0x1868  DeviceAssociationService - ok
20:50:33.0172 0x1868  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
20:50:33.0187 0x1868  DeviceInstall - ok
20:50:33.0203 0x1868  [ 5B84093D490A6B060C8BE60BA52C876F, D34A854418A66529B18313A50E6D7EAB982611AD9AB0335245AE764FE0602C22 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
20:50:33.0225 0x1868  DevicesFlowUserSvc - ok
20:50:33.0241 0x1868  [ F08F70BBD833BAA3BF0D5E500CBEE6CC, 8BB99E6D96CB8B25036549030986EC267C26BF1FC66E4EB00A3E41FE3BB5DE70 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
20:50:33.0241 0x1868  DevQueryBroker - ok
20:50:33.0256 0x1868  [ 185A4519B7764F4DEF714D890A7A9FD2, 9805D9DB42D11582583EA3F0FFEE9EF2B0C536DA99A9A3D3863B2669B1CC34A7 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
20:50:33.0256 0x1868  Dfsc - ok
20:50:33.0272 0x1868  [ BC5188B3F35BB8070888441A2A740465, 05C18A3DC1BD96C6751E76DBF57C47E526A1F9DF5E013B20B69EA0159CD6CE56 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
20:50:33.0272 0x1868  Dhcp - ok
20:50:33.0288 0x1868  [ 5DF493C7954890EEC65CC2A21D479F76, 67087AAAC2AF93F265077AA392444E32DC299918A843A8AECFBE73636A5F2314 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
20:50:33.0288 0x1868  diagnosticshub.standardcollector.service - ok
20:50:33.0356 0x1868  [ 3835D0DD7A932266CC0746FDC5EC5568, 9F0933698C94FB51960818D20DAF2EE7530EA77DCA6E30603EEE85B60D807891 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
20:50:33.0403 0x1868  DiagTrack - ok
20:50:33.0424 0x1868  [ 1203EA16F36C5BEB2509FB7CC03DC178, 195209CB711E5BDE24A50C88AA62F32E8AE26F6A83B423374FCA41444F55D1CE ] Disk            C:\WINDOWS\system32\drivers\disk.sys
20:50:33.0424 0x1868  Disk - ok
20:50:33.0440 0x1868  [ 92DD540BF9B920E2E0127E5884E48BC1, A488D60322B7AB4A64CF785888AD07AE0A1A87876E8C9D6BB06A76EC20AB94DA ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
20:50:33.0456 0x1868  DmEnrollmentSvc - ok
20:50:33.0472 0x1868  [ 038B8B76284BC291EC75B005BB3EB13F, FE7BD7CF833C4A96ABF4FD6EBAB829CC4D8096780A22A313035D7E49BBA12D36 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
20:50:33.0472 0x1868  dmvsc - ok
20:50:33.0472 0x1868  [ 32C76DFE2586EBECFFA4112E9196591C, 190C294F50B96B13D0B776F7C19DCB47EAACBEE999CBA50236CF8C856CF38B17 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
20:50:33.0487 0x1868  dmwappushservice - ok
20:50:33.0487 0x1868  [ FC3AA34608A69BDAC67E31FB70C8A720, 38815F527DF963B4A7D93895776DDD618BD29782B1FA74EB1A7319AE58739A06 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
20:50:33.0503 0x1868  Dnscache - ok
20:50:33.0524 0x1868  [ F08CB37830A1F9950E8B2F7B1F78CC7E, E4E75645893597F6A02B98DC4F126A664F5DEF7B1CD4C2DEE5CA8ED18DB64C9C ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
20:50:33.0525 0x1868  dot3svc - ok
20:50:33.0541 0x1868  [ 3425E26D0A7792F2EE7745C0336C2062, 54A3AFFC31C2641BCE1877F2CBA61D2CD7191BA39FD5B3659491E4E307570C1E ] DPS             C:\WINDOWS\system32\dps.dll
20:50:33.0541 0x1868  DPS - ok
20:50:33.0541 0x1868  [ 3D934A1C02EB6979CF45C70A71F580EC, 279B325E18ABF82FF523095D8D5958A3A48C7B7A4F64BD562DDED1D0662B608A ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
20:50:33.0541 0x1868  drmkaud - ok
20:50:33.0556 0x1868  [ 5E92CB292D676634058E6C62653C9227, CE35C51B444664641306B4C2E21978B3418B58B2A973B19B908D86FE723FB4C4 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
20:50:33.0556 0x1868  DsmSvc - ok
20:50:33.0572 0x1868  [ E479C2656A3A47F5D4FAD10AE6EAED52, B17D18D5440CF131EEADA385989A8ED0DB7728CAAC4E745720947DD1BC4F9EF6 ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
20:50:33.0572 0x1868  DsSvc - ok
20:50:33.0588 0x1868  [ 682D7DF9704217DD8716307F9E2EEC05, A8D36414A7316C59995CF9689DD84B2FD3FECE47E39F515C81BC3C439890E993 ] DusmSvc         C:\WINDOWS\System32\dusmsvc.dll
20:50:33.0603 0x1868  DusmSvc - ok
20:50:33.0672 0x1868  [ D2D4095909DD26445139EC9B7C86DA5D, 246AF45588B859F3A32152C0CA14A2AD84361B08FDA5430B24E049CEE03B6271 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
20:50:33.0720 0x1868  DXGKrnl - ok
20:50:33.0725 0x1868  [ ECA1628436628362856ACF239E6AFD29, 19051DC348918B863E0A272CF56891B8CB49E7E705B8BAC7663D36C797A7B962 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
20:50:33.0725 0x1868  EapHost - ok
20:50:33.0825 0x1868  [ D64CD3AE93125EDA383190C2AF607E70, 3D180B96C6A2318842FA03AE5F703320A93CF1F440FF7D0E6F6F9BAD98F2FA02 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
20:50:33.0888 0x1868  ebdrv - ok
20:50:33.0903 0x1868  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] EFS             C:\WINDOWS\System32\lsass.exe
20:50:33.0903 0x1868  EFS - ok
20:50:33.0925 0x1868  [ FFBB37982E6D24AEC7A2E5459098EAC9, E89DD74540088ECAC9E802D7A059C0A6E3E5412BD42E5E9F26258724458EF8DB ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
20:50:33.0925 0x1868  EhStorClass - ok
20:50:33.0925 0x1868  [ ABF38D02E01D6ED87AE1DF65FC5DF62D, 57D48609DA30F60016D2ADEB9A772942FB39A117247EB63FAE3FCF50D726B698 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
20:50:33.0940 0x1868  EhStorTcgDrv - ok
20:50:33.0940 0x1868  [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO        C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
20:50:33.0940 0x1868  ElbyCDIO - ok
20:50:33.0956 0x1868  [ 5E4AB60D50F368A09275F4055D621EDC, C840F5DF3C0813EC6CB9BA0C3C91F2C6410227A6255DEF5FA94C8AC1E43E36A0 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
20:50:33.0956 0x1868  embeddedmode - ok
20:50:33.0971 0x1868  [ CA966CED8970A60FB00A3592564EF093, 4BD904032445235EE69DAA0024E0FB3D8B2325D897A683E334754EB3CA90AB39 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
20:50:33.0971 0x1868  EntAppSvc - ok
20:50:33.0987 0x1868  [ B9A59B4AD516E38C39FA416398B96CCB, 4630A9AD414476B47F634F2EB5659597797222A8938B68847B97FECCE1A1B5F8 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
20:50:33.0987 0x1868  ErrDev - ok
20:50:34.0003 0x1868  [ 5C9CA030C451CB3553DB9094C68EE6E9, 0C2E6C874F4B19CA4A603B7767077378ABBDA325D9D73DB971D5DDF52C827745 ] ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys
20:50:34.0003 0x1868  ESProtectionDriver - ok
20:50:34.0025 0x1868  [ 1541374239F33512D7F4D24ED1E9238C, 8B1548D4052A72175EB6ADA9FD4286ACD5041E1CE071DCAC3760BB227FCD3621 ] EventSystem     C:\WINDOWS\system32\es.dll
20:50:34.0041 0x1868  EventSystem - ok
20:50:34.0056 0x1868  [ 9C4D88E8614487AD85A6F18A71A7298F, EE6F48C89D6379C7361484EAE7C7FAAA477D48032BFDD0D363E48642E62EADF4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
20:50:34.0056 0x1868  exfat - ok
20:50:34.0072 0x1868  [ C61014A176ECAAF97589E6FC979CE786, FB913AC647B68DB9854367BB1E53A504A85833966211279C8D7171698F743B27 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
20:50:34.0087 0x1868  fastfat - ok
20:50:34.0103 0x1868  [ ECC5AEFEA31F1A078E954305B8CA6373, 15948D017E3B52D3B4BBEC047F963BD77247E24A59F0532B6A023B0C4159FC84 ] Fax             C:\WINDOWS\system32\fxssvc.exe
20:50:34.0125 0x1868  Fax - ok
20:50:34.0125 0x1868  [ 853081957BA148F38FD8DE4390CFCF4A, 37C92C7ABA55A5FF7094F77F8EBEEE1F4BEE161CEC6B01A50FC0D0C39E36C142 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
20:50:34.0141 0x1868  fdc - ok
20:50:34.0141 0x1868  [ 885C06C35CC8FAEDDE3CDA36B72CA2A9, FF6584E7AF2FB540B2183665C3E216BE98DE953CEA6A7E4C5F13514BE4AAC9D3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
20:50:34.0141 0x1868  fdPHost - ok
20:50:34.0156 0x1868  [ 367E878C79D9F391E3D53B6BBC1B6386, 739D89F6954E17B73F53702CFF8EE985FB241255D962A83BAF1A20E783CAF466 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
20:50:34.0156 0x1868  FDResPub - ok
20:50:34.0156 0x1868  [ 514F6A0B83527DD6ACCC8B21A57B10E3, EA3D401E42D05BA39E5874513DFB895A086BECE4D69FC1AC12F85F326A435A4B ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
20:50:34.0172 0x1868  fhsvc - ok
20:50:34.0172 0x1868  [ 27E764D6460504B7271AFECE7A59FB76, A32B08142068BF042B3E47C0CA7F4FCFD07A37807B1B8DAAE614F3A132475D52 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
20:50:34.0172 0x1868  FileCrypt - ok
20:50:34.0187 0x1868  [ 3D6087F51110F3CC0DA89385354F8C5E, 49FF976C3391A257BCD4B048BF6D1273F8537005E32D65E5F272AF3294639F05 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
20:50:34.0187 0x1868  FileInfo - ok
20:50:34.0203 0x1868  [ 057E95E53C38260C4EF49B3A077770CD, 7008E71663046FF1D91D9DC3570094561C812067E1CA07715A1D2E4F787207AE ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
20:50:34.0203 0x1868  Filetrace - ok
20:50:34.0203 0x1868  [ 90B2983D8495C26345A1DC5F0C3BB07B, 50D834D40C27EEF5023556A77B13D3335789333E302A73DF221CD86D156FDEE9 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
20:50:34.0203 0x1868  flpydisk - ok
20:50:34.0225 0x1868  [ A84261F75F490E45CFEDBA77EFE4F67E, 292BA04D8996140255E4B6105015C2A640890BEFB6C022E30E0D9CBF45D5F4DB ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
20:50:34.0241 0x1868  FltMgr - ok
20:50:34.0288 0x1868  [ 3020F526B7E94A178D3EBF958397F7BC, DD0105BBEFFA7E1F54BC2199C7DB60F9C650D76DA36598E934F45D44BCE1DE3A ] FontCache       C:\WINDOWS\system32\FntCache.dll
20:50:34.0325 0x1868  FontCache - ok
20:50:34.0341 0x1868  [ B282011D13BBEEA0273DF33C5E776D55, B4AF068BBB09D0F546F5590FCDD745250CFD58DD3A8ABF5DC26670FA32D181FB ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:50:34.0341 0x1868  FontCache3.0.0.0 - ok
20:50:34.0388 0x1868  [ D9FF7543BBB0D6F173C1D948615E80BD, 515F52C2C8EDAA7B119CF6DD6839182C0802D66004A56BC5F4893F33D7ABB646 ] FoxitReaderService C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
20:50:34.0426 0x1868  FoxitReaderService - ok
20:50:34.0457 0x1868  [ 2A2EB05E795BBDDAABE82639E9691502, 1115CF68EC7CF9ECDDA7BE84C54F6CB0D871FFA89B127CC3573AB120FD600E51 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll

Nicky_86 · 01.08.2017, 20:09

TDSKILLER fortsetzung

Code:

ATTFilter

20:50:34.0473 0x1868  FrameServer - ok
20:50:34.0473 0x1868  [ D2814848206DFC18EB8D3D069FAE703E, A62263CDF9261B692423473F4FF23B01AC864C05850BA5591EB9019906B4A08B ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
20:50:34.0473 0x1868  FsDepends - ok
20:50:34.0488 0x1868  [ AE7EDF845F41ACA3B74567C3CE20E987, 6159C227C85912B03D8C35A1EF91705AE6C1C23C7228D6FCC0A9529844798E1B ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:50:34.0488 0x1868  Fs_Rec - ok
20:50:34.0504 0x1868  [ FF0699483185CE3B4E1144DF19AC5E97, 9BA0A2F04A1A51AFC3B830452AC75BE2D76300BAF1918BCF5AB60E4EB9888F0F ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
20:50:34.0526 0x1868  fvevol - ok
20:50:34.0541 0x1868  [ 4616F61E24B3AEA6E0E4EA7D69531EF4, 34CB16F68E4A4D19346C7FEC29BB5FE09BAAEC19EA730C9B93450F940D124D49 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
20:50:34.0541 0x1868  gencounter - ok
20:50:34.0541 0x1868  [ 23174BB6937459B924BB8EF667FB28EF, 6675B87F4DE9CCA96B6BAB9F77C4E0B377828613D9FFB03F7D443AF11321F157 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
20:50:34.0541 0x1868  genericusbfn - ok
20:50:34.0557 0x1868  [ 4EC6BD4DE93A229498C53D04110FFECB, 251702384FE26485B3DEE7E1033150457F8CC7E7C236D506AE501AE004EF2EF2 ] GoProDeviceDetectionService C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
20:50:34.0557 0x1868  GoProDeviceDetectionService - ok
20:50:34.0572 0x1868  [ 4B11CFBE1D9B73A9D865F6AB26F800BA, BD76CB5AF0EE6DD404875A4C36622C6BC8CCF2975C47E28DD305EB041C6C0B91 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
20:50:34.0572 0x1868  GPIOClx0101 - ok
20:50:34.0604 0x1868  [ CF22C0941409C772AA1568DC4F89A111, ED5895F024E64B672EB3FAE6C456FA0D30A068CF2B475A7EE988DEA4DCD6D8DE ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
20:50:34.0641 0x1868  gpsvc - ok
20:50:34.0641 0x1868  [ 3FC3FCF557D0BE3D724EA10642E1F6FF, 744D0DDE748A1B681087668CB893F9A60A2BBE80A71098944E75B6A9AA934C82 ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
20:50:34.0641 0x1868  GpuEnergyDrv - ok
20:50:34.0657 0x1868  [ 02B9639D9997E95CDF2F4C4F3BDCC73D, 612F472A72E44199E0B1ECEE6FF2836359039402212CBD26D1A1CDDAC61052A9 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
20:50:34.0657 0x1868  HDAudBus - ok
20:50:34.0672 0x1868  [ 9F90819E301C70A3A042FC05D3E41B5F, D2175786775D08686264001ABAA4B61DC08A847666F6B9A2A64D10BFC022F646 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
20:50:34.0672 0x1868  HidBatt - ok
20:50:34.0672 0x1868  [ 3CA3244C45B25F3B3ED9445C195E40EB, 9C43B31DAB473D29069D0D6BC130660424FE2414BA519107641FA1561C10C76D ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
20:50:34.0688 0x1868  HidBth - ok
20:50:34.0688 0x1868  [ 55DAF856F9633DD2519BA4E942870F02, 5283548CB93EB46C5FD3B08E45C97BBFB33D47F11F89560508775889FBF2F754 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
20:50:34.0688 0x1868  hidi2c - ok
20:50:34.0704 0x1868  [ E34216A190D9BF8EAA666F6903BCD0EF, DA8529DAF903B447CC5FF2D112F670696549A4B66F54DF9A8C8C615D969CD477 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
20:50:34.0704 0x1868  hidinterrupt - ok
20:50:34.0704 0x1868  [ 852DBB5185996AD8C73872A43A453729, 8C20331AE99E280799407CC5FCF88F8F645C331604230876A2CD7C253B9BD633 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
20:50:34.0704 0x1868  HidIr - ok
20:50:34.0725 0x1868  [ 6339CC87F0F610D1575C9A419940602A, B2A054ED0B669FA54E250EC2926955B1D944FA1FB2AF5B590C181CB2E9D297BA ] hidserv         C:\WINDOWS\system32\hidserv.dll
20:50:34.0726 0x1868  hidserv - ok
20:50:34.0726 0x1868  [ C1A608120DE0DF52E51B8BAF86AF19F9, F3529822E78CFCA2E323A75926A833529889E40BB9602B287CC343C496CB2062 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
20:50:34.0726 0x1868  HidUsb - ok
20:50:34.0741 0x1868  [ BD1CF47172B97707DFC66ADA741AE2BE, 9607AB7074FC54D88FDF6E2A31506BCF8ECBF8FD651BB5CEA2421471C24BCED1 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
20:50:34.0741 0x1868  HomeGroupListener - ok
20:50:34.0773 0x1868  [ A004895B838003BAE2281DAF193B6A09, 587FCDCEF769B2AED12551B6426477B764CB8A025E692D4EC8B24E1CBA1C06E3 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
20:50:34.0773 0x1868  HomeGroupProvider - ok
20:50:34.0788 0x1868  [ 8ADD9CA3E0F18CEA11EA6FAED794A228, B46BA885ED8253A253B1C87C331CA145F7F397AF49853038B3F1EDAF81B2C4BA ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
20:50:34.0788 0x1868  HpSAMD - ok
20:50:34.0826 0x1868  [ BB1AE72906564A6E81B79D73A05AE21F, 9BAC18FE0F99479E7B2AB804A0B4C286E55155A8C051CC7D20CE94798EEA0721 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
20:50:34.0842 0x1868  HTTP - ok
20:50:34.0857 0x1868  [ D3C45F1B5BB3EE772CDA416A4A3EEB9B, 97CD988CF307EBCC34F37F130F4F2C989DD17E70B2498DB1929B566A3387887B ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
20:50:34.0857 0x1868  HvHost - ok
20:50:34.0873 0x1868  [ F60F8390B635156593F7493AE898AFB0, AC5E58CDA12072C5FDBFEA0FA009CE2E251D143FC0878B2658ECCCF797B8B0EC ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
20:50:34.0873 0x1868  hvservice - ok
20:50:34.0873 0x1868  [ 563F5FC3B46A70A91AB6C8822AC8BF25, 43E647A7752D7444BF306E38571130AB778AA2A6892782C6C1112E47FBEFBC87 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
20:50:34.0873 0x1868  hwpolicy - ok
20:50:34.0889 0x1868  [ C082249BC3E972C8A132D9EC6AD9EAD5, D69EEFD97CF5E0BD64D11DE1C331D02A9BE522BB93A40FF32ED434D960B85D39 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
20:50:34.0889 0x1868  hyperkbd - ok
20:50:34.0889 0x1868  [ C6C8315E3262FAE460529C6DA2951682, 4ADBFA6601209BF6F5A9797721CBE2011905775CF4E266D7B42F89915D477E95 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
20:50:34.0904 0x1868  i8042prt - ok
20:50:34.0904 0x1868  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
20:50:34.0904 0x1868  iagpio - ok
20:50:34.0921 0x1868  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
20:50:34.0924 0x1868  iai2c - ok
20:50:34.0926 0x1868  [ 42962355A7911407026E920E7252E3E5, 4A4016A53ED61354C81C594968339E6F3CCCFF4A64F8F28AD008ED8137E05AD2 ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
20:50:34.0926 0x1868  iaLPSS2i_GPIO2 - ok
20:50:34.0942 0x1868  [ BD47B2FEABFA48C6224D43EE9EA9BC06, 304628CA458AA7B1B8B1CFF12074AD75C1CE7BD41820B99607D7FA99A817D007 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
20:50:34.0942 0x1868  iaLPSS2i_GPIO2_BXT_P - ok
20:50:34.0942 0x1868  [ 2184CB3A65888F446FCD6DBA9F073F4C, 0B3D63EC7F61BFAD490C123084965A9F38DBFE587AC9DAE6F4E6B68AD8093DB2 ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
20:50:34.0957 0x1868  iaLPSS2i_I2C - ok
20:50:34.0957 0x1868  [ 4126F8DA08CE7924A3AE6F7235F85D5F, 668DC1D09496A95F44C07C5C1F6ED7D3EFC6F89523B2744A86B460E5BECAEFB5 ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
20:50:34.0957 0x1868  iaLPSS2i_I2C_BXT_P - ok
20:50:34.0973 0x1868  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
20:50:34.0973 0x1868  iaLPSSi_GPIO - ok
20:50:34.0988 0x1868  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
20:50:34.0988 0x1868  iaLPSSi_I2C - ok
20:50:35.0004 0x1868  [ D820075D3395BED28FC57AEF8FBA666F, 7589CCCD355D2685C0E6D317AB39F0DB061153E6859A0F53834B001643CFDF57 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
20:50:35.0026 0x1868  iaStorAV - ok
20:50:35.0041 0x1868  [ A243E0CE8644378C9A9D015ABC3EDA27, 0C72F6D39DD64A16F54BCE185F4D8E670D386823F6364E9ED284F7F8DE11CBF5 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
20:50:35.0041 0x1868  iaStorV - ok
20:50:35.0073 0x1868  [ E16E4FC9F250E48CB2CAD93E59D010E2, EFF558EDD63DB0FD8BA240E94BD5999106233B95BF86BFB99EE9B897F41C542B ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
20:50:35.0073 0x1868  ibbus - ok
20:50:35.0088 0x1868  [ E3061D5ABA80394D29E26EA58AF7F69A, 9BCF1AD2CC9C7E48FD350F9D59797E17F355C840EDE428143764F93716159C20 ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
20:50:35.0088 0x1868  icssvc - ok
20:50:35.0104 0x1868  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:50:35.0104 0x1868  IDriverT - ok
20:50:35.0142 0x1868  [ E9E4BB312F6B544392F44D513FAA2243, 3E6917BCE9F1AF554D57FED9E76B33F36D92145B0090A5F8F64E2A53EB4C54A4 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
20:50:35.0157 0x1868  IKEEXT - ok
20:50:35.0157 0x1868  [ 0E33BC018502E7FDE77C343055D9C626, CD1C60E8EDAA044E03E5776962E091C1288204033A57A799D446F9B058D6AD59 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
20:50:35.0173 0x1868  IndirectKmd - ok
20:50:35.0258 0x1868  [ 2BEE14AC102CF1259AC99ABF53291A8B, 45FAF81302E7A575D378A67F4EF75C89FDDE3B16AC3155BB2803A54D3A7B0DD3 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
20:50:35.0342 0x1868  IntcAzAudAddService - ok
20:50:35.0373 0x1868  [ 4B7F8A1AAC7172DB6918A0E10E1D78A3, 1E9922AF9B5458F23A379EDCD61B615B6E53BAF8927237C1C7DCC04122CCF417 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
20:50:35.0373 0x1868  intelide - ok
20:50:35.0373 0x1868  [ 0A3DBE89C965FFB7C0D0E38834E77B90, 0166BE79228ED6B3D7AA1BACB4F1BB68357DBF70DF778B2F8A3776E374EE690C ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
20:50:35.0373 0x1868  intelpep - ok
20:50:35.0389 0x1868  [ 64EC687A811DC4F69DF3816F073352AA, F70942B67448DF9848F32F88D37E1E0C548CE9FEFC4376628D7CBEF62494D8E1 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
20:50:35.0389 0x1868  intelppm - ok
20:50:35.0405 0x1868  [ 549C278119FF539C3B219C55B98B0E87, B4C15AB0C77EAB6C5ADEBD014F610BBFC537EAEB0E3960636624001C8A5DE56E ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
20:50:35.0405 0x1868  iorate - ok
20:50:35.0421 0x1868  [ A0F9F2E87F0C751FE164D90EB44A9B63, BE816F17E43E5F80AC65E913AB7F9E77B8D6B70B90A784CB00C907D3DAFFD4DB ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:50:35.0424 0x1868  IpFilterDriver - ok
20:50:35.0442 0x1868  [ 57A93FCF94FAB8C2161335E56C81CD16, 4A642E4FF70DA209074B78EC50B76A024DB5D01B8C9FCC405A64AF0F1A7EA389 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
20:50:35.0473 0x1868  iphlpsvc - ok
20:50:35.0473 0x1868  [ 656DDB34996A96539BA6E2843B5F2A77, EDC3F1A2BA38A9655361A20B6C8001984AEB1A530C5385CF6EC0AF595305DBC7 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
20:50:35.0473 0x1868  IPMIDRV - ok
20:50:35.0489 0x1868  [ DCC05E5EAA580C97F13B434FAFACED85, 5C6CFD3D9FAEB7274E05F3D19D3AA064624500C616650DE227B849B505662BB4 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
20:50:35.0489 0x1868  IPNAT - ok
20:50:35.0524 0x1868  [ 8A2A79444C72D6342976724F6908495B, 11F1246457C2171BA73C9B2BB78BC88662B3DD174C0249980528911F794C6A62 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:50:35.0526 0x1868  iPod Service - ok
20:50:35.0542 0x1868  [ 9A6B993A95CCA15502DE3C980508DC44, 370A1A4531A72CFBF331ED274913925A269115A13E3A6B5E1821FB48DD7242AE ] IpxlatCfgSvc    C:\WINDOWS\System32\IpxlatCfg.dll
20:50:35.0542 0x1868  IpxlatCfgSvc - ok
20:50:35.0558 0x1868  [ 9035C10C7EB8CF7C87CEA82A62EBB43A, A0DA94E80E503DB3C2877CE1BCDC70B3FCC6861ADFBCCE66C6D2592BD63F27DC ] irda            C:\WINDOWS\system32\drivers\irda.sys
20:50:35.0558 0x1868  irda - ok
20:50:35.0558 0x1868  [ E7FD479E3298F3C8852A0D2F092BDB35, 07F2E779268EBBF4F32ED1C8423493B36BA823905E71B524C6AEBA0093193307 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
20:50:35.0558 0x1868  IRENUM - ok
20:50:35.0573 0x1868  [ 65B145143F6E5E1B5A213F0D9F4C4C44, 0E390BD8D7B4B9562E8FEE0D109DCE0D9EA823FD2D20B39FFACE3331F30FE5BC ] irmon           C:\WINDOWS\System32\irmon.dll
20:50:35.0573 0x1868  irmon - ok
20:50:35.0573 0x1868  [ 7FE3B3A30FA20F27AF7022A01C2266BA, 8AB924F08ABF1DCB154B6A3BDB7E3E5A863008B5AFF8E3DB9759848774E00E8A ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
20:50:35.0573 0x1868  isapnp - ok
20:50:35.0589 0x1868  [ B6BA01EA6B2CCCB90A6FDCFF68F4A992, 7F45A015D413DCAF8551FD229A7C03F6ADD66467B4C37155E300E0777DDE5E8B ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
20:50:35.0605 0x1868  iScsiPrt - ok
20:50:35.0605 0x1868  [ D36B404BF979297C6572AEF98B2594F2, CB2F4E6589936D35D59CA70B39A29D091540EA125BE4B937AF92CEA0C6D0AAEB ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
20:50:35.0605 0x1868  kbdclass - ok
20:50:35.0622 0x1868  [ 7E2036A846789D6D6A2EE21915017EE1, 82AF85CA30B440E453F7694C7EDABB5D2DB213AD2FE8620B92667DFB492229A1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
20:50:35.0624 0x1868  kbdhid - ok
20:50:35.0627 0x1868  [ 4C054B8E901F41F5743DADE8A29FF256, 1009CC2503E08AFEA849BA83135C2D75C573FC4D6EFB5DBCDCC7ACB17AF83152 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
20:50:35.0627 0x1868  kdnic - ok
20:50:35.0627 0x1868  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] KeyIso          C:\WINDOWS\system32\lsass.exe
20:50:35.0642 0x1868  KeyIso - ok
20:50:35.0642 0x1868  [ BA7A5838866618A4E82FBC05B8923605, 96E898C7768BED66487A00E02B2E50516602BCF54E6648F5528E3334AE8527EB ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
20:50:35.0642 0x1868  KSecDD - ok
20:50:35.0658 0x1868  [ 6629CAA1F157088B9EDD1EAD24C6D753, 3E5F3BCB34F4B52BE46B96F9F720FE5FB37A01D4E408875F6BB89F5B5C5A3900 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
20:50:35.0658 0x1868  KSecPkg - ok
20:50:35.0674 0x1868  [ 9778205F28DC4F2EFFCC146647FE5CF0, 6B7EFFB08C7757A2830745920A624F89DBD5B323E0A884932FECF06471894F9D ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
20:50:35.0674 0x1868  ksthunk - ok
20:50:35.0689 0x1868  [ 08F9C3F7FE3019BF53B1405B1820528F, E90940533F88A33C396E1DF9D186E945F030315FB2201E479F144E27387333CA ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
20:50:35.0689 0x1868  KtmRm - ok
20:50:35.0705 0x1868  [ 0DD3C5101AE1AA7E28B4CE5AB190C261, FAFFE2102972798210ED5E766F54C5EED6262354E132E1C24539DAA598895608 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
20:50:35.0725 0x1868  LanmanServer - ok
20:50:35.0727 0x1868  [ B82D6C634638534E41748FCEC909E55D, C286EB7B3E780549F77E75B4B9F053861D82EFDCD43B1308848A08D23EFADDCA ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
20:50:35.0742 0x1868  LanmanWorkstation - ok
20:50:35.0742 0x1868  [ AF1077E89AD4458EC9B1CABB35595346, 762AE3218B7B05032C4199F0AE9ABCC822C3DF88BBB09536202B6B26A7944024 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
20:50:35.0758 0x1868  lfsvc - ok
20:50:35.0758 0x1868  [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr          C:\WINDOWS\system32\DRIVERS\LhdX64.sys
20:50:35.0758 0x1868  LHDmgr - ok
20:50:35.0774 0x1868  [ C0CB3B9F1F92C36B91309FDACCDF918B, 5D40C11388A48323D9D9AC18A950B09E2654092BC2F9DE45779A9354668BA18E ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
20:50:35.0774 0x1868  LicenseManager - ok
20:50:35.0774 0x1868  [ FC37745959DFA4871759E4DCC836227A, 8B63F798440FD0A34E2F2940B2598238BC852EF3EFD22147A77AB4BA6FB9E704 ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
20:50:35.0774 0x1868  lltdio - ok
20:50:35.0789 0x1868  [ 1797F544956D46966C67A2F7879403A9, D7820D2F8E936FF13D709BA1BD0541AABA8402F38698FE96DAE70B4E7A730835 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
20:50:35.0805 0x1868  lltdsvc - ok
20:50:35.0805 0x1868  [ AE561CB0813D4DFA7D3E4471B2B70F5F, 344EA5E02D04098F032353962C1B70B0F578BCCD2843C70D6330B3F967D2FDB5 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
20:50:35.0805 0x1868  lmhosts - ok
20:50:35.0827 0x1868  [ 16C9D4D822CCA795A72DC88B25A577CC, AEF93AA4E815F90C1A42D574C6DE7EF31FE69AD7B78B8E1AC7C27304F3CD7959 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
20:50:35.0827 0x1868  LSI_SAS - ok
20:50:35.0827 0x1868  [ 920F0CFCED5F28A31B79F1C470649D11, 5A5F390F2FD7C26807E7896E9F8F94EE7E69FE3C4B247BEA515588EB076148EF ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
20:50:35.0843 0x1868  LSI_SAS2i - ok
20:50:35.0843 0x1868  [ 0FE63316F1C70A0F759A449FAC64C24B, CF99D62FDA862095BA1EB57DD58CEC070E0552E15B6F454B87D593707132636B ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
20:50:35.0843 0x1868  LSI_SAS3i - ok
20:50:35.0858 0x1868  [ 80E82C46B27A923A3744531069B63857, C73A200FC2A009D19F2C26FAC07489EA0F4329CD7A1D80EB3200B19DFC883F8D ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
20:50:35.0858 0x1868  LSI_SSS - ok
20:50:35.0889 0x1868  [ A69A59CD52D26443FF728FD52283598C, E416481B23CDADBB9E608E49C9DC9A520D14935E92CA9B63E7763692DB382D7D ] LSM             C:\WINDOWS\System32\lsm.dll
20:50:35.0905 0x1868  LSM - ok
20:50:35.0922 0x1868  [ 88F5570C04766EE561FF129B2F93030C, A36F7FF563F813EC0F69E5BFB76C58A1C9824F54BA1729C4096E8B7B7C8D90EC ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
20:50:35.0926 0x1868  luafv - ok
20:50:35.0927 0x1868  [ D365217A6D4528ABB41B40C8FBD227E8, 340129785A5788A8FFE0E1B339A616D290F7504F3658F63E1A3B169B38460FBF ] MapsBroker      C:\WINDOWS\System32\moshost.dll
20:50:35.0927 0x1868  MapsBroker - ok
20:50:35.0958 0x1868  [ C3EED732789052C98A2613A7E1C37CDA, D71735C8FB772EEB7F3F304CD79D8D774A9A285A94365DE0E635F61357EC9F0F ] mausbhost       C:\WINDOWS\System32\drivers\mausbhost.sys
20:50:35.0958 0x1868  mausbhost - ok
20:50:35.0974 0x1868  [ 4DCE65116A28488593FF5A6A18B03DB0, AAFA7E7C1C9A38B8CF5CE530F96028191F52B1FDD2790246E413B63CF7C5F02A ] mausbip         C:\WINDOWS\System32\drivers\mausbip.sys
20:50:35.0974 0x1868  mausbip - ok
20:50:35.0989 0x1868  [ 0C847B9BD2D1F1E97037F8C3DA6D5A1B, B2405BBAFBE78DF554B963C53DE843419AE873B82A1B0C2FA8D1779D1CC142BE ] MBAMChameleon   C:\WINDOWS\system32\drivers\MBAMChameleon.sys
20:50:35.0989 0x1868  MBAMChameleon - ok
20:50:36.0005 0x1868  [ 19956478146DC7884812C24B74D7132E, D6795397398C942530B8618F15B7BE6FDB84BAD61DE1B61A9AB85EBCB29EAEF3 ] MBAMFarflt      C:\WINDOWS\system32\drivers\farflt.sys
20:50:36.0005 0x1868  MBAMFarflt - ok
20:50:36.0021 0x1868  [ 149E252142950594695178971748D056, 6F3EBAD6CB87A21B457AA09CA56EF01B48D4478CB94BD09834E72BE9A41265A4 ] MBAMProtection  C:\WINDOWS\system32\drivers\mbam.sys
20:50:36.0022 0x1868  MBAMProtection - ok
20:50:36.0143 0x1868  [ D76E56108E6482905D3FAEA0649919E4, E10285889570A01E544B027F4A17BA7242E5E3EF93D20A19B05091DB237C6DD1 ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
20:50:36.0243 0x1868  MBAMService - ok
20:50:36.0259 0x1868  [ C3549BE8C1FE4ECBEE21DAD3378F6CD0, E4FB6856C1A8B9185322EFC4AF31A3748365ED2E3E4FB6DF57B35569D8D42AAD ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
20:50:36.0274 0x1868  MBAMSwissArmy - ok
20:50:36.0274 0x1868  [ 56D97EB1ACE0B76D500E7E1F1AB72023, 37A3103598CF739B36E370E2033BA208C499D6479F661820AA1708212D20FAFC ] MBAMWebProtection C:\WINDOWS\system32\drivers\mwac.sys
20:50:36.0274 0x1868  MBAMWebProtection - ok
20:50:36.0290 0x1868  [ 0609BF877A2F4DEECC62EEE220AB6242, 393268836EB055669997BD05866487497AFC396C9516DA4C4F143679B1DDCA6E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
20:50:36.0290 0x1868  megasas - ok
20:50:36.0305 0x1868  [ EEC64C8D498D121607C7615FDFBEE4D0, B605B9886C1A05C999B005AEA6D0677DF632E2F34F4FF03F09C2E6C05F554D50 ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
20:50:36.0305 0x1868  megasas2i - ok
20:50:36.0327 0x1868  [ 2B7D3B206833D769218A1F4BE2D73B97, 25901A5E931DC3659993448E59ABC3601B7B0ED9AFEF0F5ECC139D0D0442F73B ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
20:50:36.0343 0x1868  megasr - ok
20:50:36.0343 0x1868  [ 4F708DA590EDBCC124FB79066D44759B, B8DA803299AF5FDE1594CF958EA6B99D4B99E8163438A70A692CA33A96DBF8DE ] MessagingService C:\WINDOWS\System32\MessagingService.dll
20:50:36.0343 0x1868  MessagingService - ok
20:50:36.0374 0x1868  [ 89257B8D3826B5629CF7F73F97DA44F9, F056D67EC82072BA209FF7942862862FDF562F8C038F3128861C387F8F63B494 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
20:50:36.0406 0x1868  mlx4_bus - ok
20:50:36.0406 0x1868  [ 9AE3C0CC0865B1618A3C97744A6A9E9B, BF72AEF0360AC278B36ED31E5BFC2E8F72136B0952490A105CB6929654C97F6C ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
20:50:36.0406 0x1868  MMCSS - ok
20:50:36.0423 0x1868  [ 0CD29540C32C2E2E0E3D7E9832752AF3, E64C3F5323C59D53409E33E88989FDD2A38B5B602336FC1D8C3702CA9B5EBFC7 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
20:50:36.0425 0x1868  Modem - ok
20:50:36.0428 0x1868  [ 534477FCAFDFCA6B841BFA06BD26BCC5, 96404FDF0BA2127A3BD24319637EC0C8BE8C42618D9FEDF66F41C5F72840D427 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
20:50:36.0428 0x1868  monitor - ok
20:50:36.0428 0x1868  [ F5D4E18A70BA069D479154442CDEB60D, 96345E88BC6A50415E112A4B4CFDF3F4306EA049741C5B0A2BFFC142F15EB5CB ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
20:50:36.0428 0x1868  mouclass - ok
20:50:36.0443 0x1868  [ 5C09868963B0C076AC3BC7759A46B7B1, 64CD200A8D90CDC31317009636A3BB6574ABF04BCAC903F93C47823C40CC03F6 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
20:50:36.0443 0x1868  mouhid - ok
20:50:36.0459 0x1868  [ 8BF7039787036529B98E50AE86A0E46B, 69C04D012D026A14E2D2A138EDA79227F9BE4BE1892D517DCDB797F2A5AEDB14 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
20:50:36.0459 0x1868  mountmgr - ok
20:50:36.0475 0x1868  [ 86C9215967686BB8A6AEE8008D914BF8, 907A156AADC880F06EB7BBBC0C57EC14A205CEE43A2AD509F6BD4040CA4F327D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:50:36.0475 0x1868  MozillaMaintenance - ok
20:50:36.0490 0x1868  [ AA12FAF01013F63348B722D3588550FF, AADE8C93BFE0830AE43AD649F62D7D7E25FC14107B172815EF9F4069C19ADFCC ] MpKsla5c7b09a   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FD07DC27-EBD0-428A-8F0D-45AFA196B49F}\MpKsla5c7b09a.sys
20:50:36.0490 0x1868  MpKsla5c7b09a - ok
20:50:36.0490 0x1868  [ AA12FAF01013F63348B722D3588550FF, AADE8C93BFE0830AE43AD649F62D7D7E25FC14107B172815EF9F4069C19ADFCC ] MpKsldb3329ac   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4B4D014A-EE80-4A34-B02B-1FFCEDE34D12}\MpKsldb3329ac.sys
20:50:36.0490 0x1868  MpKsldb3329ac - ok
20:50:36.0506 0x1868  [ AD118EC95E9EF4D5223D681D8F183567, 395B76626956F5B7992676B9CA57B2CA075F0CDA881E14B3ED07ABE2DC0EEDBC ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
20:50:36.0506 0x1868  mpsdrv - ok
20:50:36.0544 0x1868  [ FA53A01517BBA97EA3B71CF5CC2052F4, C6F7CBDFAD629B2D4B6ED6A471708E8DBEB5CD5E0A992848359D3C0A82FDFCBE ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
20:50:36.0575 0x1868  MpsSvc - ok
20:50:36.0591 0x1868  [ D14C297933C82B8CB0B5CBBA4DDC830B, 2EF356F5373F16A7AE2421187FC5C150C09452C835229275B7403181D65C210F ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
20:50:36.0591 0x1868  MRxDAV - ok
20:50:36.0606 0x1868  [ F2AD1B72C5A6475FB5FF332E1980DF88, 41E24496FBD61C0A333F567DA7C4E38C5A792724FB56448189099F60114749D5 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:50:36.0627 0x1868  mrxsmb - ok
20:50:36.0644 0x1868  [ 84700F40C0E41AEA91F8F3D6218A8A68, 72BB529367095EE19F299232648B7E347590C9F4F89DE3FDA41724BFCAC1F49C ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
20:50:36.0644 0x1868  mrxsmb10 - ok
20:50:36.0659 0x1868  [ B855479BA6A74349CEF8061808C90201, BA70A9EBC2E2895419C5D46806153DCA061E3C836F3D97A622E7672140107F81 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
20:50:36.0659 0x1868  mrxsmb20 - ok
20:50:36.0675 0x1868  [ 670E6CFDA70C106342C0D63D014B6822, 8178C9E02CBE52F45C28ACC643287D8DA46FCED88D63957E3ABEAD9393B5827E ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
20:50:36.0675 0x1868  MsBridge - ok
20:50:36.0690 0x1868  [ 41C5D9B52F4A1B30C3F7219D601CF12C, E1C1B1CED19D32FA1B765C7C380B9E749893B2018CF358F448E40DA60CB63166 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
20:50:36.0690 0x1868  MSDTC - ok
20:50:36.0706 0x1868  [ 92C00BD9616F353CA59A755C33269757, E67F05A4A1C44137CCAC0C7292A7010B5920172ACAE32638600E231F28F33035 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
20:50:36.0706 0x1868  Msfs - ok
20:50:36.0728 0x1868  [ F27EC8F7A0A779276E5DA2E70C2B01EE, A450DB309F84CAFFCE2A720612BDB260D88E9C390D2BC60874D73A55D8567E04 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
20:50:36.0728 0x1868  msgpiowin32 - ok
20:50:36.0728 0x1868  [ CBA955A54C9446CAAD28C76789D3B071, F6CA1BECA35B13B7CCC9FFB325FACF22713F6B81E8A6540C9967A462E425BBEC ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
20:50:36.0728 0x1868  mshidkmdf - ok
20:50:36.0743 0x1868  [ E8E568EF60677E4534F387C53EE1B35F, 2E250EE1A9AE8AFDCA5216BED87328B05713386BD7E61C66A74EF021F2AFE7D7 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
20:50:36.0743 0x1868  mshidumdf - ok
20:50:36.0759 0x1868  [ 16376B7B0730C04DD1A2C0CC8E09E420, 2F39D3254FD272E277B5496A8C93A7CBFBF80F6004AE0343BE9F09C538975910 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
20:50:36.0759 0x1868  msisadrv - ok
20:50:36.0759 0x1868  [ 75FE54E84C1EB0C9C5E09F9FD5928ECC, 971CFEE8FB8364D17CD392E32A32AE57BE6461EAB6C580B52E6D752D4CFDD6B3 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
20:50:36.0775 0x1868  MSiSCSI - ok
20:50:36.0775 0x1868  msiserver - ok
20:50:36.0790 0x1868  [ C2939119A17E52D74191EFC1E4CDEE09, B5738A32B02CDD816F086BA84C733D9597A0193F42C068D7B90E386D1CA92EE1 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
20:50:36.0790 0x1868  MSKSSRV - ok
20:50:36.0790 0x1868  [ E40B960078A15D4901265D32E071C42D, AC11B8221C8F529FE3CA6FEB99AF699664C86008A732C3A8E6B1CE31C2272454 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
20:50:36.0806 0x1868  MsLldp - ok
20:50:36.0806 0x1868  [ B4860AB91DC4E73936F0FF504D6B4B07, 7371093D9EB62218D20F6B8B3C88CBF01932AEA2923ED119962A78BE46E5A939 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
20:50:36.0806 0x1868  MSPCLOCK - ok
20:50:36.0823 0x1868  [ 8EDC45C3F7F64A51C98B59E24648F74B, 445731F32A37A99FAB3CD5D178A84FB4F835727826211FF18623409D29FF3A1A ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
20:50:36.0824 0x1868  MSPQM - ok
20:50:36.0828 0x1868  [ 7DA5FAC2A49D30CA5B7B96B8B26281AC, 168C3AA5C7318184D8F67EA832920FCE64E11D4CC418517D7BDACB9632F0BEA8 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
20:50:36.0843 0x1868  MsRPC - ok
20:50:36.0859 0x1868  [ 4369BBFCDDCCE61856DD862C8E5C4E19, 23BA06675997A3A46723D0FC9E3DFEBC17E4149FC67B9DCED3011BBB5B5DCFF9 ] MsSecFlt        C:\WINDOWS\system32\drivers\mssecflt.sys
20:50:36.0859 0x1868  MsSecFlt - ok
20:50:36.0875 0x1868  [ 7E3365C8BC83DCE88D6226BB5C7170C4, 69D741039CAAFCA93A4CC09CEC14F117527D732A6CF3077AA83E935B03EC3F9C ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
20:50:36.0875 0x1868  mssmbios - ok
20:50:36.0890 0x1868  [ 09D51564E49181E9928910D6B91C920E, FB3C918820ACF4506AC49478709B4D4C6489BA0B5113E666C34B916CA5CD6DE7 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
20:50:36.0890 0x1868  MSTEE - ok
20:50:36.0890 0x1868  [ 793AE56A3946EAD5F906C28D294FEFE6, BB563D088084026606C2FBD30A0850BA18363CC173CC6C77272D727CA6C1F9BD ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
20:50:36.0890 0x1868  MTConfig - ok
20:50:36.0906 0x1868  [ E35F51C7474A26680627477462715206, 435490915CDD416D666B64C6B4526285EC946E6918CFA85585692B9ED43518B6 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
20:50:36.0906 0x1868  Mup - ok
20:50:36.0925 0x1868  [ 74BD1149BF50F1E24934042A3BD17C90, DC4626DC4D629CA7DF336EC7E6435F27D2E252D81945E57F4BF2C981DBCD9B45 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
20:50:36.0927 0x1868  mvumis - ok
20:50:36.0943 0x1868  [ 39C772E20B8C61858F969E4D60699D89, 32146D265CD315597C48FB233D77DDACB0FEDDB7E800A0F411A67844BB3ACC67 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
20:50:36.0958 0x1868  NativeWifiP - ok
20:50:36.0990 0x1868  [ BC80F85C129F12A5F64D6741A120B539, AD410F13BCBDE54F98E353BD4DAF30CC5A0A9990FC4F1AB3623EF3175EEBCAF7 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
20:50:37.0005 0x1868  NaturalAuthentication - ok
20:50:37.0005 0x1868  [ F2EA6F3165E154C24C084AC35DD6C3F8, 4F8CB75770945F5A28CC308917A124109F7462CE933695B9CAA3FE2CAE76C445 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
20:50:37.0026 0x1868  NcaSvc - ok
20:50:37.0027 0x1868  [ 9B3C6582CFB91BA2A04B1D06D8E2FB98, 431E6B075FD24002724E8A2ED9FB3221AD66D1F1D021B56466187D97E5B43A1F ] NcbService      C:\WINDOWS\System32\ncbservice.dll
20:50:37.0043 0x1868  NcbService - ok
20:50:37.0059 0x1868  [ 932E2E43078A3D786A46A5428F21B314, 17F1CC3388D80F1E1850063114C1EB72EEA149D9C8FA3501C0F9EB55C9E0C58D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
20:50:37.0059 0x1868  NcdAutoSetup - ok
20:50:37.0059 0x1868  [ 0FFE8AF1B94C5FD54E6ACC6DAE990D31, B67D3CA3460D4700D8B83EFE4B6A7AA940650E84D985484FBAA1EE80F3632133 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
20:50:37.0074 0x1868  ndfltr - ok
20:50:37.0106 0x1868  [ 59F3D5FEF4A24871C07C279762DA8624, 00DD19E3FBC7FCFE2768409E2B4AE931205D53A22072D958950E8FBA1D14F071 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
20:50:37.0127 0x1868  NDIS - ok
20:50:37.0143 0x1868  [ 4EA73CFDEE4A628D387D95464A131F29, 38A6E2389FA9B20A7AFDF3CFCD13B66489B92D853EE486BF81019F0A36A142E1 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
20:50:37.0143 0x1868  NdisCap - ok
20:50:37.0159 0x1868  [ EB127689AF6F24091AB73538A556257F, BC25067D355084D6893E9262750433044C28893BB27A67BF7AF5008742C6D359 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
20:50:37.0159 0x1868  NdisImPlatform - ok
20:50:37.0174 0x1868  [ 73B4C72FB6170A08C64BDA92DE93ECF7, 766BBE659232F0F5EAEE577EE88091FB76175BC52D65B9637126069C97E795D4 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:50:37.0174 0x1868  NdisTapi - ok
20:50:37.0174 0x1868  [ 6704F27EB15A5B30AA7FA5A4F4D1FD47, 841F99B3C751F4D4E23C0E7B5C275B4871C1D5EF937A93129DF64DF49F6B6736 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
20:50:37.0174 0x1868  Ndisuio - ok
20:50:37.0190 0x1868  [ FE87CCAA89433FC306A80F15E848F4B2, 3269FDF53DA59057E066D582FCBB96B71C8063B8F488856A9DEA414B4797E43A ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
20:50:37.0190 0x1868  NdisVirtualBus - ok
20:50:37.0190 0x1868  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
20:50:37.0206 0x1868  NdisWan - ok
20:50:37.0206 0x1868  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:50:37.0225 0x1868  ndiswanlegacy - ok
20:50:37.0227 0x1868  [ AC6AC99075732F5C29DB0004DD5B1AC6, 684EC821EF5C60DA540CA36EC192B09E62440AAD5B13F0F4C23DDC4A9B96F28C ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
20:50:37.0227 0x1868  ndproxy - ok
20:50:37.0243 0x1868  [ 9AC090451D92E6081EB89CDA83D74189, D4D442412F112853AA8D88DFB5F695AE4E8E2C361905992537EE53BE675FECE8 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
20:50:37.0243 0x1868  Ndu - ok
20:50:37.0243 0x1868  [ A115DDB2C7805C41EEC9A5276FF5764E, FC81D0BE2DAAC6E7161C0FC5C90050022A39AD50E28040D5357C0E1FD6C0B6B5 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
20:50:37.0259 0x1868  NetAdapterCx - ok
20:50:37.0259 0x1868  [ F420B6CAB5151A38E4DBBFFB500C11DA, 271F495B261461B8EA847BFDD87C155E6DC1B6236C161B8253A1F023706B1B1D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
20:50:37.0259 0x1868  NetBIOS - ok
20:50:37.0274 0x1868  [ 30C2F67EC84EB11B22011620107E0325, 98088685F457566FD8D13B83A0BF6B06CDC70AC156B67BF87A8A8446C150C1F3 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
20:50:37.0290 0x1868  NetBT - ok
20:50:37.0290 0x1868  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] Netlogon        C:\WINDOWS\system32\lsass.exe
20:50:37.0305 0x1868  Netlogon - ok
20:50:37.0305 0x1868  [ D9FF8CA42C3541F4840693F17143C595, B05FB0B6439B34BD93EE59DC48BBE3D712A7428EFBFE37A887CE8546E57EE68F ] Netman          C:\WINDOWS\System32\netman.dll
20:50:37.0327 0x1868  Netman - ok
20:50:37.0343 0x1868  [ 96173660A4DD4A56E4B8938A67DAD9B7, F1D8F94625C6461DB89F8D3BDC73748F8A7F3446694BD1F148AF9BE6F17E9543 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
20:50:37.0359 0x1868  netprofm - ok
20:50:37.0359 0x1868  [ 79C810D49E6D2825F51B0D7CAA6E2FAD, 19B7FB87FC8CE8FEA456F06D32099ED5B69FE38D2954580D4CEC32998D206E9F ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
20:50:37.0374 0x1868  NetSetupSvc - ok
20:50:37.0390 0x1868  [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:50:37.0390 0x1868  NetTcpPortSharing - ok
20:50:37.0390 0x1868  [ 8C03F2F5A9E93AEB08B3AEE51552394A, F95185FB8D5FDEAB39E593488BA6ABCFA9C081BFED05008E0CD95F29B894AFC8 ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
20:50:37.0405 0x1868  netvsc - ok
20:50:37.0427 0x1868  [ 0C124EAC0EF7B3767280C94A8C03615B, D10216726A221C8FBC67C47F4B266C271A7C7A4438F77AC44BB561E0A6EB6D34 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
20:50:37.0427 0x1868  NgcCtnrSvc - ok
20:50:37.0459 0x1868  [ 9ECFD7DD594DBEAED3A2889045B2DCBD, 984B10A88E304B805153C49B3D618315926635A270AB34D2976E7AA5AE00E2F4 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
20:50:37.0490 0x1868  NgcSvc - ok
20:50:37.0505 0x1868  [ 50F98CD010326B58F09082BACF3123AE, 124446A2905E23BB3F5763E347842F3F511EC44C37C2F85E409F73EC8F53924E ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
20:50:37.0521 0x1868  NlaSvc - ok
20:50:37.0527 0x1868  [ 6D8F6A9C53CFB0C49E8251A442B7283F, C3E913E4997C35A9B4C2E613A499F01D15264EAB699B93269B690B2A74A70E9A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
20:50:37.0527 0x1868  Npfs - ok
20:50:37.0527 0x1868  [ BABF7E1757D6908941C9F9CBD66A5EF0, 323E743CB26583763A9C5DE64E7E08138CB8D3E2DE0A8BCE9F774E1C7426E7F8 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
20:50:37.0527 0x1868  npsvctrig - ok
20:50:37.0543 0x1868  [ A85EB5721C7203AAAAAA04F551960CD9, E61ED728E154799346C749159BFE36FAEB2CE64FC5735F533B910017D66A7EE5 ] nsi             C:\WINDOWS\system32\nsisvc.dll
20:50:37.0543 0x1868  nsi - ok
20:50:37.0558 0x1868  [ 7A6BA778B48DF9FB7AC231D4FF6E3248, 5959CA59C75D2C4DD8A539CAA8D99EF6A0CB5AA3F0D485B14C8B35911748F1F7 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
20:50:37.0558 0x1868  nsiproxy - ok
20:50:37.0625 0x1868  [ 8D72D5038C5F91AFEF1B160FE524C2D9, 7F9913B6BC87DDCCA2A684CD211B8CB6EE7116BFEA162DD19185E6003576C1F7 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
20:50:37.0674 0x1868  NTFS - ok
20:50:37.0690 0x1868  [ 4FFB2D5655D10700D5B8E205C4DB86BD, 69078960669A373F9C2D47AF2ED841619831106B681EBAAEAAE5BD569A54CE6D ] Null            C:\WINDOWS\system32\drivers\Null.sys
20:50:37.0690 0x1868  Null - ok
20:50:37.0690 0x1868  [ 99EB6376EC2C03CE5F668577651E3454, A783FFBF89A9074E2074ACAF3F55862DF2F05CAFEAF6A2D509DDA665EB0D59CB ] nvdimmn         C:\WINDOWS\System32\drivers\nvdimmn.sys
20:50:37.0690 0x1868  nvdimmn - ok
20:50:37.0705 0x1868  [ 3DB2E9E207358BFBD09B77B5119ECA5B, 55FED85EFC06B7AB5031D9986E4E4D2FA8841C549081ABBA9F9D9BBAB7852B37 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
20:50:37.0705 0x1868  nvraid - ok
20:50:37.0727 0x1868  [ 4C04BFBD4DB2EECCC47F5FA39D65BB6E, 9312DC4F7000991946D92D87DD9D37D70E336629EDBA553BFC79804049E34B73 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
20:50:37.0727 0x1868  nvstor - ok
20:50:37.0743 0x1868  [ 0D611DC17E48B6F8DD466A089170D118, E55A78E2CC6A0A5F7B8F0B75DFB2297FBC3B959C4FDEFBEA1C6C4E7706724AEB ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
20:50:37.0743 0x1868  OneSyncSvc - ok
20:50:37.0805 0x1868  [ B6E9720BCC75FBEE342C59F62AF4871F, 43666A04039A969CE896B00F0CC07462145B7CB6DA887E164602C02DE8A40E76 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
20:50:37.0858 0x1868  Origin Client Service - ok
20:50:37.0958 0x1868  [ 2F5BAC241E4B1F68F00185F46F081F24, B42A91655EE1707A38F48ABDCC99B3C17FDA556DC4D521A1B94004CE82C59CCA ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
20:50:38.0027 0x1868  Origin Web Helper Service - ok
20:50:38.0058 0x1868  [ 58327B7E7C4E325C66B7C4A5220CE5F4, FF66411B23A195CA3C64F5409F2E2C6F88CB01034A4C9DDCA565DE0E144ABC13 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:50:38.0058 0x1868  ose64 - ok
20:50:38.0090 0x1868  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
20:50:38.0105 0x1868  p2pimsvc - ok
20:50:38.0127 0x1868  [ D1A9C22A98A10EB11A190B8FC7C07C6A, 1DE5F07E707DA9D833F105A8D948BBAEF0172DB2147D9A665EC7320F88D57B9E ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
20:50:38.0127 0x1868  p2psvc - ok
20:50:38.0143 0x1868  [ 2CC6C325B271C7CA60F374F8F868CB45, 569391CA5DF003ED33CAA89FD38834641023C24F7FAE2261F6DA8ABC5CC9C3C9 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
20:50:38.0143 0x1868  Parport - ok
20:50:38.0159 0x1868  [ 664B7DDEE982ADF5EAB480C75B9F6218, 1D1403CBD75916B83EEFA9B235E237583C40025C87C13676247F1EAD3F1D33EE ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
20:50:38.0159 0x1868  partmgr - ok
20:50:38.0190 0x1868  [ 72ABB842C15A6C3AC3D954308C6BF206, 8F2A69E3BE43BCD2C8A39153062216B5CCEC9FA62205EC8A23FAB209DFAE7062 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
20:50:38.0190 0x1868  PcaSvc - ok
20:50:38.0221 0x1868  [ C5B74C6D87E77BC64DEBD1BF57DEB375, AEBC86E404D4E3985D9FBAD9913AC52127DDE7C79062830717CDFEEA4CD7CC0B ] pci             C:\WINDOWS\system32\drivers\pci.sys
20:50:38.0228 0x1868  pci - ok
20:50:38.0228 0x1868  [ CFB85CB7A6F6926EA0EB96EDFB3C8A91, 7B3A58C165DF231BB202D8A2036272932439864F8EBDC62811E2BEFA8B36FC01 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
20:50:38.0228 0x1868  pciide - ok
20:50:38.0243 0x1868  [ 13B7D84B397A90E82682C47A15C3A98D, 7F897DA83209381A8C26B34416899E276256AB587DC4E2B60B185CAC8D1877F0 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
20:50:38.0243 0x1868  pcmcia - ok
20:50:38.0259 0x1868  [ 76EA512FD9D4673CF7A57775EE8922E2, 6D2B90616A46BC4F9BB6BACBD78EB33C23834987365C87617AFC2E147871C984 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
20:50:38.0259 0x1868  pcw - ok
20:50:38.0275 0x1868  [ 10E48E45A03A7F4C2B7C11738BE87816, 44870E26C3B75D51F5035DE78E62F3EFF222D314DAACBD60AE40BF34BC706F2E ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
20:50:38.0275 0x1868  pdc - ok
20:50:38.0306 0x1868  [ 4F190BA3C9BD2F0277BCBF480F396091, F09613C76350706992B39D7EA9B859D28F00790E5AC17CA7D49C3E270B9D8994 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
20:50:38.0323 0x1868  PEAUTH - ok
20:50:38.0375 0x1868  [ F5C8E47E2F7B72ACEA49F7AD2EA60D3B, 184B5C91BF36A03257A38E8FB5FDBEF96AE88F0F5FF2EEEAE7BFC6CA15CC1602 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
20:50:38.0428 0x1868  PeerDistSvc - ok
20:50:38.0428 0x1868  [ FE52FF97A094609429FEF098EDC6FB08, 6762ED340048AF61B756CB7B576BE2057768FDB677623D01F2A592727C0E5A00 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
20:50:38.0444 0x1868  percsas2i - ok
20:50:38.0444 0x1868  [ FCA143274792F12383C35902E801E83A, 87D93226E32153794993035553C9935D07242631E182460D8ED13650175C0F01 ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
20:50:38.0444 0x1868  percsas3i - ok
20:50:38.0475 0x1868  [ 4DAD2C73778D41F951B33854936E7BDC, 1421FDA2D083D5923422A038C54603BF798C48DDB7244DBEDA46D537B8CE1534 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
20:50:38.0475 0x1868  PerfHost - ok
20:50:38.0506 0x1868  [ B730E963A31B73938A76D7B80666D60D, FADF452637E2EB50CC8C0E75956FE01F029C587F6EF2F8B347213263DE9D3A80 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
20:50:38.0529 0x1868  PhoneSvc - ok
20:50:38.0544 0x1868  [ 97D85602B8131C487EB08A36F7343F5E, BEDC106AF06358D40BB034390645A5BFF9C138CFD51B5997D32614741D3D2372 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
20:50:38.0560 0x1868  PimIndexMaintenanceSvc - ok
20:50:38.0591 0x1868  [ F9FB601621FF33376F3908C2C27C6EF4, 8689565D4FD1C68826EA0A9C2B44377A2AEC3CD812595F0D32904D8FA5809672 ] pla             C:\WINDOWS\system32\pla.dll
20:50:38.0629 0x1868  pla - ok
20:50:38.0644 0x1868  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
20:50:38.0644 0x1868  PlugPlay - ok
20:50:38.0660 0x1868  [ 414CA4DCC31D795882B25ADC1DACE779, AFD8D9AA24C64DD9569FDCBE65171810FE27AF24B8DD2941FECE6245EABB6AAC ] pmem            C:\WINDOWS\System32\drivers\pmem.sys
20:50:38.0660 0x1868  pmem - ok
20:50:38.0676 0x1868  [ D54385DD5A39A5636D1587FC9ECFC337, DEEA5D433CB2DA55AE58C7C5431A1249C94B61606F0A75E4A44D516619060263 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
20:50:38.0676 0x1868  PNRPAutoReg - ok
20:50:38.0691 0x1868  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
20:50:38.0707 0x1868  PNRPsvc - ok
20:50:38.0728 0x1868  [ 118E91AEE8F6DDAD088F955498CF2487, F4447C64CF1F36432E0FF09B6712DCE61BF28E3499F20C6C69E80D98B42D671E ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
20:50:38.0729 0x1868  PolicyAgent - ok
20:50:38.0760 0x1868  [ F6A0B848F75CF55E3980EA0FADCBA317, 11D8B12B4DE867B180965B0F2FD0F362265C518F76FE3351A2B7C9C2FFC5E137 ] Power           C:\WINDOWS\system32\umpo.dll
20:50:38.0776 0x1868  Power - ok
20:50:38.0776 0x1868  [ D292D7FADCEE481CC64A9DE8FE9C3347, BD870A375E33CD8434CA97FFE9C2F84E58C6CD0EAEEEE8922172CB01F9674B55 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
20:50:38.0776 0x1868  PptpMiniport - ok
20:50:38.0860 0x1868  [ 5404E7A968A26DF03793B6F68536594D, BE5A85581E87EFE4DB43AD17B8D42D3F7F32364AEEC1416DBB94279C4A203FF2 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
20:50:38.0929 0x1868  PrintNotify - ok
20:50:38.0945 0x1868  [ D57CF871B3977731A91FE9611A54C7C1, B6C7F685716A88D0978377B83C5320C88EED0CAA44A001849AAFF71E4E0682E7 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
20:50:38.0945 0x1868  Processor - ok
20:50:38.0960 0x1868  [ 56A7713DE64B16FB309D132E88FDB098, A658C8DCA87442F33B726A9B2060B20393D83B8658D0894C046CAFEAB00E2D8A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
20:50:38.0976 0x1868  ProfSvc - ok
20:50:38.0991 0x1868  [ B60431D2A046AD97F8427F6E568370F5, CD488E343585A5AC19D9AAF88BF0BB7EEA1BC48F6DA4A4FBF9BE5A04ECF5040B ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
20:50:38.0991 0x1868  Psched - ok
20:50:39.0007 0x1868  [ E0DCCA2A78516D155A6485CCA99F0EA5, EAFD24F815ECD6373BEC8E75B24FB54694CB8E4FF430FB6886F9B5B1C1762BFC ] QWAVE           C:\WINDOWS\system32\qwave.dll
20:50:39.0007 0x1868  QWAVE - ok
20:50:39.0027 0x1868  [ A2B0F46FBA2521E7E732BDBDB1238515, 7F0FEFB09770BF5889D6C2219F68399C962A3F1071E70C4951B6FDAE196CF041 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
20:50:39.0029 0x1868  QWAVEdrv - ok
20:50:39.0029 0x1868  [ EA9EB06EFC325CD2ACF5DF2F26A4894E, 32AC7EDB42CDA736E2AD9AB67795735F16234D9BD80D56FDAE5B8B3C3C1CC26F ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:50:39.0029 0x1868  RasAcd - ok
20:50:39.0044 0x1868  [ 4E9379389D0A851DD19D130C8FAEFBD0, 279A25EF8949A5BAF311CA75493A5F89F74A02711EF875F67D0A95849B409C00 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
20:50:39.0044 0x1868  RasAgileVpn - ok
20:50:39.0060 0x1868  [ 3E8CB44832FE3F96047187291523CDA1, 999A10D4D50CD2C39309FDC04A9F4CB0959BA061AE9305D4DF7F00F37F3813F9 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
20:50:39.0060 0x1868  RasAuto - ok
20:50:39.0076 0x1868  [ 5279EC98F6218D29EADDFECCC0D80E9A, 6F376FC3BEFA9F521635192177962AF1F41173502EC067896B7C2A5FB71E7A3B ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
20:50:39.0076 0x1868  Rasl2tp - ok
20:50:39.0107 0x1868  [ D5E9823BC7CD1149917CC49AD4052D94, 4A40400FC1B43EF3EADA420F9898AF2A24585199B6F11AA8C2E7E15E2CDA3BAA ] RasMan          C:\WINDOWS\System32\rasmans.dll
20:50:39.0129 0x1868  RasMan - ok
20:50:39.0129 0x1868  [ D7FF75ED7A48FD60A573C9E959CF4DB5, C67673E2D678527F8C07C9BCC487D385B92282D9D73396CFB01F14F5211CA991 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:50:39.0129 0x1868  RasPppoe - ok
20:50:39.0144 0x1868  [ 6A4E45A7F17FA0B4B1B48C550E311944, 1E84A559B7AA5F07E8156D223EFFB1B2B43D1E4E90E561D8DF2C257FFBCFDC0D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
20:50:39.0144 0x1868  RasSstp - ok
20:50:39.0160 0x1868  [ F2C575A9657F7B2E027C6CE7BC8F1A2D, 5D002488CCEDCEBF0542F508FCE47DC9105C67D5685489970048437BD243AC0E ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:50:39.0176 0x1868  rdbss - ok
20:50:39.0191 0x1868  [ 9414B22E093243636D362BF8C8C12A67, 575CE91AFADD771CBF86377962EDFAF70150BBA575F8DF144FEE6CC1C0FF88E0 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
20:50:39.0191 0x1868  rdpbus - ok
20:50:39.0207 0x1868  [ 53A01D3FDB701AC5D9DDE4140227E3D9, 833AF0BAAB49B58C71C684D2AA20B900C27E19DDCE5E15355C7ABAAB33BC7673 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
20:50:39.0207 0x1868  RDPDR - ok
20:50:39.0227 0x1868  [ DF32ED51DC0C3F6F3B1C4CEF71B8B426, DBEAD271B5DE6439E3106BDDB8B1E47D7BA47AE203CF3E1F8924CE02FDCA6E0B ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
20:50:39.0228 0x1868  RdpVideoMiniport - ok
20:50:39.0229 0x1868  [ 2369A5B651308E0C3458143976E9B03B, 0EDE99F7E2A7668E90C2FCA11D4BCE0676FBEA2CCFB57A004827CE5FE96D1584 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
20:50:39.0245 0x1868  rdyboost - ok
20:50:39.0291 0x1868  [ 3581FB9529035F8EC6DB681664CA70B1, 0C7BCD6A3B4248683C52B69F0B373D5929C2375F9BBF6CA80C480A8E7446A30C ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
20:50:39.0329 0x1868  ReFS - ok
20:50:39.0360 0x1868  [ 79E1ADE19D8B7C56EF29D098EAF57AD0, 295D0F04359A00849759976710F6CB83DB96E5007946930EA19865620EA3EFE7 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
20:50:39.0376 0x1868  ReFSv1 - ok
20:50:39.0391 0x1868  [ D91C597DE82E1500525945E1FFF24B0F, 3F5837A743715FB2CCBFC9458FBE010AED170B46515925D4C7C59BBAC792F695 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
20:50:39.0407 0x1868  RemoteAccess - ok
20:50:39.0429 0x1868  [ 19D1072193DAF71C97E5A05FC7673BB3, 313C3762CCC490C20B5561A78E6002E7A52F0142B370F17849DD4AB2F0AF6513 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
20:50:39.0429 0x1868  RemoteRegistry - ok
20:50:39.0445 0x1868  [ A12D167F73C3E285AC623BCA62B3A8BC, 6E8213808C22C0688BD40721FBBBAA88BFEFA1BD304BC19AA015FC541CA5BF84 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
20:50:39.0460 0x1868  RetailDemo - ok
20:50:39.0476 0x1868  [ 5F44B0167AA65BFFC778227725CB258C, 00027F82639C7E054CF42179A26B5D43FD789C943979EF3F29BC364319A2D306 ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
20:50:39.0476 0x1868  RFCOMM - ok
20:50:39.0492 0x1868  [ D31B2CD9458D2E212A5F24D56D2FB8D5, D8EC0BDB9D143C050A48217C57AA1BA6D60EEFEF67A98441064BD8FD339987DD ] RmSvc           C:\WINDOWS\System32\RMapi.dll
20:50:39.0492 0x1868  RmSvc - ok
20:50:39.0507 0x1868  [ C79F1F7C8A5FCBE90E3C833299AA1F59, 7969E79B2095BDA144AA369DE21F49C9FAD272B5864B2F0FD28CB28D148F2AD6 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
20:50:39.0507 0x1868  RpcEptMapper - ok
20:50:39.0524 0x1868  [ 1CE6928C1587F9760F7C3A036786CAE8, 3E4F5371E0DDDBA612BF61891D17D691DCAFB2E1010BBD84737FBD98DA8C03DE ] RpcLocator      C:\WINDOWS\system32\locator.exe
20:50:39.0527 0x1868  RpcLocator - ok
20:50:39.0545 0x1868  [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
20:50:39.0576 0x1868  RpcSs - ok
20:50:39.0592 0x1868  [ E87EECED9287C275B6CF30EB598B1D77, D0C5D4E37A3FAD422C0ECFFAB53904D9FD5385129DE2BC5AF75D91CD016EA6AC ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
20:50:39.0592 0x1868  rspndr - ok
20:50:39.0607 0x1868  [ AB7C0639DF052528C2CB06D0EAE115EC, 5D709DE453FBC3DD880859D2B11BCB780FEA8C0618AA47622C85BD414EC540BE ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
20:50:39.0629 0x1868  rt640x64 - ok
20:50:39.0645 0x1868  [ 03E76CF0657BCABA2D7F7EE4384E6562, DCCAA648A34358B3DDBF908E2136C4A3460A297AC9E001B6709C65A9F320EB07 ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
20:50:39.0645 0x1868  RTSUER - ok
20:50:39.0661 0x1868  [ 6308366D3CDEA5F427CFF4BCF0081B4E, ABB91A41C09A1607C66BD380FD0A3EECAAF9AD534856CCC78DE1A4E450ADB07F ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
20:50:39.0661 0x1868  s3cap - ok
20:50:39.0661 0x1868  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] SamSs           C:\WINDOWS\system32\lsass.exe
20:50:39.0676 0x1868  SamSs - ok
20:50:39.0676 0x1868  [ 33B2DC5C2F19DA89F862484E23D9833D, 1C3BD1804767D087BE1510EEDCE94FFAC096922C821A123DB1BACDA5777246A7 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
20:50:39.0676 0x1868  sbp2port - ok
20:50:39.0692 0x1868  [ 53F03A8A228D6C8016139A4B2583A2D8, 8EA046C7537B2D926D3AE1F058A9880F823EBEA6DC77F312082EDE1722F08236 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
20:50:39.0707 0x1868  SCardSvr - ok
20:50:39.0724 0x1868  [ CBCC25CDF5D30ACB253CC92ADC7D569C, 0DF0DE3B0F0007E4F3D663EB7CC503C38B5A99F5859A6BD8564F8153F1D925D5 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
20:50:39.0729 0x1868  ScDeviceEnum - ok
20:50:39.0729 0x1868  [ 5CFEEFCC6FAD1FD09ACCFBD652DDD85B, F90104CC42073ACD48A2FCCEDF58B57D8663223406ECB0A270140A053E9260B3 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
20:50:39.0729 0x1868  scfilter - ok
20:50:39.0760 0x1868  [ 5BBFA6CA63E8A5BB8FA2FA84A5562CE2, C74CD0A76473343A8620D26C96F7300026C295EDF61B8A336AB326DFE861678D ] Schedule        C:\WINDOWS\system32\schedsvc.dll
20:50:39.0791 0x1868  Schedule - ok
20:50:39.0807 0x1868  [ 5C8620FAC0E3C1658C8EF7AD7BB7EA5F, FEBE7FC79FCDF692167D82DE54031FD68BD2941544007EEB3D82C21E7F1C5C83 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
20:50:39.0807 0x1868  scmbus - ok
20:50:39.0824 0x1868  [ 62E13528B9F900A5662E243D4315F10B, B3F4868E80A3A2EDEC19E5AA32C96FF90B08D6B9BD35B80EA01E6A098D46040B ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
20:50:39.0829 0x1868  SCPolicySvc - ok
20:50:39.0829 0x1868  [ 71A494A502F24465317E88E80F6C0C2C, D85F139982804B8419D7CCF01F35CCDDA580BA5276A6261D0662028080F7765B ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
20:50:39.0845 0x1868  sdbus - ok
20:50:39.0845 0x1868  [ 464B615872981015AC4FEEBDEA83A063, 5CF491352B267241CA11F08E72E6EA668A595662561892E0D02CCA5B71172E14 ] SDFRd           C:\WINDOWS\System32\drivers\SDFRd.sys
20:50:39.0845 0x1868  SDFRd - ok
20:50:39.0861 0x1868  [ 847F01FB8504425BB255856A14278A86, 41997D25D12779CA79551988C56FA0A302367076B09A82F620858EDDDBFCE3FF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
20:50:39.0861 0x1868  SDRSVC - ok
20:50:39.0876 0x1868  [ 6BC219F1D9CDE08CEB9084ADB41FBA01, DA8AC3B42A72515A1976961976203A52D4C8636586EB5EF6B466AAF967A6567E ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
20:50:39.0876 0x1868  sdstor - ok
20:50:39.0892 0x1868  [ 2AE8505519C7E8A903DD7BE793A79846, 7044B1BC183E028BCFB544489B033F0968F033696F9816F354329ABD26C6EE7E ] seclogon        C:\WINDOWS\system32\seclogon.dll
20:50:39.0892 0x1868  seclogon - ok
20:50:39.0907 0x1868  [ 1D4F5F50BEA1329FAEFA5D15F683F87F, C5E0BFFB4E4589AAD87D8BA0F779DC94ED6F85A8003B71D0A858CC32912A3F0F ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
20:50:39.0907 0x1868  SecurityHealthService - ok
20:50:39.0944 0x1868  [ 77FB9BE8EDDCC999D09F2B1A7878A2A9, 589774C006A339FCA9772C37C9103C73C8592E018553804B97F34E2A0069A3F7 ] SEMgrSvc        C:\WINDOWS\system32\SEMgrSvc.dll
20:50:39.0976 0x1868  SEMgrSvc - ok
20:50:39.0991 0x1868  [ 25456AF499A0C9C4A93CFAC70BDE9CC2, 885C1A9C8BFA73D9C9C454759DF871237F7C0F28D879E98B4BE0D0113C549B09 ] SENS            C:\WINDOWS\System32\sens.dll
20:50:39.0991 0x1868  SENS - ok
20:50:39.0991 0x1868  Sense - ok
20:50:40.0029 0x1868  [ 892C955E1081412942F64679E0DD7A5D, 6A28012270FA1FB3BB279102C67FA5296564630181C887E1EA6EA1F952A30C37 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
20:50:40.0060 0x1868  SensorDataService - ok
20:50:40.0092 0x1868  [ AA4BA5CCB3B01E23605ACE13F4A94ECE, 7D8374FA03C33CFC7EA7CF680F81B0090AB22076E389EB6B6233F696FC63E1B0 ] SensorService   C:\WINDOWS\system32\SensorService.dll
20:50:40.0107 0x1868  SensorService - ok
20:50:40.0107 0x1868  [ 00897F867A525D2118DF98E2DCADA050, ADAEB414EE5F3EFE90AE8A56136FB0165CF68962661FE0B937150235DE1F4DE6 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
20:50:40.0129 0x1868  SensrSvc - ok
20:50:40.0129 0x1868  [ 585329F62195A4B7AAD0A95F6EC89751, E7ADED97ACA8E8E06C368E24702C22D4C2B0B9495DEA24A2DC2A30782099BDCE ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
20:50:40.0129 0x1868  SerCx - ok
20:50:40.0145 0x1868  [ C8F4FDA8B3D039D7947344614FF5BFB2, 1A3B88EC59F2A820AFE4F3AC65F7149EAC68672D1F0D729CBB575694005A8911 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
20:50:40.0145 0x1868  SerCx2 - ok
20:50:40.0161 0x1868  [ E5B450E4E0DC1591254BF9CCF6C57B40, 958E7378D9BDE1F2EBE736D8D9912D56835A606AABDD042443A35CA37EC70F11 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
20:50:40.0161 0x1868  Serenum - ok
20:50:40.0161 0x1868  [ 628D8DD136F92316BFEB58FA005338B7, 0CDA673D31F40EBD07E9F67667DB6077F23DCADE2DD8376AB550575224625D44 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
20:50:40.0176 0x1868  Serial - ok
20:50:40.0176 0x1868  [ E5BA0B7353ADC5C95AB466D2E4DC89B1, 98F2A22ED892B2610C85EAAAB51DF25939599955A27611FCE9E68C3701CFD4EA ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
20:50:40.0176 0x1868  sermouse - ok
20:50:40.0245 0x1868  [ 043D7B39E693C610036BD56DF30EF440, 329D29CE1CB5F502B7DFCBE24878CA61EC56787A1B02195E19499701B194DE08 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
20:50:40.0261 0x1868  SessionEnv - ok
20:50:40.0276 0x1868  [ 15CFCC4692DA8887B977CE5FC5181084, 31D86E122E35AB9E7275F2B0573EE98770BBE517ED3B9CCED97F4969C9A619F9 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
20:50:40.0276 0x1868  sfloppy - ok
20:50:40.0292 0x1868  [ 87B083252816171A17F833CBCB7AA85E, 200AB93CEF384791DC9B04D2AF17877CA10595B2CEDF4B9505E367A2382C4AB7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
20:50:40.0307 0x1868  SharedAccess - ok
20:50:40.0329 0x1868  [ 4293E11951DEAAFB3924AB1DAB1FAC08, 644974816DDF690B26F369E48533D654A5B298BCA993EE53EACB5C00E52E5243 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:50:40.0345 0x1868  ShellHWDetection - ok
20:50:40.0361 0x1868  [ 7CA2E9B6EDC87FCCA9C49D3D9BE62B65, 3FE1A2DD8581BF8D29EA2000424EB992BCA8E00986F107C22489D006F729D2E3 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
20:50:40.0361 0x1868  shpamsvc - ok
20:50:40.0376 0x1868  [ 2339F6B45E1D863B1D327F3AFD75A675, 03304ADC42EF6E8F671C8AA78A0D3E40408D870FBF2DA2B31A1727F86EF8F213 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
20:50:40.0376 0x1868  SiSRaid2 - ok
20:50:40.0376 0x1868  [ F520D50AD7266ED31D25DF4C8EA6BC2D, F68CF9EFB8319E59A8D9C24A36A198185DD79CBACD14510F5450F0024F0CD4D3 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
20:50:40.0392 0x1868  SiSRaid4 - ok
20:50:40.0392 0x1868  [ 70A2FD5F5B7B1A5E1146BE45E4DFB75D, 598824F06BBC2E37B9A6474411637C73233C8D2E13AE963C3229279A8519A9D3 ] smphost         C:\WINDOWS\System32\smphost.dll
20:50:40.0392 0x1868  smphost - ok
20:50:40.0428 0x1868  [ CB001810FD0C56F1D57229D023A84AE8, E423B53EE3A3710D6F45CD14C8BA5EF8E955344C8477385D470E6687FC661A75 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
20:50:40.0445 0x1868  SmsRouter - ok
20:50:40.0461 0x1868  [ 9977AFF389C0C32DE419226564886E09, 453ABAB020E3ACD04A45BD05B224C182A47534C23023C4E1AD1903E5377B3CCF ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
20:50:40.0461 0x1868  SNMPTRAP - ok
20:50:40.0476 0x1868  [ 2334ED0B61CAE7E7B1B454674206CDAC, 4EAA11805C2282E0306A381CF56E4B28D83C68BA1B401BFD512AE70C05C8A4CD ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
20:50:40.0492 0x1868  spaceport - ok
20:50:40.0508 0x1868  [ F3F0B8CAC1F3E6C3382EAFCE762475AD, 9F2EB373FB9216CDA71965979EE5E18F3AFDD26FF7E0C09DD7C3D880205C2554 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
20:50:40.0508 0x1868  SpatialGraphFilter - ok
20:50:40.0528 0x1868  [ 83E82B0E292DCDE4C75B9241BF0FB300, 494D2FD4CD082CC416CA5FF1ABE06BDC65A769F371CF0E18AD25C380B45AEE32 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
20:50:40.0530 0x1868  SpbCx - ok
20:50:40.0561 0x1868  [ 10CD42898C9E4849193E78A87337B2E9, 7C4FCB36EE1AF92C6962F14AE6DEF2CB154468EC3963DCDB9BDF8398C98B475B ] spectrum        C:\WINDOWS\system32\spectrum.exe
20:50:40.0577 0x1868  spectrum - ok
20:50:40.0608 0x1868  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\Windows\SysWOW64\speedfan.sys
20:50:40.0608 0x1868  speedfan - ok
20:50:40.0630 0x1868  [ 29D813B5D84BC2C26BBC607CAA57A675, 2C4D5F4E2F7B6580E22ABF67690B0D32CAF5063DEA79E6F57E565782973F3990 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
20:50:40.0645 0x1868  Spooler - ok
20:50:40.0761 0x1868  [ E910861720DE6EDFB5CC6158CE3C7E17, 526BA8EEB9EE5312FEC39753D728E05F49AD81132346A354C95D4D4938001E2B ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
20:50:40.0868 0x1868  sppsvc - ok
20:50:40.0890 0x1868  [ 36EAC4FE629FC036632F13EC14788FD1, 6AEE37816306FE46FA99EADB23E98CE6A6674C11ED847F1F5575926E26B09F9A ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
20:50:40.0890 0x1868  srv - ok
20:50:40.0921 0x1868  [ A84B05C7C2A233497BE1D518A662C326, 85B291B6783AD48F2111B46050311A553BE6D6A7C3D90861DC010FA65730D2B5 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
20:50:40.0937 0x1868  srv2 - ok
20:50:40.0952 0x1868  [ 0351B28EEDFBD6C8CC69A7224A098CFA, D1D08D63F773CAEEA66585D090C073C0748AE96A2AAE8487E4B8BA54F7E59558 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
20:50:40.0952 0x1868  srvnet - ok
20:50:40.0968 0x1868  [ E95A6C339AE68515897B2E4C6B0842CA, 29DD7E83CD68432EAE4A7ED92CDA40AA52028F5FBB52152F0A1C752B572C2684 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
20:50:40.0983 0x1868  SSDPSRV - ok
20:50:40.0990 0x1868  [ FBD45746B2EDEECA10CCA6A861F8049B, 34383B0A07A93E0FA89CA32CD45AC5061F73723B2A9E0BF4AF93A53F70F1678E ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
20:50:40.0990 0x1868  SstpSvc - ok
20:50:41.0136 0x1868  [ F1A5AC00B8CD7E28BBC8DD7E60D48B65, AC185DD46A8B63500DDE74C2446F6409B0B4612068C33B4B7C30E43F389908DF ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
20:50:41.0252 0x1868  StateRepository - ok
20:50:41.0305 0x1868  [ 03404CCE10E4A207953E954C2AF8D41E, 380841C60C7730E14F81C2E2D011E944BE45CA082997B82A4859C2E49F812D01 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
20:50:41.0336 0x1868  Steam Client Service - ok
20:50:41.0352 0x1868  [ D40C589F80EB1C511263D0547C0259AE, A0236F6BB515AE006CC4C9F40FCCE250407888757A3646BB4BCB59EF8EEF1311 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
20:50:41.0352 0x1868  stexstor - ok
20:50:41.0352 0x1868  [ 01726E4BD1D1A5AF1F23833C79528555, 736DDA82BF17880A2C596571CBCA4C8E3829526AACC3C50B9E2D3A0DA9744E41 ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
20:50:41.0352 0x1868  StillCam - ok
20:50:41.0387 0x1868  [ F83F43CD328E6CEEAAC27612F3EB1FF5, E3D35E5154CD228301806706E6EADCA36E9113EAF44BC06E3C43B2E902187326 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
20:50:41.0390 0x1868  stisvc - ok
20:50:41.0405 0x1868  [ 576A818562069B1E091CC719C143AED2, 48880CF4D33033E9A6024C2A0AD673AFBCE400C74574913F8E24717BA6BADE7C ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
20:50:41.0405 0x1868  storahci - ok
20:50:41.0421 0x1868  [ E5F703788DFA05411F1469E96838F438, A7E8D2DC23E23EA52B068C71D9387E69FF49798A27CE0243A994A2B1B09FA042 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
20:50:41.0421 0x1868  storflt - ok
20:50:41.0437 0x1868  [ 0D0128244FF55EAD3F878D3FE542DBA5, 4FCFA1B2113E07264A71A22298CA6E9FDC2AB722E0AE184A8F5656C18113A858 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
20:50:41.0437 0x1868  stornvme - ok
20:50:41.0437 0x1868  [ 3A62FF78619258E6126C5C4B4CC82C8E, C72CC295680B35E0EEE5A5310E0241E2FFE0E540BFAA49C35C06AA882229C1CD ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
20:50:41.0437 0x1868  storqosflt - ok
20:50:41.0468 0x1868  [ 212CB512B785E218667CCA56C4BFD71D, 5FD4CFEE5AB2187D928632076E6AD5C2C53D66884479C4D34930DCFCA3CCEE34 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
20:50:41.0490 0x1868  StorSvc - ok
20:50:41.0490 0x1868  [ C6097966F8EA3B288070CDF7C3C8C3E8, D12C4AF3E54DCE1E5DC9C8AA0E83420F481DC0165A7F7845083A85BABC102D37 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
20:50:41.0505 0x1868  storufs - ok
20:50:41.0505 0x1868  [ 3DC3B17E92DA02E36B4138733DF6C1AC, 398F20B6D6DAF6DA950C149F63F3B23864E1478119BFE53218C220CEADEC800D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
20:50:41.0505 0x1868  storvsc - ok
20:50:41.0521 0x1868  [ D284AB2CA6C30317D142D38CE1F848BE, 4C9EAE174F5C673CA550C9382E85CE7DAF5DC9965495BAB09078B634A4CDD4FB ] svsvc           C:\WINDOWS\system32\svsvc.dll
20:50:41.0521 0x1868  svsvc - ok
20:50:41.0521 0x1868  [ 2BC4D0EBC2467FE90302AE0AFAF23768, CF8BCC9CA1FBA8407FD044613A2497BEEC641DE463B076F0ED1FA7674C202ADE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
20:50:41.0521 0x1868  swenum - ok
20:50:41.0552 0x1868  [ 13985DA558FBCBFD9108A2CACB5FE494, DD457A73E82147AA90C36D695A47E862FF90D96FB1E22760FAB5780F7C332A46 ] swprv           C:\WINDOWS\System32\swprv.dll
20:50:41.0552 0x1868  swprv - ok
20:50:41.0568 0x1868  [ 572F81CF08972D53BAFFC2A110A2A586, D9AF8EBB31CE097849F93FC8C0F06178B2E1CA8C48D08BBDD85174CCD64A16D6 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
20:50:41.0568 0x1868  Synth3dVsc - ok
20:50:41.0590 0x1868  [ 7DC2B34FB6F1798F2D13453E0321D025, 60EF12A8824384DD88D9C5D188E8FB137F0F85A63C06AAF720CB2D616EB847F4 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
20:50:41.0606 0x1868  SynTP - ok
20:50:41.0621 0x1868  [ 6FBDBC24B1642868E041463795CBFA44, E9FA0DB094E7B2129ABD325BC91A48D6646380D6AA97BE6233C220E0C98637AF ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
20:50:41.0637 0x1868  SynTPEnhService - ok
20:50:41.0668 0x1868  [ 7C29BBF63178BB6788AD1C2B231150A5, 5114AC1260C5447D3B21C7C56D825C1E77FCE388C5630D0200C8256F69EFA6B4 ] SysMain         C:\WINDOWS\system32\sysmain.dll
20:50:41.0690 0x1868  SysMain - ok
20:50:41.0721 0x1868  [ 97E0FD613D031EAA73E8AD259169AC22, E86E9B9C18AF2E79D7CF80B177A12D89418CDBD3CBB74307809DD0377408DB82 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
20:50:41.0721 0x1868  SystemEventsBroker - ok
20:50:41.0737 0x1868  [ 7750219DFABC38261575B6CEFBF84EC6, 50DF85E34AF7C1343281AD0EF34FD94AB0E279DA5C61976ABA0135B8F013C543 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
20:50:41.0737 0x1868  TabletInputService - ok
20:50:41.0768 0x1868  [ C1C6A802C2A9A57029D4347E251F4D18, 9F75B7F003C829FFDB2CDC98231D32FE988754D23873048FA4F6EB82ED1DCED4 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
20:50:41.0768 0x1868  TapiSrv - ok
20:50:41.0853 0x1868  [ DC0D1B5284152315F81894DAABBB2AF3, 8FE66A87910959EDE865FD296878FFFDB5D3100F9041C74060FC2CE19E29C3B2 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
20:50:41.0906 0x1868  Tcpip - ok
20:50:41.0969 0x1868  [ DC0D1B5284152315F81894DAABBB2AF3, 8FE66A87910959EDE865FD296878FFFDB5D3100F9041C74060FC2CE19E29C3B2 ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
20:50:42.0022 0x1868  Tcpip6 - ok
20:50:42.0038 0x1868  [ 1C35A5C62D110346379C55E39A3D547C, 5BDBD593AB51ECA5A6B703E86F300E3B2B153E128BEB9A006ABD827AE726BD62 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
20:50:42.0053 0x1868  tcpipreg - ok
20:50:42.0053 0x1868  [ 892AB2637603A5E9507C39E61101C3C3, 04B06BBEFC033BC9395123AE623E0BB3A241F05AA93EA2625CF2DBE1B3FFD1B6 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
20:50:42.0069 0x1868  tdx - ok
20:50:42.0069 0x1868  [ 96A35CDBA661D41C5A3914257CA1D200, 691ABBAA99C673E7D0B81D811BCC60976C3EC050F2B39B35B87A3BCC211F119A ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
20:50:42.0069 0x1868  terminpt - ok
20:50:42.0106 0x1868  [ 0B5C6D1683CDE89B3488326C60EA6EF2, 3B822CF005FA3002F27FF9BF39E7E133987230DA3481CFCF99F3B2B6B373A718 ] TermService     C:\WINDOWS\System32\termsrv.dll
20:50:42.0122 0x1868  TermService - ok
20:50:42.0137 0x1868  [ 6568EF1B30101979107055B7E515EE58, A318082E5FDD79C9F85E8C00A78EBFA0EC44B1046976E85633DC7BD123DA38B9 ] Themes          C:\WINDOWS\system32\themeservice.dll
20:50:42.0137 0x1868  Themes - ok
20:50:42.0153 0x1868  [ 2ABC11CFC2F03A919AF78A6E3E29C570, 54D91F89993A0FF090E2213EED92DE3659DCB693FBDA5932E31C6D6D7CFC8E80 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
20:50:42.0168 0x1868  TieringEngineService - ok
20:50:42.0190 0x1868  [ 4F9A5CE9F3C75AF1EE4B00D5E69F7CF7, 5FEE41C10629E89BD372E5D6C05A78FC0F2C394F4DE7C70AACC8720C6C6590DA ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
20:50:42.0206 0x1868  tiledatamodelsvc - ok
20:50:42.0206 0x1868  [ E59D4F92FE11B47AB727C6D192CC977F, 1DA06663889A20A1B22DDF90E5C99A5668023C0B89E252F3E820C0D1964B1948 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
20:50:42.0222 0x1868  TimeBrokerSvc - ok
20:50:42.0253 0x1868  [ C83505A5CC15E39D6C6D7B3C20187E5C, A6AB47C041A7C99CB0D5EA706CC31B3D88DC83BAF5AF7E59F651F9D7068D94B2 ] TokenBroker     C:\WINDOWS\System32\TokenBroker.dll
20:50:42.0268 0x1868  TokenBroker - ok
20:50:42.0290 0x1868  [ F76A92975340DAA99939DA297D677EA8, 51DA87E921BBA21BF39D7D9B691CEF8B1D2BCE2BBB0BA5B3C12B7E98CB5C702E ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
20:50:42.0290 0x1868  TPM - ok
20:50:42.0306 0x1868  [ 85E0D4431D61675A94EA99C9E1F56436, 9FA750703E04D20A62DBB0185CBDD70AFC4573FB65F86E61AAF7CF7A7D8E1E3E ] TrkWks          C:\WINDOWS\System32\trkwks.dll
20:50:42.0306 0x1868  TrkWks - ok
20:50:42.0321 0x1868  [ F21A69013A67B372675F523262AC1E33, C3F910E375C0F4B7FFA6F6D755622FF6B0CAE36DF691C938DE177C94815FE3C8 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
20:50:42.0321 0x1868  TrustedInstaller - ok
20:50:42.0337 0x1868  [ 9856BCCD1CD5DE4D17E8DBBA7CEFC688, F4B532DCE6F4728092848FE7B2FC05AB921EC7B3FDD7E62AB40EE0029C008398 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
20:50:42.0337 0x1868  TsUsbFlt - ok
20:50:42.0337 0x1868  [ 837AD2B941E721BCCEB7EF137E2DEE18, 84BE22616A50467B1957434C8BD19C8B0FC3B21CD77FFB8E16A09347CEAE0F4E ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
20:50:42.0337 0x1868  TsUsbGD - ok
20:50:42.0353 0x1868  [ 5DED9E34D133F4A363652CDB595D83F3, E8CFE5DF737D7C2A576B2D6D508977E1F6961122D541DF82AA581C7B3B1C384B ] tsusbhub        C:\WINDOWS\system32\drivers\tsusbhub.sys
20:50:42.0353 0x1868  tsusbhub - ok
20:50:42.0368 0x1868  [ B3142C6118703E98EB0510CF7B43D0F2, 40FDCBAA2AD93026AD479BF8C1B4EE7A4E2E65590608B6B1C5DEB3C4716E5C03 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
20:50:42.0368 0x1868  tunnel - ok
20:50:42.0390 0x1868  [ B097B77121A057AB6D70C647636978D4, 10F78A18AC898CDD0FA91D6FA29B8B45C6D8F6CE65B064C39256EB20FC6CD085 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
20:50:42.0391 0x1868  tzautoupdate - ok
20:50:42.0391 0x1868  [ B4C846ABD462558D45CA578C855759C3, E0F0DD39A6C101C2209CA46EF2B5A5F4559843C9EE37CC08ED78D9E124A566D2 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
20:50:42.0391 0x1868  UASPStor - ok
20:50:42.0406 0x1868  [ 5C2C0296D9EE7DC92A3F14642FBE656D, 94A7D549EC53C71095AD8DE4DB8F846D1DB3438FE2679E41DCAE62C34C0654DD ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
20:50:42.0406 0x1868  UcmCx0101 - ok
20:50:42.0422 0x1868  [ 8BB64E04CD97AD8C68543181D93E2AFC, FBA2FB9A9906721BAD42CDFFCCE0234AF3F72B83E2571E526801F19173B7C9CE ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
20:50:42.0437 0x1868  UcmTcpciCx0101 - ok
20:50:42.0437 0x1868  [ 5A7CE114C8DA9060F32633F81A5625E5, B49163951B380827ADBF13D336D5BDC1EEE90A70058019928A603AA1C24D8EB7 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
20:50:42.0437 0x1868  UcmUcsi - ok
20:50:42.0453 0x1868  [ 5D4EAF3D0911338CB8FDB088386D6DCA, 1AC5B494C39570E66C4D4F867C6B8E37C174FB5D67C2865B07247122F60F8895 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
20:50:42.0469 0x1868  Ucx01000 - ok
20:50:42.0469 0x1868  [ 384E1F0D84B465820416338E52FE7C2B, 8F82778332EA1199987BA569536CBED8FEAF5E9D920321B0C9DFCBDDD91EEA35 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
20:50:42.0485 0x1868  UdeCx - ok
20:50:42.0490 0x1868  [ C82BE75239D412057C9E3DB1785680C6, AE712E40440F5725DA41C95C3E558B5E9ABB17C55B70297DD40D7D1BDA7CE45D ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
20:50:42.0506 0x1868  udfs - ok
20:50:42.0522 0x1868  [ CCDF6EFF952BF3BF34DC17600F479397, 2A2009B3C4BD1A44F1C6E334CB0A7DD02443BCE1EB48837C1C70A2A04CC7C54A ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
20:50:42.0522 0x1868  UEFI - ok
20:50:42.0538 0x1868  [ 244A80A1A881E2B9303A0364AAB33F16, 3C58D5D5B1AF6AB598E6450817381E7D6B8700151B66DCDAD6002E73BD0EDF27 ] UevAgentDriver  C:\WINDOWS\system32\drivers\UevAgentDriver.sys
20:50:42.0538 0x1868  UevAgentDriver - ok
20:50:42.0569 0x1868  [ 5F1DA3635C2F6B74EBFDEBFC747B63B5, 1B456B777C5099A67E405FEF20B5CBCB24C6FCE9ED7A5A421C6574618364FD47 ] UevAgentService C:\WINDOWS\system32\AgentService.exe
20:50:42.0607 0x1868  UevAgentService - ok
20:50:42.0622 0x1868  [ 00BEF71C45FD6B06E7525E7B31EFA88C, C0BDE8CB41BF9A34E395EA86756637E4CD6B88EF1C842364ECA639948D6CD59A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
20:50:42.0622 0x1868  Ufx01000 - ok
20:50:42.0638 0x1868  [ 9450AB15C30CF7D1F23C8A42E778C3A2, E62455008ED5B7220AEE62E0F459A67E26FB2878349ABA5AAF0164C2E7A8C0E9 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
20:50:42.0638 0x1868  UfxChipidea - ok
20:50:42.0654 0x1868  [ CEE12C7A689BDF448715024A7E0EB9C3, EC48E1469800E34A71C8A97A6F2F0B7C67385BCB8438844E6967DE0A82E39B94 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
20:50:42.0654 0x1868  ufxsynopsys - ok
20:50:42.0669 0x1868  [ 5A2F610B31CC3FD23D3E20C1D5F1EF52, D470B7C1CAE066C2DCDBA47001913FB1A7C9CC5B200FB8324DB896B641C1A132 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
20:50:42.0669 0x1868  UI0Detect - ok
20:50:42.0689 0x1868  [ F39ED750EDF5948FA8CD99D1F4EC9372, AE42AE50DE09F26D3CA4ACDCD5ECABD59D26926707030F0532A885266FE83EF9 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
20:50:42.0691 0x1868  umbus - ok
20:50:42.0691 0x1868  [ 55984D4E64C2F8E4223542CBCC15EDEB, ECBC832FBBA6AFCAEDEBB2728FA4A6DDCF52A6421929E72CA29B61CDBED840DF ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
20:50:42.0691 0x1868  UmPass - ok
20:50:42.0707 0x1868  [ FBEF4641E3E08A03CA84AF5C393CA86B, 9A14A0FB645AB6DD0B49F3A14FBF38FECC65796F2503324E93994113CC7AD52F ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
20:50:42.0722 0x1868  UmRdpService - ok
20:50:42.0753 0x1868  [ 5B17D5E9FBF65ED93078DEB687357BAF, 00BC68F16E36681254E72D8D39006F695D38246EAB6ABC6F40E5305D5ACE26A1 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
20:50:42.0785 0x1868  UnistoreSvc - ok
20:50:42.0806 0x1868  [ BBB6BDBE5ADCE6F87F70623D5A1EC5BC, E8BD5804FF82417890A9D1A44096B174E81A8C7AD3059B1F0C62740E0B39D137 ] upnphost        C:\WINDOWS\System32\upnphost.dll
20:50:42.0806 0x1868  upnphost - ok
20:50:42.0822 0x1868  [ 4D23214CB8B1C36B82061280EB8FDAB3, 387C01A7F9D8F89ED894EDF894AAAF8830DD7C90DF2F12A2CB4C4E9C7CB773BE ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
20:50:42.0822 0x1868  UrsChipidea - ok
20:50:42.0837 0x1868  [ 4329D880DB96B504F0DDC991A7374CCD, 1486BEF2C03ED281B24A17D3C18FEA2360E37A6B46D1A67D4690CD871B0A13DA ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
20:50:42.0837 0x1868  UrsCx01000 - ok
20:50:42.0837 0x1868  [ 93FAD0AC5879F274FA248A49E3F3EA33, D936F408E23040B33F30AB3B43D8B8BB9F3CCF2549E821F4C47357987AFF386F ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
20:50:42.0837 0x1868  UrsSynopsys - ok
20:50:42.0853 0x1868  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
20:50:42.0853 0x1868  USBAAPL64 - ok
20:50:42.0869 0x1868  [ 6B09AA6A04C8261E787B6523229E7159, F97BED424E988AC6272D51025FD0D3180E89BAF0FFC83DAB609774D6269B353A ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
20:50:42.0869 0x1868  usbccgp - ok
20:50:42.0889 0x1868  [ ECE3AD18B4C22ED0C4AB1A2AD9AC32C8, 2062D400305075E886CF2C9D710A1C48B3F4AD48E7A75A77C66547357E96CB6E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
20:50:42.0891 0x1868  usbcir - ok
20:50:42.0891 0x1868  [ F8BCB536866474C6D8008F4C69B778A1, F86F4330DE2F50D48559C1ED46168ADB8F6AA7C8FE3834FFE00085C1783C5750 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
20:50:42.0891 0x1868  usbehci - ok
20:50:42.0907 0x1868  [ 4875DC63E548812C75D4FDEF84970C89, 6A29306BAB6F95F0384E16533A9588A654A6E3CFC35D55A4CEB2B14EF34EEE19 ] usbfilter       C:\WINDOWS\system32\DRIVERS\usbfilter.sys
20:50:42.0907 0x1868  usbfilter - ok
20:50:42.0922 0x1868  [ 1F723DA014062DBF3288B408A7611845, 0CCC9360259E6FBC510BBF69AE991A53A92516023AAC32C60A44BD3B43371C66 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
20:50:42.0938 0x1868  usbhub - ok
20:50:42.0953 0x1868  [ B9651548CE196186A72CE8C6D0C094FC, FD46C71C58701DF4CA89BE82BECACB00A0ACFE34A330676BD88666BBB2DE4D6D ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
20:50:42.0969 0x1868  USBHUB3 - ok
20:50:42.0986 0x1868  [ BE6ED98FD0D3FE5FB11762AD7CCD6C96, 54C6C929CA55EA6770474F7E230190FC7574C1FA52437B564B3B5FA4D6106D8A ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
20:50:42.0987 0x1868  usbohci - ok
20:50:42.0991 0x1868  [ CEE43CD5357DB8786CE6E2C430841AE4, 50F4629AE488A12D18EFFAD486D2F95545049AB1F6A3248BA44D2132EEC9A653 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
20:50:42.0991 0x1868  usbprint - ok
20:50:42.0991 0x1868  [ 99F0738B320B7A8D11351A32F68AA5F1, DAA887C31E3F56245C15F04044C12B6E832FA7E837F4107376A6F8D8E3A99FEC ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
20:50:43.0007 0x1868  usbser - ok
20:50:43.0007 0x1868  [ 67E26F56CF7EACCBD9C9F75343A3D7C2, 210FA280897CCCB2458E9E683A8B4CA8A5DF9606B54F8B9CE05CA4AA6FD810AB ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
20:50:43.0023 0x1868  USBSTOR - ok
20:50:43.0023 0x1868  [ 7BA802C9F73A84B75BB22538ADA495BE, 7D97E6305168C4CA86AB9BD5B63300156DFE97032251CB83DB1D4C4DB9C28DC8 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
20:50:43.0023 0x1868  usbuhci - ok
20:50:43.0038 0x1868  [ 50E70B3A95138AA4A30B095270EE0DE6, 9B7072C36230102A089C4A6DFE1980CD9DB28E566EF02830600DEBAF3AAD31C7 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
20:50:43.0054 0x1868  USBXHCI - ok
20:50:43.0107 0x1868  [ 3156FFFB2B3BF5375814F777D343AD9F, C4E63043EB9D9227CDD487608AF9BA25C755D85E5FF8E63C2079D68CCC79E4BB ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
20:50:43.0138 0x1868  UserDataSvc - ok
20:50:43.0169 0x1868  [ C0E60CC6D48013728C7E4168D61A0B39, CA283312E9669BCC74A3B5E6332502D1CAA7148C049B94AF3996F3C7CD2676EF ] UserManager     C:\WINDOWS\System32\usermgr.dll
20:50:43.0190 0x1868  UserManager - ok
20:50:43.0222 0x1868  [ 65D70A530105E0576641493D6292C9EA, 1059285060E700449C6BB99DB0E5E4FF4A32215323F45C11DA7617785F073276 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
20:50:43.0237 0x1868  UsoSvc - ok
20:50:43.0253 0x1868  [ 9936F9E94C6E3F47A158D7BFF020575A, D28F6BBCBA07AD8FC17C99D701A0C9367270C4A504BAAB7B840931BBF333D65D ] VaultSvc        C:\WINDOWS\system32\lsass.exe
20:50:43.0253 0x1868  VaultSvc - ok
20:50:43.0269 0x1868  [ F257A2737280F0076EAE3AB489C06474, A02E37292D86E675D55C13097E9F107C73DDFD8AAC69310F7D9910A811A541D8 ] VClone          C:\WINDOWS\System32\drivers\VClone.sys
20:50:43.0269 0x1868  VClone - ok
20:50:43.0284 0x1868  [ C1EC9211C7759D2487FD30934AA3EE96, 6914BB8B44550DFE75E5A3772E93ADF8459EB621CA400BDD9B7E3185A09B6F9A ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
20:50:43.0287 0x1868  vdrvroot - ok
20:50:43.0307 0x1868  [ 374CD93271184F04988FDC1C25B3E855, 09727093C5F7B258867C16D41F7F9835BF549CC339288BFE01A8F34AC7E93E23 ] vds             C:\WINDOWS\System32\vds.exe
20:50:43.0322 0x1868  vds - ok
20:50:43.0338 0x1868  [ C83F3BC00651448DB127D497CF955089, 31B8838CEED08E7D5DD8635A805A8010798BD9B10A3775FAFDB576FBD7303D39 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
20:50:43.0338 0x1868  VerifierExt - ok
20:50:43.0369 0x1868  [ 0E12F5F6B1C813D17AFDA197C4394423, B0AFDFE0E12633C6D984DA366197BE09ED2649BAFF525FA0DE84701E5B335DB9 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
20:50:43.0389 0x1868  vhdmp - ok
20:50:43.0391 0x1868  [ 1AD096A5C00E522398D0092D875A8CB6, 6959FCD6DD2115CD293DBD4BCD6D1BA0AE4F7495A9BBB48F7388384EEABB38E9 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
20:50:43.0391 0x1868  vhf - ok
20:50:43.0422 0x1868  [ FF9E47752DE943B35D00E5BC96BDC714, 953A14637E310E27BDBD46B3A711875DBE0963AF185A523BC7E002427EA0E710 ] vm331avs        C:\WINDOWS\System32\Drivers\vm331avs.sys
20:50:43.0438 0x1868  vm331avs - ok
20:50:43.0469 0x1868  [ 71B51CF0B12E216D1FA8262B3B8E7DB4, E392CE09E02519AD2E31FB42ECEEDA5D252A9F3F1F9E137AA0726784EF7DFB71 ] vm332avs        C:\WINDOWS\System32\Drivers\vm332avs.sys
20:50:43.0490 0x1868  vm332avs - ok
20:50:43.0490 0x1868  [ EE9A22CFD9AEDD7B52F98B0272494609, F668131BABD048857F011A471936B52EDF0F2A42CB6000ACB4E0E43F88782AAD ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
20:50:43.0506 0x1868  vmbus - ok
20:50:43.0506 0x1868  [ BFBD0895926FD98A03AD6BB845B569B7, 5B7913ACD6CC132B2F36B079BC5F897C21884A7F21046B8996CC3D74C4B6DA4C ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
20:50:43.0506 0x1868  VMBusHID - ok
20:50:43.0522 0x1868  [ C123C97D351C56C75FE5335AB18255EE, 67315E332E863E5C233BA113826A5DEEE08C1A0A3358E6AC21F25DC5EAC86D07 ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
20:50:43.0522 0x1868  vmgid - ok
20:50:43.0537 0x1868  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
20:50:43.0537 0x1868  vmicguestinterface - ok
20:50:43.0553 0x1868  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
20:50:43.0553 0x1868  vmicheartbeat - ok
20:50:43.0569 0x1868  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
20:50:43.0586 0x1868  vmickvpexchange - ok
20:50:43.0590 0x1868  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
20:50:43.0607 0x1868  vmicrdv - ok
20:50:43.0622 0x1868  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
20:50:43.0622 0x1868  vmicshutdown - ok
20:50:43.0638 0x1868  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
20:50:43.0638 0x1868  vmictimesync - ok
20:50:43.0654 0x1868  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
20:50:43.0669 0x1868  vmicvmsession - ok
20:50:43.0669 0x1868  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
20:50:43.0691 0x1868  vmicvss - ok
20:50:43.0691 0x1868  [ 0AB9C264F13E2A070A8CF10EDD099ED2, 2E7EB4EE8DCBBCA497CC0E7F4BE057627E9702B6FAF56A7DBCA1325236C880EC ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
20:50:43.0691 0x1868  volmgr - ok
20:50:43.0707 0x1868  [ 6EE608257C1137A25B402EF8FC77E83A, 3AE684EBA32563468AD917155C93220F938460A699FBFC3DB8436F83C0C54209 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
20:50:43.0722 0x1868  volmgrx - ok
20:50:43.0738 0x1868  [ E3429DBBEA3965BB96E24B16EF4A2551, 0CEE2DEF75C6761DA67AFD3BBF8DEEB1331796719EB84D658B3E517DEC824B49 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
20:50:43.0754 0x1868  volsnap - ok
20:50:43.0754 0x1868  [ 86E790B503C771E674C7DF8FFCBFEFDB, 634B27C4FA363A2165D3D6929D3B22F41EE06198C579A70D446A48830924467B ] volume          C:\WINDOWS\system32\drivers\volume.sys
20:50:43.0754 0x1868  volume - ok
20:50:43.0769 0x1868  [ B25589A0892E6DF8CC07E5CB48BFC954, DA29974426EFD4472A3828FA0EF31AD3860AA8068AB66B5F4BE6A412BC3E73E9 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
20:50:43.0769 0x1868  vpci - ok
20:50:43.0789 0x1868  [ AA4466A47D2CA7ECE3DCF5256017DCC3, 83414BFBD3DF1CB7417F0F55709E8180D97FA20A74581C34EAAFF667FBEBFD93 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
20:50:43.0791 0x1868  vsmraid - ok
20:50:43.0838 0x1868  [ 0BB73BF6FDDD19DE3DE9377EA95E4C64, 74B6E612F9E009A5E43B603BCAD854F3711F6C8A7ED0328B1E3A9B2D4C9EA342 ] VSS             C:\WINDOWS\system32\vssvc.exe
20:50:43.0869 0x1868  VSS - ok
20:50:43.0892 0x1868  [ 98BB6C9AD39D8F2E883093F28282FAEC, 63F4036A1DB23C20AAEEC1CA8ABDE9B46FA09A55EA4E5DB0C0B5D6D58ABAD62F ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
20:50:43.0892 0x1868  VSTXRAID - ok
20:50:43.0907 0x1868  [ B47026E109828102266CBE2F5F9AD113, 28C76B34C48BACEA267A208CC758BB55539323B16300E869AE71B6A99A849AB5 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
20:50:43.0907 0x1868  vwifibus - ok
20:50:43.0907 0x1868  [ 799ECD541A9B2764B36A22A095885365, E255E74682927D662294AA3F88FDA211EEE603466EB264E8941C3BACC6A0E530 ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
20:50:43.0907 0x1868  vwififlt - ok
20:50:43.0923 0x1868  [ 82CA088A33517D1C8571D6850CC13D7E, 0401A08EAF36DB393B74FE8693C60F62EDE10BBC9300C76812C7D01B6AE9A051 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
20:50:43.0923 0x1868  vwifimp - ok
20:50:43.0938 0x1868  [ E75460AC4E936BFC0703021DB0BB17B8, D9985C3206B503659FD2F4EE7FD0B9AF8CB2DE821BFD68B13C9E3BD9CE5AEF6B ] W32Time         C:\WINDOWS\system32\w32time.dll
20:50:43.0954 0x1868  W32Time - ok
20:50:43.0970 0x1868  [ F0F477541F7AF67CC05DA1CF4921A500, F7DD2F49B61C484596DE3893683B1172A138386BD71F54BFCF37A31005C7368F ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
20:50:43.0970 0x1868  WacomPen - ok
20:50:43.0991 0x1868  [ A0957CBC1C054A87EE7A65A994102A96, CB6339F3F67D0E33C26E6756F88869574B84426B20C907E094F83B9DC5E36A3E ] WalletService   C:\WINDOWS\system32\WalletService.dll
20:50:43.0991 0x1868  WalletService - ok
20:50:44.0007 0x1868  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:50:44.0007 0x1868  wanarp - ok
20:50:44.0007 0x1868  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:50:44.0023 0x1868  wanarpv6 - ok
20:50:44.0054 0x1868  [ EA0524A2A01792796EC80AE2FE08307A, 68CC0F3451C6797222411C276376C7741C96C45E628DD77FB1FB17C10DC0EA8A ] wbengine        C:\WINDOWS\system32\wbengine.exe
20:50:44.0091 0x1868  wbengine - ok
20:50:44.0123 0x1868  [ 4D5CDE84068F3D4613C3C17CFEA4515D, 2F011CE35AAAD8BA7AD61E1FBDAC225A3C1B06EFE89CAE2FCC65E92BF4AB1CC0 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
20:50:44.0154 0x1868  WbioSrvc - ok
20:50:44.0170 0x1868  [ 923200B78F5284D674A3712204D0FEFA, 4B00785D2E9D12052C2C8E80C568606E0148AA230285D4018A0A603E16224CEE ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
20:50:44.0170 0x1868  wcifs - ok
20:50:44.0192 0x1868  [ 9DDD15FCE0BE61F25C20CC7E2A96B77C, 072E6B3D86CD4F4A55305986E3848A47B7E8000FF5AEFE8A206FD4F7BE958872 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
20:50:44.0223 0x1868  Wcmsvc - ok
20:50:44.0239 0x1868  [ 2C396871F724DDF871A2EF4CADE5151D, 8CAD8A393F0CC447432E1BED21A691E25356F7DBC06E3887138A6F86CB1D656D ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
20:50:44.0254 0x1868  wcncsvc - ok
20:50:44.0270 0x1868  [ 1737BEF60CA384423CE4B32AF1C2BFFC, D61353D3B2EAEDFDCBB5DB3AD27E76396CC7755AFF01233307EAA1967493DE63 ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
20:50:44.0270 0x1868  wcnfs - ok
20:50:44.0270 0x1868  [ 38130C1C5FE0E08820EE57E1B087B659, 3705AA4699D4C402C0BBC5BC4E1EE67CB4A4B9C27702E88952A76891C3A3F496 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
20:50:44.0286 0x1868  WdBoot - ok
20:50:44.0308 0x1868  [ 0C6CBF3490EE5F0D62B5820568CA30B8, 97EDEC84DA72A900D7740B8763DDDAB600628F3F1E1DDE1212383C2E60FDC77C ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
20:50:44.0323 0x1868  Wdf01000 - ok
20:50:44.0339 0x1868  [ F7B6CB0F9ECD28848E2BDACEAB0D9204, B64D91A36600AEBE656F0514AF8653C294DE88054FE6DBB7B1A6D0A23D2A5131 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
20:50:44.0354 0x1868  WdFilter - ok
20:50:44.0370 0x1868  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
20:50:44.0370 0x1868  WdiServiceHost - ok
20:50:44.0370 0x1868  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
20:50:44.0389 0x1868  WdiSystemHost - ok
20:50:44.0408 0x1868  [ BF45B43BA47D0FA769CE5AFBF7104F01, CBEEC0E915162BEBFCD2CA9EF72C02E82AFAB2A016F1750A7982975A94599CF6 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
20:50:44.0424 0x1868  wdiwifi - ok
20:50:44.0439 0x1868  [ 82A4F22C884B4BAE8B531640859F9871, 1C662557F671FA680E7CC2FC565B198470E421778BD03749CD05B2928568C430 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
20:50:44.0439 0x1868  WdNisDrv - ok
20:50:44.0439 0x1868  WdNisSvc - ok
20:50:44.0455 0x1868  [ 9066FE8EAB91E15437CB3C43757F2A65, 1F8B3D8C90C7862CCAB91D170F49E7F1D58FABAFA1C8DDDE1796404D1DD98707 ] WebClient       C:\WINDOWS\System32\webclnt.dll
20:50:44.0470 0x1868  WebClient - ok
20:50:44.0486 0x1868  [ F322B8E6C5614E7975C8BF34B7A6710E, 299816001856E8C91BFBB9C48D87B7ACBD5A39F6A65147F5AE6EDB3065A893E9 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
20:50:44.0492 0x1868  Wecsvc - ok
20:50:44.0492 0x1868  [ 04CA184EB5743DE5A2CCEEF2DB2DA8B3, E16921496F57B78A152A103F8D58601C9687360048A6CB51E76A96E3B64CC0FA ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
20:50:44.0492 0x1868  WEPHOSTSVC - ok
20:50:44.0508 0x1868  [ BA78F20F7FD7709EA3AAAD91F8535EDA, D1DFBFCBBB8D4D992FBF3B340DB6A2F5DDC7E55F52E1100297EA2004FF752A2B ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
20:50:44.0508 0x1868  wercplsupport - ok
20:50:44.0523 0x1868  [ E5AE3B23620126483B957BDFF38FE7B7, 306AAA0B37F3914FE590A5DBFBF640C79173150C006BC7A6CF1683D85C0AFC5F ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
20:50:44.0539 0x1868  WerSvc - ok
20:50:44.0554 0x1868  [ 4D64719B4819CA22A046EC32809BBD98, 0ABD6C7D039E57F5637E843388FA8D52072237061EB75C7CDEBC9E13A6C8F06E ] WFDSConMgrSvc   C:\WINDOWS\System32\wfdsconmgrsvc.dll
20:50:44.0570 0x1868  WFDSConMgrSvc - ok
20:50:44.0587 0x1868  [ 3C8F0ABD00E197101DCF43FEF8FB0D76, AF5C68B85EE1503ACD4AEA1D997F816C34293A77791D59A605DC18450B4906DE ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
20:50:44.0592 0x1868  WFPLWFS - ok
20:50:44.0592 0x1868  [ 2DEB40D6837956CE08A8F9EB3ECA5A01, B40D23E54CDF6BE05D6C5DA536BF6D998E79EDE9C391A42452F9F69EE206EA1E ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
20:50:44.0592 0x1868  WiaRpc - ok
20:50:44.0608 0x1868  [ 75014BF6510D4C6C69EEE5B7743A52AF, 11AEEF4D52C35E5A7006713836ECF1198A53CD02736E792B1C698144CA1363F0 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
20:50:44.0608 0x1868  WIMMount - ok
20:50:44.0608 0x1868  WinDefend - ok
20:50:44.0639 0x1868  [ C8EBCFED8FD2CDF725E44AF93016621E, A0B76E55CC535A0F1D79C3C0EC59753086EAB669EC7ADA4F97656DCAD2A69448 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
20:50:44.0639 0x1868  WindowsTrustedRT - ok
20:50:44.0639 0x1868  [ D318557F9D7CA3836104F0B8ECB1F32E, 6850BBFB4F65167B052F3CA22FD72E9188A14FD2A9CC085861B4BC40CBA34249 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
20:50:44.0639 0x1868  WindowsTrustedRTProxy - ok
20:50:44.0670 0x1868  [ 61F0D6574577499FB43D9F4870B08A7F, 757ACD4F292C43B04B6428D84A7147DE8E565716D94B6B02F288F3B5E2D1C135 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
20:50:44.0692 0x1868  WinHttpAutoProxySvc - ok
20:50:44.0708 0x1868  [ 31DDF1D001336B2DCE7DF24E99EF1D04, A1FCABF4A263BFAE042FE7A9F6C15FD9B3D8E985278C32AE8975ECE79B341277 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
20:50:44.0708 0x1868  WinMad - ok
20:50:44.0724 0x1868  [ 9A26F7834706A6D8C8824EB08FD7C362, 750F6A0759D70BE481C70FE4BB21D18E756A8F0C23A014C2CE1E7729A1E625FE ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
20:50:44.0724 0x1868  Winmgmt - ok
20:50:44.0739 0x1868  [ 2E1A614EFB0523E20860AE7978DDA0A4, E13564690F9977747CA676D3843B467506447F060A5FF6676835A9C7A30BA409 ] WinNat          C:\WINDOWS\system32\drivers\winnat.sys
20:50:44.0755 0x1868  WinNat - ok
20:50:44.0824 0x1868  [ 27DAA9AA3E03C1068678D5659461BB32, AFDED6D671C430F296C9EAA73590111D6A8A9FA93DFE0595B90467FFE28EFB35 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
20:50:44.0871 0x1868  WinRM - ok
20:50:44.0912 0x1868  [ 03858B18BB6DF6A400D9FC5153FD28A8, C7AD69B022AEFDDDAFB74CCCDF20AF9CCDBA0097634BBBD07A2EFBA5922560C1 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
20:50:44.0912 0x1868  WINUSB - ok
20:50:44.0912 0x1868  [ 0BF4A43CF1F3A4D50AFA4561C3B4628D, 2D0B4E7004C8AC8A9EE07E6D5241BF32395CA142BF3B03FA9CF00BC6720A6AC7 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
20:50:44.0912 0x1868  WinVerbs - ok
20:50:44.0944 0x1868  [ 11DDD4C9BDF095A5F5B5ACA98FBBF7A2, CFA76C197987CC9EBFE4AC2AD6FE9A9620819B50E9DD423BCE13F7DB5DA641D8 ] wisvc           C:\WINDOWS\system32\flightsettings.dll
20:50:44.0959 0x1868  wisvc - ok
20:50:45.0028 0x1868  [ E624376E7E7D9AC203113140D9E618A2, 3553D343665194492E38B8C437DE429CEAC135D69EC0CB951BA3E3A7549F673E ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
20:50:45.0090 0x1868  WlanSvc - ok
20:50:45.0143 0x1868  [ 2393C4DB3DF3D19B0B920AD607098E79, D632671247DE3808D9C5B36A3FF173C86BB3AD274D03C851BCD417CE62B3820D ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
20:50:45.0206 0x1868  wlidsvc - ok
20:50:45.0243 0x1868  [ E5AB2E0B4F766E34AFC768D9769A24D7, 0DE04B2F43B9DCC92F9215B1058EE4ABA228B9986051CF39959555C12DF017B3 ] wlpasvc         C:\WINDOWS\System32\lpasvc.dll
20:50:45.0275 0x1868  wlpasvc - ok
20:50:45.0275 0x1868  [ 0D6E1347A891607759340B1E55BA2A77, 033DF14920A581FE7E21C6930280AE159B5634F2FEAF79423E8D0B7D46500048 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
20:50:45.0275 0x1868  WmiAcpi - ok
20:50:45.0290 0x1868  [ F7B122E8A238354DE344B77216E8D9AC, 3C4F864655CFF786B33333E643AA929B2D2B01ECD56EEEEADE7CEAB38249DA3B ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
20:50:45.0310 0x1868  wmiApSrv - ok
20:50:45.0313 0x1868  WMPNetworkSvc - ok
20:50:45.0328 0x1868  [ 1AE1076034392218EE89D2744EC2A071, 695C28E2697B12BBD919687176CE082E94887A5D8B6229F163A26F6EDF401C4C ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
20:50:45.0328 0x1868  Wof - ok
20:50:45.0391 0x1868  [ D571821EDAA1F23EB521314FB9AA1C88, 7F16E6915060BD5FABE0805284631F92EEC11234579D09C3CEDDBF73D312E7F5 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
20:50:45.0428 0x1868  workfolderssvc - ok
20:50:45.0444 0x1868  [ 2AD9CC8445F0E1A8900A9DE123643CD2, A5928B26722DFBB201A32DEF48B25D4BF291815EA68CF50CBE79EEA9260A71E3 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
20:50:45.0444 0x1868  WPDBusEnum - ok
20:50:45.0459 0x1868  [ 1FD80CBB192A20375F3664639DEB57B5, 7A4789D4B2F8E289726E1C723DC00D5AC1F8C5E00FB2879C9D0E6DDC97D2B1A6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
20:50:45.0459 0x1868  WpdUpFltr - ok
20:50:45.0475 0x1868  [ 3369EF007E43B88EAC8F1789B43D4393, 347F9F7DF980BB739895EDFE72E2E595EF56634330DC63DAA36403AB232B5B5A ] WpnService      C:\WINDOWS\system32\WpnService.dll
20:50:45.0475 0x1868  WpnService - ok
20:50:45.0491 0x1868  [ 41403B9466EDA80FACD7713478A56DF8, A71BF9C7A2483FE1F660AC9688FCB38BA2310F16A69EB117C948458364953F34 ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
20:50:45.0491 0x1868  WpnUserService - ok
20:50:45.0512 0x1868  [ DAF4451760B46CB383D287C4FAFFE97D, 658AFE31EF50E934FEDD2E7048257DBFE9E6DE5F1ACDC658B21737391CF1CC5A ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
20:50:45.0512 0x1868  ws2ifsl - ok
20:50:45.0528 0x1868  [ D4A0661AB0FE542460CA76BFB4FAA2D6, 149F0A0720C47BFFCA68165A46382E5CBB273F48483DBB598CEA320801664718 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
20:50:45.0528 0x1868  wscsvc - ok
20:50:45.0543 0x1868  [ F6E37A2C168A58F0172DA50018959228, C97305641F63BC84F5207A739F442ACB0A5FD9262331BB61C4B00CF2C6D94121 ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
20:50:45.0543 0x1868  WSDPrintDevice - ok
20:50:45.0543 0x1868  [ F454BF3F0D3F19057B8612CA523D22D5, 869EC91E7D709C15ADF9D53C82A87F2D5220ED3CA44CEBF34F4D601E78DA0481 ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
20:50:45.0559 0x1868  WSDScan - ok
20:50:45.0559 0x1868  WSearch - ok
20:50:45.0628 0x1868  [ 359A4FC47628C0E66894B80C97932C71, 2E4A70754619285184BA605800A9ACBB0658E7EC005271652BD465A34015B990 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
20:50:45.0675 0x1868  wuauserv - ok
20:50:45.0691 0x1868  [ 455609BF60DA3B57EEAB863DEFCCF14D, F55271C42B7AFD17D01275703719C1F52C21996DB82AC78A70A8A8B62370623B ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
20:50:45.0708 0x1868  WudfPf - ok
20:50:45.0712 0x1868  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
20:50:45.0712 0x1868  WUDFRd - ok
20:50:45.0728 0x1868  [ 9EFE23CA208BF4B613FF4A6028DFAB10, 483D8D8DA578BF3EA5617EAB42457543EC6F97C1977BDD8ABFDF854AE3AAFD35 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
20:50:45.0728 0x1868  wudfsvc - ok
20:50:45.0744 0x1868  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:50:45.0759 0x1868  WUDFWpdFs - ok
20:50:45.0759 0x1868  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:50:45.0775 0x1868  WUDFWpdMtp - ok
20:50:45.0812 0x1868  [ B0C56930417D00E44B3FDBF6FC282943, 837776DBB83184015E7B0C5821E914325E39A8CF51497A95389B33C1E995C55E ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
20:50:45.0844 0x1868  WwanSvc - ok
20:50:45.0859 0x1868  [ FC0147AB34C7CDB2D8A1B29C207F2CD1, 737D40A4BE35AD13C091D8E320FAD3FD7C0C7E41C8B50E48D3C2151712A55718 ] xbgm            C:\WINDOWS\System32\xbgmsvc.dll
20:50:45.0875 0x1868  xbgm - ok
20:50:45.0908 0x1868  [ 8C7C5945C3545CA767BE111D78C15314, 5A938679DA3EDA2D9CA7034908DFEFCC7DAADB10DFD0CF4ECE882FF536D1BFA2 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
20:50:45.0928 0x1868  XblAuthManager - ok
20:50:45.0959 0x1868  [ A8BD191F46CC58E45637CB3E262CF0F2, CA65524427ECDB5E1138A5F8E885566064E507BA60FC31E0D9D17B9556CC9ADC ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
20:50:45.0991 0x1868  XblGameSave - ok
20:50:46.0009 0x1868  [ B10655A4C2EFDC25483D670EF52A4854, 2D9DC81AE73FDFE7F4E395BEC8E806E6BAD8DE0470027EEEC256AC4A4B7C7AA4 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
20:50:46.0012 0x1868  xboxgip - ok
20:50:46.0012 0x1868  [ E099DED5C602AE4A7ECCF7CD4B1D2E33, 7FDAFFE13B87A8E6AA8721F8905FFF6EF04CAB93009F68EDA862B57EBB04514F ] XboxGipSvc      C:\WINDOWS\System32\XboxGipSvc.dll
20:50:46.0028 0x1868  XboxGipSvc - ok
20:50:46.0059 0x1868  [ EF83C2EF7F152DFDC6D9F1AEC6FBE66F, 21D4FCD12F9D40D066F05936131A4F7BAB301DD800C85921476EC182B9D27D0B ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
20:50:46.0075 0x1868  XboxNetApiSvc - ok
20:50:46.0091 0x1868  [ 2E50A379A8E4F6C5D85E87C26C08D329, ADA0C344FE58A3772FFF7417268160E488741C5B2F08CA12ED587AB7F75756F6 ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
20:50:46.0091 0x1868  xinputhid - ok
20:50:46.0091 0x1868  ================ Scan global ===============================
20:50:46.0113 0x1868  [ EEA8447A2E39A39F66C74BA66C421F92, 7FFC5294E0D0438E7450ED36947AB04D0C84DF4E1C9F2D49340D3BA586FFFAB2 ] C:\WINDOWS\system32\basesrv.dll
20:50:46.0113 0x1868  [ 981EC77511EBFE8AE5731C08A194A685, DBA05F38AB2536BF6BAC2103843CBAA46E601D9DCF4B72628CAA13F8E37DDB9D ] C:\WINDOWS\system32\winsrv.dll
20:50:46.0128 0x1868  [ 7DD72CBE412C9567661F4B1CE9631FC1, 8D914805CBDAF448C8C132C4C3FEB1D90804F4F485180F7364A75EC5655A4DDB ] C:\WINDOWS\system32\sxssrv.dll
20:50:46.0144 0x1868  [ 800D00D1A7ADA9E341CACDF287347584, 70AD5A458203B35F227F3F6B4783D00424C96AA9E29DB3090CEC8C00E62CD8E5 ] C:\WINDOWS\system32\services.exe
20:50:46.0160 0x1868  [ Global ] - ok
20:50:46.0160 0x1868  ================ Scan MBR ==================================
20:50:46.0160 0x1868  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:50:46.0275 0x1868  \Device\Harddisk0\DR0 - ok
20:50:46.0275 0x1868  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:50:46.0913 0x1868  \Device\Harddisk1\DR1 - ok
20:50:46.0913 0x1868  ================ Scan VBR ==================================
20:50:46.0928 0x1868  [ 011A6B3F71BA741AAC252C047FE1DC4D ] \Device\Harddisk0\DR0\Partition1
20:50:46.0928 0x1868  \Device\Harddisk0\DR0\Partition1 - ok
20:50:46.0928 0x1868  [ 6EDE1E8A9EB84795AB7A8208DF1CD0D5 ] \Device\Harddisk0\DR0\Partition2
20:50:46.0928 0x1868  \Device\Harddisk0\DR0\Partition2 - ok
20:50:46.0928 0x1868  [ 41EC14B666F951E34A27989AB5E9241E ] \Device\Harddisk1\DR1\Partition1
20:50:46.0928 0x1868  \Device\Harddisk1\DR1\Partition1 - ok
20:50:46.0928 0x1868  ================ Scan generic autorun ======================
20:50:46.0928 0x1868  SecurityHealth - ok
20:50:47.0288 0x1868  [ 3F6E7F06228159E86B2B69E358843DB8, 2CCE54D0D74DDAD012ADBEF13D0F248066B6CF7CDE162CD953D01E5D58768600 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:50:47.0560 0x1868  RtHDVCpl - ok
20:50:47.0629 0x1868  [ 59F8DA04498B80D58FD8638370C5C84F, 522F347F1F1B3991FDC60FF3CE8F8ABB2EDFE65C569D18EF5ACB690FD1BADC82 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
20:50:47.0660 0x1868  RtHDVBg_Dolby - ok
20:50:48.0097 0x1868  [ 65EE16AACAEBAF3D8EDEA422177B2DA0, D15F841043D04ACE2F3D376F0EA2A3F42B4FAAE78C82913529EB8576608D0B22 ] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
20:50:48.0450 0x1868  Energy Management - ok
20:50:48.0486 0x1868  [ 5EAF38FC08B9DE07AE8A3D814A3CF959, F9F1844F20106EE77664B848A056D6E06105647C61FC2F2B64BDFD05F76E7E3D ] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
20:50:48.0490 0x1868  EnergyUtility - ok
20:50:48.0493 0x1868  [ B3E7F1FBF29EF94A797238B9ACB8D993, AB639B4D972E4FB1A4030C9269078138EABC82A517F39AFDFB77CC70FA5D247A ] C:\Program Files\iTunes\iTunesHelper.exe
20:50:48.0509 0x1868  iTunesHelper - ok
20:50:48.0524 0x1868  [ CA222BA9C524823D5E8E8B19D854A50E, F6E6FC71CF8756280BCDCAC0A920153F3D64EE5961CEAA220A7E85FB9249CBD7 ] C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
20:50:48.0556 0x1868  GoPro Tray App - ok
20:50:48.0556 0x1868  SynTPEnh - ok
20:50:48.0624 0x1868  [ 5602FF42444B4991E69C62E493BDAEC4, 7AE46CA0CD1E1C091B31EE4A691C26823E0F1AB1CA6B1C29E6C662BF7E28A996 ] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
20:50:48.0699 0x1868  Malwarebytes TrayApp - ok
20:50:48.0723 0x1868  [ 279175F66914D5BE0D3A3DD9F85FD5B3, 24FC4EF12209BBACD523570E66182D9470A3499BB74FD50E890298281F422097 ] C:\Program Files (x86)\USB Camera\VM331STI.EXE
20:50:48.0738 0x1868  331BigDog - ok
20:50:48.0743 0x1868  [ 3BD79A1F6D2EA0FDDEA3F8914B2A6A0C, 332E6806EFF846A2E6D0DC04A70D3503855DABFA83E6EC27F37E2D9103E80E51 ] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
20:50:48.0743 0x1868  VirtualCloneDrive - ok
20:50:48.0743 0x1868  [ 1DF3DCE54EDF5E85D15BA381ED98FAC3, 91CDEC8ADD48A40AB4D4E49B5AF0CEB01AA7A063B6C2103E16038D46C417868F ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
20:50:48.0759 0x1868  ControlCenter4 - ok
20:50:48.0821 0x1868  [ 63E9C23A386FFFA84B5E03BFF9B628F0, A370962791EFC4B10548AAD31F89A2B288FBD5BDBF5749323C2D98C14DFB8B49 ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
20:50:48.0889 0x1868  BrStsMon00 - ok
20:50:48.0905 0x1868  [ 3A5D0E1BF0D7B954FD3A8BE474FCAABA, 2B41DF59122496519C8B68518AD566F3B7F28BECD089BF15B50D3D78C7369760 ] C:\Program Files (x86)\USB Camera2\VM332STI.EXE
20:50:48.0921 0x1868  332BigDog - ok
20:50:48.0943 0x1868  [ 1F35083E66928458C92CDF178B77629B, C3B8ED442F25622D7E58BD697B175E39DF184674C7AF6091CF756137E165F71F ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
20:50:48.0959 0x1868  StartCCC - ok
20:50:49.0005 0x1868  [ B9991DA2D948F22C10C527DF612554D4, F561D22599B5F11AFDDA199533654B980A7E0550A75E3D8F116C67FC72662AF5 ] C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe
20:50:49.0059 0x1868  Syncios device service - ok
20:50:49.0602 0x1868  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
20:50:50.0050 0x1868  OneDriveSetup - ok
20:50:50.0576 0x1868  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
20:50:50.0997 0x1868  OneDriveSetup - ok
20:50:51.0058 0x1868  [ 90029F7160037122DA12101C0C8850F7, DE4BFD8E60AC0222EACCA8BAC94562ED2B38CBEF569F8B927CCD197735655AC0 ] C:\Users\nicol\AppData\Local\Microsoft\OneDrive\OneDrive.exe
20:50:51.0090 0x1868  OneDrive - ok
20:50:51.0174 0x1868  [ 5614A72C29D1BBEAD78FE507013B2488, 725BB9E65C18C83A7FD560242E72931358F4B7950F22DEC5FA434845B3221BD7 ] C:\Program Files (x86)\Steam\steam.exe
20:50:51.0243 0x1868  Steam - ok
20:50:51.0274 0x1868  [ F4BBAAC708FA033EEA88BA070E43DF51, C0A99216B05790B83BBCF10732F5F8E907ABB732FA7F90C2F7B5E0AA2D8B7920 ] C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe
20:50:51.0305 0x1868  AppEx Accelerator UI - ok
20:50:51.0552 0x1868  [ 4A4FF358B1ECCAEDBBDAEF293613CEC5, 0697FCBC726F2BC2573495CD878F9309235DB7289DD76FB9406233D01D546272 ] C:\Program Files\CCleaner\CCleaner64.exe
20:50:51.0751 0x1868  CCleaner Monitoring - ok
20:50:51.0873 0x1868  [ 69873E6FB6910831FDDE79469981C4C0, B2520C28721F99450651036B1CBB827BC2B4869331FE4C488BF80B5C81302AD9 ] C:\Program Files (x86)\Delivery Tech Corp\MailStyler 1\MailStyler.exe
20:50:51.0969 0x1868  MailStylerWarmup - ok
20:50:51.0973 0x1868  Waiting for KSN requests completion. In queue: 285
20:50:53.0004 0x1868  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.11.15063.332 ), 0x61100 ( enabled : updated )
20:50:53.0020 0x1868  Win FW state via NFP2: disabled ( trusted )
20:50:53.0484 0x1868  ============================================================
20:50:53.0484 0x1868  Scan finished
20:50:53.0484 0x1868  ============================================================
20:50:53.0497 0x1d08  Detected object count: 0
20:50:53.0497 0x1d08  Actual detected object count: 0
20:51:01.0305 0x1310  Deinitialize success

M-K-D-B · 01.08.2017, 20:29

Servus,

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- Tracing Schlüssel
- Prefetch Dateien
- Proxy
- Winsock
- Firewall
- IE Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist. Am Ende des Suchlaufs öffnet sich automatisch eine Logdatei. Schließe diese.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Klicke am Ende der Bereinigung auf Jetzt neu starten. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die zwei neuen Logdateien von FRST.

Nicky_86 · 01.08.2017, 21:08

AdwCleaner

Code:

ATTFilter

# AdwCleaner 7.0.1.0 - Logfile created on Tue Aug 01 19:52:07 2017
# Updated on 2017/05/08 by Malwarebytes 
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::Firewall rules cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [1492 B] - [2017/7/24 16:39:50]
C:/AdwCleaner/AdwCleaner[S0].txt - [1340 B] - [2017/7/24 16:20:5]
C:/AdwCleaner/AdwCleaner[S1].txt - [1407 B] - [2017/7/24 16:39:25]
C:/AdwCleaner/AdwCleaner[S2].txt - [1147 B] - [2017/8/1 19:51:29]


########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

mbam.txt

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 01.08.17
Scan-Zeit: 21:55
Protokolldatei: mbam.txt
Administrator: Ja

-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.160
Version des Aktualisierungspakets: 1.0.2484
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 15063.483)
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-AESMRB4\Nicol

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 368439
Erkannte Bedrohungen: 0
(keine bösartigen Elemente erkannt)
In die Quarantäne verschobene Bedrohungen: 0
(keine bösartigen Elemente erkannt)
Abgelaufene Zeit: 2 Min., 24 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)

frst

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-07-2017
durchgeführt von Nicol (Administrator) auf DESKTOP-AESMRB4 (01-08-2017 22:00:39)
Gestartet von C:\Users\nicol\Desktop
Geladene Profile: Nicol (Verfügbare Profile: Nicol)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13650648 2013-08-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2017-06-03] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2017-06-03] (Lenovo(beijing) Limited)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [866224 2017-03-16] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2017-06-03] (Synaptics Incorporated)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [571928 2017-06-03] (Vimicro)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332STI.EXE [548864 2012-03-20] (Vimicro)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-10-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe [1910424 2017-06-06] ()
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3062560 2017-07-18] (Valve Corporation)
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe [1000288 2012-05-22] (AppEx Networks Corporation)
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9773272 2017-05-19] (Piriform Ltd)
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\Run: [MailStylerWarmup] => C:\Program Files (x86)\Delivery Tech Corp\MailStyler 1\MailStyler.exe [4121136 2016-03-03] (Delivery Tech Corp.)
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [804352 2017-03-18] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2017-06-04]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.30.1
Tcpip\..\Interfaces\{4485d479-dc85-417b-827a-48be184f3958}: [DhcpNameServer] 192.168.30.1

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-11-15] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: csmnkq8q.default
FF ProfilePath: C:\Users\nicol\AppData\Roaming\Mozilla\Firefox\Profiles\csmnkq8q.default [2017-08-01]
FF Extension: (FEBE) - C:\Users\nicol\AppData\Roaming\Mozilla\Firefox\Profiles\csmnkq8q.default\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2017-06-03]
FF Extension: (Greasemonkey) - C:\Users\nicol\AppData\Roaming\Mozilla\Firefox\Profiles\csmnkq8q.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2017-06-04]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-06-04] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-06-04] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-04-06] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-04-06] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-04-06] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-04-06] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-11-15] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-11-15] (Microsoft Corporation)

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-10-29] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2251992 2017-07-03] (Broadcom Corporation.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [976600 2013-08-19] (Broadcom Corporation.)
S3 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2017-04-13] (Foxit Software Inc.)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2017-03-16] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2169696 2017-07-11] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3149672 2017-07-11] (Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2017-06-03] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [82704 2017-06-03] (Advanced Micro Devices, Inc.)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111120 2017-06-03] (Advanced Micro Devices)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [173312 2017-07-03] (Broadcom Corporation.)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7474864 2013-08-07] (Broadcom Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-27] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188352 2017-07-24] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-08-01] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-08-01] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-08-01] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-08-01] (Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek                                            )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410848 2017-06-03] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [648872 2017-06-03] (Vimicro Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-08-01 21:59 - 2017-08-01 21:59 - 000001408 _____ C:\Users\nicol\Desktop\mbam.txt
2017-08-01 21:48 - 2017-08-01 21:48 - 008185288 _____ (Malwarebytes) C:\Users\nicol\Downloads\adwcleaner_7.0.1.0.exe
2017-08-01 20:49 - 2017-08-01 20:54 - 000283112 _____ C:\Users\nicol\Desktop\TDSSKiller.3.1.0.15_01.08.2017_20.49.59_log.txt
2017-08-01 20:49 - 2017-08-01 20:53 - 000041296 _____ C:\Users\nicol\Desktop\Addition.txt
2017-08-01 20:49 - 2017-08-01 20:49 - 004922400 _____ (AO Kaspersky Lab) C:\Users\nicol\Downloads\tdsskiller.exe
2017-08-01 20:49 - 2017-08-01 20:49 - 004922400 _____ (AO Kaspersky Lab) C:\Users\nicol\Desktop\tdsskiller.exe
2017-08-01 20:48 - 2017-08-01 22:00 - 000015664 _____ C:\Users\nicol\Desktop\FRST.txt
2017-08-01 20:48 - 2017-08-01 22:00 - 000000000 ____D C:\FRST
2017-08-01 20:48 - 2017-08-01 20:47 - 002381312 _____ (Farbar) C:\Users\nicol\Desktop\FRST64.exe
2017-08-01 20:47 - 2017-08-01 20:47 - 002381312 _____ (Farbar) C:\Users\nicol\Downloads\FRST64.exe
2017-07-31 17:39 - 2017-07-31 17:39 - 000034623 _____ C:\Users\nicol\Desktop\Anmeldung Gemeinde1.pdf
2017-07-31 17:36 - 2017-07-31 17:36 - 000040583 _____ C:\Users\nicol\Desktop\Anmeldung Gemeinde.pdf
2017-07-28 19:34 - 2017-07-28 19:34 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2090734139-1850318513-3907554720-1001
2017-07-28 19:34 - 2017-07-28 19:34 - 000000000 ___HD C:\OneDriveTemp
2017-07-26 18:35 - 2017-07-26 18:36 - 242020184 _____ (Lenovo Group Limited ) C:\Users\nicol\Downloads\0nwl01wb(1).exe
2017-07-26 17:31 - 2017-07-26 17:18 - 170242954 ____N C:\Users\nicol\Desktop\IMG_4516.MOV
2017-07-24 22:40 - 2017-08-01 21:52 - 000000971 _____ C:\Users\nicol\Desktop\Neues Textdokument.txt
2017-07-24 19:01 - 2017-08-01 21:53 - 000101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-07-24 19:01 - 2017-08-01 21:53 - 000093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-07-24 19:01 - 2017-08-01 21:53 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-07-24 19:01 - 2017-07-24 19:08 - 000188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-07-24 19:00 - 2017-08-01 21:53 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-24 19:00 - 2017-07-24 19:00 - 065033984 _____ (Malwarebytes ) C:\Users\nicol\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-07-24 19:00 - 2017-07-24 19:00 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-24 19:00 - 2017-07-24 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-24 19:00 - 2017-07-24 19:00 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-07-24 19:00 - 2017-07-24 19:00 - 000000000 ____D C:\Program Files\Malwarebytes
2017-07-24 19:00 - 2017-06-27 12:06 - 000077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-07-24 18:18 - 2017-08-01 21:52 - 000000000 ____D C:\AdwCleaner
2017-07-24 18:18 - 2017-07-24 18:18 - 008162248 _____ (Malwarebytes) C:\Users\nicol\Downloads\adwcleaner_7.0.0.0.exe
2017-07-24 18:17 - 2017-07-24 18:17 - 002611632 _____ C:\Users\nicol\Downloads\Adaware_Installer121856.exe
2017-07-24 18:17 - 2017-07-24 18:17 - 000000000 ____D C:\ProgramData\adaware
2017-07-24 17:43 - 2017-07-24 17:44 - 000000444 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2017-07-23 20:22 - 2017-07-23 20:22 - 000218129 _____ C:\Users\nicol\Downloads\h2testw_1.4.zip
2017-07-23 20:22 - 2017-07-23 20:22 - 000000000 ____D C:\Users\nicol\Downloads\h2testw_1.4
2017-07-20 22:30 - 2017-07-20 22:30 - 000070930 _____ C:\Users\nicol\Downloads\Tahin-Plätzchen.pdf
2017-07-20 22:29 - 2017-07-20 22:29 - 000072610 _____ C:\Users\nicol\Downloads\Ahle-Worschd-Kräppel.pdf
2017-07-20 22:27 - 2017-07-20 22:27 - 001235263 _____ C:\Users\nicol\Downloads\Smoothie_Flyer_wiss_Untersuchung_final.pdf
2017-07-20 17:56 - 2017-07-20 17:56 - 000002301 _____ C:\Users\Public\Desktop\MailStyler.lnk
2017-07-20 17:56 - 2017-07-20 17:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Delivery Tech Corp
2017-07-20 17:27 - 2017-07-20 17:57 - 000000000 ____D C:\Users\nicol\OneDrive\Dokumente\MailStyler
2017-07-20 17:26 - 2017-07-20 17:26 - 000003682 _____ C:\WINDOWS\System32\Tasks\xuasqgut
2017-07-20 17:26 - 2017-07-20 17:26 - 000000000 __SHD C:\Users\nicol\xuasqgut
2017-07-20 17:26 - 2017-07-20 17:26 - 000000000 ____D C:\Users\nicol\AppData\Roaming\Obsidium
2017-07-20 17:26 - 2017-07-20 17:26 - 000000000 ____D C:\Users\nicol\AppData\Roaming\Delivery Tech Corp
2017-07-20 17:26 - 2017-03-18 23:00 - 000045216 ___SH (Microsoft Corporation) C:\Users\nicol\czlfnyii.exe
2017-07-20 17:25 - 2017-07-20 17:25 - 000000000 ____D C:\ProgramData\Delivery Tech Corp
2017-07-20 17:24 - 2017-07-20 17:56 - 000000000 ____D C:\Program Files (x86)\Delivery Tech Corp
2017-07-12 18:39 - 2017-07-12 18:39 - 002653569 _____ C:\Users\nicol\Desktop\Bilanz 5 Seiten.pdf
2017-07-12 18:39 - 2017-07-07 08:57 - 000626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-07-12 18:39 - 2017-07-07 08:39 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-07-12 18:39 - 2017-07-07 08:37 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-07-12 18:39 - 2017-07-07 08:31 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-07-12 18:39 - 2017-07-07 08:31 - 001518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-07-12 18:39 - 2017-07-07 08:30 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-07-12 18:39 - 2017-07-07 08:27 - 006759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-07-12 18:39 - 2017-07-07 08:26 - 001529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-07-12 18:39 - 2017-07-07 08:26 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-07-12 18:39 - 2017-07-07 08:23 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-07-12 18:39 - 2017-07-07 08:14 - 002956800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-07-12 18:39 - 2017-07-07 08:14 - 000790016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-07-12 18:39 - 2017-07-07 08:13 - 013839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-07-12 18:39 - 2017-07-07 08:12 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-07-12 18:39 - 2017-07-07 08:05 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-07-12 18:39 - 2017-07-07 08:04 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-07-12 18:39 - 2017-07-07 08:04 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-12 18:39 - 2017-07-07 08:02 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-07-12 18:39 - 2017-07-07 08:00 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-07-12 18:39 - 2017-07-07 08:00 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-07-12 18:39 - 2017-07-07 07:58 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-07-12 18:39 - 2017-07-07 07:58 - 002298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-07-12 18:39 - 2017-06-20 07:04 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-07-12 18:39 - 2017-06-20 07:04 - 000181656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-07-12 18:39 - 2017-06-20 07:03 - 005806048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-07-12 18:39 - 2017-06-20 07:02 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-12 18:39 - 2017-06-20 07:02 - 001121928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-07-12 18:39 - 2017-06-20 07:00 - 002597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-12 18:39 - 2017-06-20 06:40 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-07-12 18:39 - 2017-06-20 06:40 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-07-12 18:39 - 2017-06-20 06:39 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-12 18:39 - 2017-06-20 06:38 - 001451008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-07-12 18:39 - 2017-06-20 06:38 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-07-12 18:39 - 2017-06-20 06:38 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-07-12 18:39 - 2017-06-20 06:36 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-07-12 18:39 - 2017-06-20 06:35 - 002132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-12 18:39 - 2017-06-20 06:34 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-07-12 18:39 - 2017-06-20 06:34 - 002211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-07-12 18:39 - 2017-06-20 06:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-07-12 18:38 - 2017-07-07 16:00 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2017-07-12 18:38 - 2017-07-07 09:27 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-07-12 18:38 - 2017-07-07 09:26 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-07-12 18:38 - 2017-07-07 09:25 - 000899824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-07-12 18:38 - 2017-07-07 09:24 - 000117664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-07-12 18:38 - 2017-07-07 09:23 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-07-12 18:38 - 2017-07-07 09:22 - 008318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-12 18:38 - 2017-07-07 09:22 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-07-12 18:38 - 2017-07-07 09:21 - 032688336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2017-07-12 18:38 - 2017-07-07 09:21 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-12 18:38 - 2017-07-07 09:20 - 002021680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-07-12 18:38 - 2017-07-07 09:20 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-07-12 18:38 - 2017-07-07 09:20 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-07-12 18:38 - 2017-07-07 09:20 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-07-12 18:38 - 2017-07-07 09:14 - 007325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-07-12 18:38 - 2017-07-07 09:14 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-07-12 18:38 - 2017-07-07 09:14 - 001760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-07-12 18:38 - 2017-07-07 09:13 - 000554392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-07-12 18:38 - 2017-07-07 09:13 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-07-12 18:38 - 2017-07-07 09:12 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-07-12 18:38 - 2017-07-07 09:12 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-07-12 18:38 - 2017-07-07 09:11 - 007904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-07-12 18:38 - 2017-07-07 09:11 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-07-12 18:38 - 2017-07-07 09:10 - 001670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-07-12 18:38 - 2017-07-07 09:10 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-07-12 18:38 - 2017-07-07 09:10 - 000254168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-07-12 18:38 - 2017-07-07 09:09 - 000041376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininitext.dll
2017-07-12 18:38 - 2017-07-07 09:07 - 001106848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-07-12 18:38 - 2017-07-07 09:07 - 000058488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-07-12 18:38 - 2017-07-07 08:57 - 000125344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2017-07-12 18:38 - 2017-07-07 08:40 - 023677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-07-12 18:38 - 2017-07-07 08:39 - 000096128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-07-12 18:38 - 2017-07-07 08:37 - 031652264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2017-07-12 18:38 - 2017-07-07 08:37 - 001339352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-07-12 18:38 - 2017-07-07 08:31 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-07-12 18:38 - 2017-07-07 08:30 - 000949920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2017-07-12 18:38 - 2017-07-07 08:30 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-07-12 18:38 - 2017-07-07 08:29 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-07-12 18:38 - 2017-07-07 08:29 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2017-07-12 18:38 - 2017-07-07 08:27 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-07-12 18:38 - 2017-07-07 08:27 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2017-07-12 18:38 - 2017-07-07 08:27 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-07-12 18:38 - 2017-07-07 08:26 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-07-12 18:38 - 2017-07-07 08:26 - 017364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-07-12 18:38 - 2017-07-07 08:26 - 001195240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-07-12 18:38 - 2017-07-07 08:25 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininitext.dll
2017-07-12 18:38 - 2017-07-07 08:24 - 001517472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-07-12 18:38 - 2017-07-07 08:23 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-07-12 18:38 - 2017-07-07 08:23 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-07-12 18:38 - 2017-07-07 08:22 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-07-12 18:38 - 2017-07-07 08:22 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2017-07-12 18:38 - 2017-07-07 08:20 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-12 18:38 - 2017-07-07 08:20 - 008331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-07-12 18:38 - 2017-07-07 08:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2017-07-12 18:38 - 2017-07-07 08:19 - 007149056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-07-12 18:38 - 2017-07-07 08:19 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-07-12 18:38 - 2017-07-07 08:19 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-07-12 18:38 - 2017-07-07 08:18 - 007336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-12 18:38 - 2017-07-07 08:18 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2017-07-12 18:38 - 2017-07-07 08:18 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-07-12 18:38 - 2017-07-07 08:18 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2017-07-12 18:38 - 2017-07-07 08:17 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-07-12 18:38 - 2017-07-07 08:17 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-07-12 18:38 - 2017-07-07 08:17 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-12 18:38 - 2017-07-07 08:17 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-07-12 18:38 - 2017-07-07 08:16 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-12 18:38 - 2017-07-07 08:16 - 000545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-07-12 18:38 - 2017-07-07 08:15 - 008238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-07-12 18:38 - 2017-07-07 08:15 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-07-12 18:38 - 2017-07-07 08:14 - 008211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-07-12 18:38 - 2017-07-07 08:14 - 003784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-07-12 18:38 - 2017-07-07 08:14 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-07-12 18:38 - 2017-07-07 08:14 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-07-12 18:38 - 2017-07-07 08:13 - 005892096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-07-12 18:38 - 2017-07-07 08:12 - 004730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-12 18:38 - 2017-07-07 08:12 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-12 18:38 - 2017-07-07 08:12 - 002499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-07-12 18:38 - 2017-07-07 08:12 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-07-12 18:38 - 2017-07-07 08:12 - 001142272 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-07-12 18:38 - 2017-07-07 08:12 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-07-12 18:38 - 2017-07-07 08:11 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-07-12 18:38 - 2017-07-07 08:11 - 001888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-07-12 18:38 - 2017-07-07 08:11 - 001812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-07-12 18:38 - 2017-07-07 08:10 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-07-12 18:38 - 2017-07-07 08:10 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-07-12 18:38 - 2017-07-07 08:10 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll
2017-07-12 18:38 - 2017-07-07 08:09 - 020504576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-07-12 18:38 - 2017-07-07 08:09 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-07-12 18:38 - 2017-07-07 08:08 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-07-12 18:38 - 2017-07-07 08:07 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-07-12 18:38 - 2017-07-07 08:07 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2017-07-12 18:38 - 2017-07-07 08:06 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-07-12 18:38 - 2017-07-07 08:06 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2017-07-12 18:38 - 2017-07-07 08:06 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2017-07-12 18:38 - 2017-07-07 08:05 - 019335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-12 18:38 - 2017-07-07 08:05 - 011870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-12 18:38 - 2017-07-07 08:05 - 005719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-07-12 18:38 - 2017-07-07 08:05 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-07-12 18:38 - 2017-07-07 08:05 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-07-12 18:38 - 2017-07-07 08:04 - 005961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-12 18:38 - 2017-07-07 08:04 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-07-12 18:38 - 2017-07-07 08:04 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-07-12 18:38 - 2017-07-07 08:04 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2017-07-12 18:38 - 2017-07-07 08:03 - 006123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-07-12 18:38 - 2017-07-07 08:03 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-07-12 18:38 - 2017-07-07 08:03 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-07-12 18:38 - 2017-07-07 08:02 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-07-12 18:38 - 2017-07-07 08:01 - 006287360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-07-12 18:38 - 2017-07-07 08:01 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-12 18:38 - 2017-07-07 08:00 - 007596544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-07-12 18:38 - 2017-07-07 08:00 - 002588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-07-12 18:38 - 2017-07-07 08:00 - 001626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-07-12 18:38 - 2017-07-07 08:00 - 001565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-07-12 18:38 - 2017-07-07 07:59 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-07-12 18:38 - 2017-07-07 07:59 - 003656704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-12 18:38 - 2017-07-07 07:59 - 001494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-07-12 18:38 - 2017-07-07 07:59 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-07-12 18:38 - 2017-07-07 07:59 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-07-12 18:38 - 2017-07-07 07:58 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-07-12 18:38 - 2017-07-07 07:58 - 001237504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-07-12 18:38 - 2017-07-07 07:55 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2017-07-12 18:38 - 2017-07-07 07:55 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-07-12 18:38 - 2017-07-07 07:53 - 001301504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-07-12 18:38 - 2017-07-07 07:53 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-07-12 18:38 - 2017-07-02 00:52 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-07-12 18:38 - 2017-06-20 08:17 - 000034720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-07-12 18:38 - 2017-06-20 08:16 - 000335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-07-12 18:38 - 2017-06-20 08:15 - 000233376 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-07-12 18:38 - 2017-06-20 08:11 - 001395152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-07-12 18:38 - 2017-06-20 08:11 - 000411992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2017-07-12 18:38 - 2017-06-20 08:10 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-07-12 18:38 - 2017-06-20 08:10 - 001930320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-07-12 18:38 - 2017-06-20 08:08 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-07-12 18:38 - 2017-06-20 08:06 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-07-12 18:38 - 2017-06-20 08:05 - 001057832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-07-12 18:38 - 2017-06-20 08:04 - 004847424 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-07-12 18:38 - 2017-06-20 08:03 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-07-12 18:38 - 2017-06-20 08:03 - 000102312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialUIBroker.exe
2017-07-12 18:38 - 2017-06-20 08:02 - 002645688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-07-12 18:38 - 2017-06-20 08:02 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-07-12 18:38 - 2017-06-20 08:00 - 000142752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-07-12 18:38 - 2017-06-20 07:59 - 006554928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-07-12 18:38 - 2017-06-20 07:59 - 001220072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-07-12 18:38 - 2017-06-20 07:59 - 000467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-07-12 18:38 - 2017-06-20 07:58 - 000833160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-07-12 18:38 - 2017-06-20 07:57 - 002681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-07-12 18:38 - 2017-06-20 07:57 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-07-12 18:38 - 2017-06-20 07:34 - 000192416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-07-12 18:38 - 2017-06-20 07:15 - 001620368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-07-12 18:38 - 2017-06-20 07:15 - 000455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2017-07-12 18:38 - 2017-06-20 07:14 - 001150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-07-12 18:38 - 2017-06-20 07:13 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-07-12 18:38 - 2017-06-20 07:13 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2017-07-12 18:38 - 2017-06-20 07:12 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-07-12 18:38 - 2017-06-20 07:12 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-07-12 18:38 - 2017-06-20 07:12 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2017-07-12 18:38 - 2017-06-20 07:11 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-07-12 18:38 - 2017-06-20 07:11 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-07-12 18:38 - 2017-06-20 07:10 - 000722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-07-12 18:38 - 2017-06-20 07:10 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-07-12 18:38 - 2017-06-20 07:10 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2017-07-12 18:38 - 2017-06-20 07:10 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-07-12 18:38 - 2017-06-20 07:09 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2017-07-12 18:38 - 2017-06-20 07:09 - 000406032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-07-12 18:38 - 2017-06-20 07:09 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2017-07-12 18:38 - 2017-06-20 07:09 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2017-07-12 18:38 - 2017-06-20 07:09 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-07-12 18:38 - 2017-06-20 07:09 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-07-12 18:38 - 2017-06-20 07:09 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-07-12 18:38 - 2017-06-20 07:08 - 004469840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-07-12 18:38 - 2017-06-20 07:08 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-07-12 18:38 - 2017-06-20 07:08 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-07-12 18:38 - 2017-06-20 07:08 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2017-07-12 18:38 - 2017-06-20 07:08 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-07-12 18:38 - 2017-06-20 07:08 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-07-12 18:38 - 2017-06-20 07:08 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-07-12 18:38 - 2017-06-20 07:07 - 002475136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-07-12 18:38 - 2017-06-20 07:07 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-07-12 18:38 - 2017-06-20 07:07 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2017-07-12 18:38 - 2017-06-20 07:07 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2017-07-12 18:38 - 2017-06-20 07:07 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-07-12 18:38 - 2017-06-20 07:07 - 000510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-07-12 18:38 - 2017-06-20 07:07 - 000346016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-07-12 18:38 - 2017-06-20 07:07 - 000138656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-07-12 18:38 - 2017-06-20 07:06 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-07-12 18:38 - 2017-06-20 07:06 - 000847872 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-07-12 18:38 - 2017-06-20 07:06 - 000754592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-07-12 18:38 - 2017-06-20 07:06 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-12 18:38 - 2017-06-20 07:06 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-07-12 18:38 - 2017-06-20 07:06 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-07-12 18:38 - 2017-06-20 07:06 - 000278944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-07-12 18:38 - 2017-06-20 07:05 - 004447744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-07-12 18:38 - 2017-06-20 07:05 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-07-12 18:38 - 2017-06-20 07:05 - 000585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-07-12 18:38 - 2017-06-20 07:05 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-07-12 18:38 - 2017-06-20 07:05 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-07-12 18:38 - 2017-06-20 07:05 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-07-12 18:38 - 2017-06-20 07:05 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-07-12 18:38 - 2017-06-20 07:05 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-07-12 18:38 - 2017-06-20 07:04 - 001818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-07-12 18:38 - 2017-06-20 07:04 - 001425920 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-07-12 18:38 - 2017-06-20 07:04 - 001178528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-07-12 18:38 - 2017-06-20 07:04 - 001177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-07-12 18:38 - 2017-06-20 07:04 - 001077496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2017-07-12 18:38 - 2017-06-20 07:04 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2017-07-12 18:38 - 2017-06-20 07:04 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-07-12 18:38 - 2017-06-20 07:04 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-07-12 18:38 - 2017-06-20 07:04 - 000049656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msasn1.dll
2017-07-12 18:38 - 2017-06-20 07:03 - 002077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-07-12 18:38 - 2017-06-20 07:03 - 000864240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-07-12 18:38 - 2017-06-20 07:03 - 000443728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2017-07-12 18:38 - 2017-06-20 07:02 - 000354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-07-12 18:38 - 2017-06-20 07:01 - 004536320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-07-12 18:38 - 2017-06-20 07:01 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-07-12 18:38 - 2017-06-20 07:01 - 003803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-07-12 18:38 - 2017-06-20 07:01 - 001076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-07-12 18:38 - 2017-06-20 07:01 - 000176032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-07-12 18:38 - 2017-06-20 07:00 - 002171392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-07-12 18:38 - 2017-06-20 06:59 - 002938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-07-12 18:38 - 2017-06-20 06:59 - 001674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-07-12 18:38 - 2017-06-20 06:56 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-07-12 18:38 - 2017-06-20 06:54 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-07-12 18:38 - 2017-06-20 06:49 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2017-07-12 18:38 - 2017-06-20 06:49 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-07-12 18:38 - 2017-06-20 06:46 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-12 18:38 - 2017-06-20 06:45 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll
2017-07-12 18:38 - 2017-06-20 06:45 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-07-12 18:38 - 2017-06-20 06:43 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-07-12 18:38 - 2017-06-20 06:43 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2017-07-12 18:38 - 2017-06-20 06:43 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2017-07-12 18:38 - 2017-06-20 06:43 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-07-12 18:38 - 2017-06-20 06:43 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-07-12 18:38 - 2017-06-20 06:43 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-07-12 18:38 - 2017-06-20 06:43 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2017-07-12 18:38 - 2017-06-20 06:42 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2017-07-12 18:38 - 2017-06-20 06:42 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2017-07-12 18:38 - 2017-06-20 06:42 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-07-12 18:38 - 2017-06-20 06:42 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-07-12 18:38 - 2017-06-20 06:42 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-07-12 18:38 - 2017-06-20 06:42 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-07-12 18:38 - 2017-06-20 06:41 - 000734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-07-12 18:38 - 2017-06-20 06:41 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2017-07-12 18:38 - 2017-06-20 06:41 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-07-12 18:38 - 2017-06-20 06:41 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-07-12 18:38 - 2017-06-20 06:41 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-07-12 18:38 - 2017-06-20 06:40 - 000342016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-07-12 18:38 - 2017-06-20 06:40 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-07-12 18:38 - 2017-06-20 06:40 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-07-12 18:38 - 2017-06-20 06:40 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-07-12 18:38 - 2017-06-20 06:39 - 002814464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2017-07-12 18:38 - 2017-06-20 06:39 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-07-12 18:38 - 2017-06-20 06:39 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2017-07-12 18:38 - 2017-06-20 06:39 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2017-07-12 18:38 - 2017-06-20 06:39 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-07-12 18:38 - 2017-06-20 06:38 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-07-12 18:38 - 2017-06-20 06:38 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-12 18:38 - 2017-06-20 06:38 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2017-07-12 18:38 - 2017-06-20 06:37 - 002008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-07-12 18:38 - 2017-06-20 06:35 - 002679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-07-12 18:38 - 2017-06-20 06:35 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-07-12 18:38 - 2017-06-20 06:34 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-07-12 18:38 - 2017-06-20 06:34 - 001492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-07-12 18:38 - 2017-06-20 06:34 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-07-12 18:38 - 2017-06-20 06:31 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-07-12 18:38 - 2017-06-20 06:30 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdmaud.drv
2017-07-12 18:38 - 2017-06-20 06:30 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-07-12 18:38 - 2017-06-20 06:28 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-07-12 18:37 - 2017-07-07 09:27 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-07-12 18:37 - 2017-07-07 09:27 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-07-12 18:37 - 2017-07-07 09:27 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-07-12 18:37 - 2017-07-07 09:27 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-07-12 18:37 - 2017-07-07 09:22 - 000119384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-07-12 18:37 - 2017-07-07 09:17 - 001017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-07-12 18:37 - 2017-07-07 09:15 - 002444696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-07-12 18:37 - 2017-07-07 09:14 - 001171032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2017-07-12 18:37 - 2017-07-07 09:13 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-07-12 18:37 - 2017-07-07 09:13 - 000147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2017-07-12 18:37 - 2017-07-07 09:12 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-07-12 18:37 - 2017-07-07 09:10 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-07-12 18:37 - 2017-07-07 09:10 - 001337848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-07-12 18:37 - 2017-07-07 09:10 - 000372128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 002229152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 001854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 001693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 001458584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 001100704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 000992672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 000848280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 000846752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-07-12 18:37 - 2017-07-07 09:08 - 000844704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 000699808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 000672672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 000506776 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 000399264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-07-12 18:37 - 2017-07-07 08:27 - 001640448 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-07-12 18:37 - 2017-07-07 08:27 - 001050624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-07-12 18:37 - 2017-07-07 08:27 - 000859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-07-12 18:37 - 2017-07-07 08:27 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2017-07-12 18:37 - 2017-07-07 08:27 - 000443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-07-12 18:37 - 2017-07-07 08:25 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-07-12 18:37 - 2017-07-07 08:24 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-07-12 18:37 - 2017-07-07 08:23 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-07-12 18:37 - 2017-07-07 08:23 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll
2017-07-12 18:37 - 2017-07-07 08:22 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-07-12 18:37 - 2017-07-07 08:21 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2017-07-12 18:37 - 2017-07-07 08:21 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-07-12 18:37 - 2017-07-07 08:19 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-07-12 18:37 - 2017-07-07 08:19 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2017-07-12 18:37 - 2017-07-07 08:18 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-07-12 18:37 - 2017-07-07 08:17 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-07-12 18:37 - 2017-07-07 08:17 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-07-12 18:37 - 2017-07-07 08:17 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-07-12 18:37 - 2017-07-07 08:16 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-07-12 18:37 - 2017-07-07 08:14 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-07-12 18:37 - 2017-07-07 08:14 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-07-12 18:37 - 2017-07-07 08:13 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-07-12 18:37 - 2017-07-07 08:12 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-07-12 18:37 - 2017-07-07 08:12 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-07-12 18:37 - 2017-07-07 08:12 - 001420800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-07-12 18:37 - 2017-07-07 08:12 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-07-12 18:37 - 2017-07-07 08:11 - 003139584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-07-12 18:37 - 2017-07-07 08:11 - 002649600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-07-12 18:37 - 2017-07-07 08:11 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-07-12 18:37 - 2017-07-07 08:11 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-07-12 18:37 - 2017-07-07 08:11 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-07-12 18:37 - 2017-07-07 08:10 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-12 18:37 - 2017-07-07 08:10 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-07-12 18:37 - 2017-07-07 08:07 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-07-12 18:37 - 2017-07-07 08:07 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2017-07-12 18:37 - 2017-07-07 08:05 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-07-12 18:37 - 2017-07-07 08:04 - 001703424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-07-12 18:37 - 2017-07-07 08:04 - 001403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-07-12 18:37 - 2017-06-20 08:18 - 001564576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-07-12 18:37 - 2017-06-20 08:18 - 000096672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-07-12 18:37 - 2017-06-20 08:17 - 000629152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-07-12 18:37 - 2017-06-20 08:17 - 000544160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-07-12 18:37 - 2017-06-20 08:17 - 000334240 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-07-12 18:37 - 2017-06-20 08:17 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-07-12 18:37 - 2017-06-20 08:16 - 001214880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-07-12 18:37 - 2017-06-20 08:04 - 000472728 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-07-12 18:37 - 2017-06-20 08:03 - 000179608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-07-12 18:37 - 2017-06-20 08:02 - 000426912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-07-12 18:37 - 2017-06-20 08:00 - 000558920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-07-12 18:37 - 2017-06-20 08:00 - 000255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-07-12 18:37 - 2017-06-20 07:59 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-07-12 18:37 - 2017-06-20 07:59 - 000583304 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-07-12 18:37 - 2017-06-20 07:58 - 000406072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-07-12 18:37 - 2017-06-20 07:58 - 000203168 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-07-12 18:37 - 2017-06-20 07:16 - 000970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2017-07-12 18:37 - 2017-06-20 07:16 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-07-12 18:37 - 2017-06-20 07:14 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-07-12 18:37 - 2017-06-20 07:13 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-12 18:37 - 2017-06-20 07:13 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2017-07-12 18:37 - 2017-06-20 07:13 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
2017-07-12 18:37 - 2017-06-20 07:12 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-07-12 18:37 - 2017-06-20 07:12 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-07-12 18:37 - 2017-06-20 07:10 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-07-12 18:37 - 2017-06-20 07:10 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-07-12 18:37 - 2017-06-20 07:09 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2017-07-12 18:37 - 2017-06-20 07:09 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-07-12 18:37 - 2017-06-20 07:09 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-07-12 18:37 - 2017-06-20 07:09 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2017-07-12 18:37 - 2017-06-20 07:09 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-07-12 18:37 - 2017-06-20 07:09 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2017-07-12 18:37 - 2017-06-20 07:08 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2017-07-12 18:37 - 2017-06-20 07:08 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-07-12 18:37 - 2017-06-20 07:07 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-07-12 18:37 - 2017-06-20 07:07 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-07-12 18:37 - 2017-06-20 07:07 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-07-12 18:37 - 2017-06-20 07:07 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-07-12 18:37 - 2017-06-20 07:06 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-07-12 18:37 - 2017-06-20 07:06 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-07-12 18:37 - 2017-06-20 07:06 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-07-12 18:37 - 2017-06-20 07:06 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-07-12 18:37 - 2017-06-20 07:05 - 002873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2017-07-12 18:37 - 2017-06-20 07:05 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-07-12 18:37 - 2017-06-20 07:05 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-07-12 18:37 - 2017-06-20 07:05 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2017-07-12 18:37 - 2017-06-20 07:05 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-07-12 18:37 - 2017-06-20 07:04 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-07-12 18:37 - 2017-06-20 07:03 - 001396224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-07-12 18:37 - 2017-06-20 07:02 - 003204096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-07-12 18:37 - 2017-06-20 07:02 - 002804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-07-12 18:37 - 2017-06-20 07:02 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-07-12 18:37 - 2017-06-20 07:02 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-07-12 18:37 - 2017-06-20 07:02 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2017-07-12 18:37 - 2017-06-20 07:01 - 003332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-07-12 18:37 - 2017-06-20 07:01 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-07-12 18:37 - 2017-06-20 07:01 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-07-12 18:37 - 2017-06-20 07:01 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-07-12 18:37 - 2017-06-20 07:00 - 003057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-07-12 18:37 - 2017-06-20 06:59 - 001357824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-07-12 18:37 - 2017-06-20 06:58 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-07-12 18:37 - 2017-06-20 06:57 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2017-07-12 18:37 - 2017-06-20 06:57 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2017-07-12 18:37 - 2017-06-20 06:56 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-07-12 18:37 - 2017-06-20 06:56 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdmaud.drv
2017-07-12 18:09 - 2017-07-12 18:09 - 001077755 _____ C:\Users\nicol\Downloads\scanner@fuhrmann-steuerberatung.de_20170712_07.rar
2017-07-12 18:06 - 2017-07-12 18:06 - 001539146 _____ C:\Users\nicol\Downloads\scanner@fuhrmann-steuerberatung.de_20170712_07.tif
2017-07-11 18:25 - 2017-07-11 18:25 - 000000000 ____D C:\Users\nicol\AppData\Local\Foxit PhantomPDF
2017-07-11 18:16 - 2017-07-11 18:16 - 000001162 _____ C:\Users\Public\Desktop\Foxit PhantomPDF.lnk
2017-07-11 18:16 - 2017-07-11 18:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2017-07-11 17:44 - 2017-07-12 18:09 - 000748096 _____ C:\Users\nicol\Desktop\Bilanz_GuV.pptx
2017-07-11 17:38 - 2017-07-11 17:38 - 000045502 _____ C:\Users\nicol\Desktop\Bilanz lang.pdf
2017-07-11 17:26 - 2017-07-12 18:01 - 000360786 _____ C:\Users\nicol\Desktop\Präsentation Liquidität.pptx
2017-07-11 17:25 - 2017-07-11 17:25 - 000381033 _____ C:\Users\nicol\Downloads\Präsentation11.pptx
2017-07-04 14:59 - 2017-07-04 14:59 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-07-03 21:55 - 2017-07-12 18:46 - 000001347 _____ C:\Users\nicol\Desktop\GoPro - Verknüpfung.lnk
2017-07-03 21:42 - 2017-07-03 21:42 - 000000000 ____D C:\Users\nicol\AppData\Roaming\AMD
2017-07-03 21:21 - 2017-07-03 21:22 - 000000000 ____D C:\Users\nicol\AppData\Local\ConnectedDevicesPlatform
2017-07-03 21:21 - 2017-07-03 21:21 - 000000020 ___SH C:\Users\nicol\ntuser.ini
2017-07-03 21:21 - 2017-07-03 21:21 - 000000000 ____D C:\Users\nicol\AppData\Local\DBG
2017-07-03 20:46 - 2017-07-03 20:46 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-07-03 20:46 - 2017-07-03 19:58 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-07-03 20:43 - 2017-07-03 20:43 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-07-03 20:43 - 2017-07-03 20:43 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-07-03 20:43 - 2017-07-03 20:43 - 000000000 ____D C:\Program Files\MSBuild
2017-07-03 20:43 - 2017-07-03 20:43 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-07-03 20:43 - 2017-07-03 20:43 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-07-03 20:42 - 2017-02-10 12:26 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-07-03 20:42 - 2017-02-10 12:26 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-07-03 20:42 - 2017-02-10 12:26 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-07-03 20:42 - 2017-02-10 12:21 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-07-03 20:42 - 2017-02-10 12:21 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-07-03 20:42 - 2017-02-10 12:21 - 000035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-07-03 20:38 - 2017-07-03 20:38 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2017-07-03 20:12 - 2017-07-03 20:12 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2017-07-03 20:12 - 2017-07-03 20:12 - 000007623 _____ C:\WINDOWS\diagerr.xml
2017-07-03 20:11 - 2017-08-01 21:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-03 20:11 - 2017-07-03 20:11 - 000022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-07-03 20:11 - 2017-07-03 20:11 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-07-03 20:11 - 2017-07-03 20:11 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-07-03 20:08 - 2017-07-03 20:08 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-07-03 20:08 - 2017-07-03 20:08 - 000000000 ____D C:\ProgramData\USOShared
2017-07-03 20:04 - 2017-07-03 20:08 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-07-03 20:03 - 2017-08-01 21:52 - 000000000 ____D C:\Users\nicol
2017-07-03 20:03 - 2017-07-03 20:03 - 000000000 _SHDL C:\Users\nicol\Vorlagen
2017-07-03 20:03 - 2017-07-03 20:03 - 000000000 _SHDL C:\Users\nicol\Startmenü
2017-07-03 20:03 - 2017-07-03 20:03 - 000000000 _SHDL C:\Users\nicol\Netzwerkumgebung
2017-07-03 20:03 - 2017-07-03 20:03 - 000000000 _SHDL C:\Users\nicol\Lokale Einstellungen
2017-07-03 20:03 - 2017-07-03 20:03 - 000000000 _SHDL C:\Users\nicol\Eigene Dateien
2017-07-03 20:03 - 2017-07-03 20:03 - 000000000 _SHDL C:\Users\nicol\Druckumgebung
2017-07-03 20:03 - 2017-07-03 20:03 - 000000000 _SHDL C:\Users\nicol\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-07-03 20:03 - 2017-07-03 20:03 - 000000000 _SHDL C:\Users\nicol\AppData\Local\Verlauf
2017-07-03 20:03 - 2017-07-03 20:03 - 000000000 _SHDL C:\Users\nicol\AppData\Local\Anwendungsdaten
2017-07-03 20:03 - 2017-07-03 20:03 - 000000000 _SHDL C:\Users\nicol\Anwendungsdaten
2017-07-03 20:01 - 2017-07-03 20:01 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-07-03 20:01 - 2017-07-03 20:01 - 000000000 ____D C:\Program Files\Synaptics
2017-07-03 20:01 - 2017-07-03 20:01 - 000000000 ____D C:\Program Files (x86)\USB Camera
2017-07-03 20:00 - 2017-07-03 20:00 - 000000000 _____ C:\WINDOWS\ativpsrm.bin
2017-07-03 19:59 - 2017-07-03 20:05 - 000000000 ____D C:\Program Files\AMD
2017-07-03 19:59 - 2017-07-03 19:59 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2017-07-03 19:59 - 2017-07-03 19:59 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-07-03 19:59 - 2017-07-03 19:59 - 000000000 ____D C:\Program Files\Realtek
2017-07-03 19:59 - 2017-07-03 19:59 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-07-03 19:59 - 2017-03-18 22:56 - 002233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-07-03 19:58 - 2017-08-01 06:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-07-03 19:58 - 2017-07-24 18:36 - 000394400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-03 18:54 - 2017-07-03 18:54 - 002251992 _____ (Broadcom Corporation.) C:\WINDOWS\system32\BtwRSupportService.exe
2017-07-03 18:54 - 2017-07-03 18:54 - 001441792 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrWi212a.dll
2017-07-03 18:54 - 2017-07-03 18:54 - 000279040 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BrJDec.dll
2017-07-03 18:54 - 2017-07-03 18:54 - 000222720 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BRCOI12I.DLL
2017-07-03 18:54 - 2017-07-03 18:54 - 000188160 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\btwampfl.sys
2017-07-03 18:54 - 2017-07-03 18:54 - 000173312 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\bcbtums.sys
2017-07-03 18:54 - 2017-07-03 18:54 - 000069978 _____ C:\WINDOWS\system32\Drivers\BCM20702A1_001.002.014.1443.1485.hex
2017-07-03 18:54 - 2017-07-03 18:54 - 000066264 _____ (Broadcom Corporation.) C:\WINDOWS\system32\btwdi.dll
2017-07-03 18:54 - 2017-07-03 18:54 - 000050688 _____ (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BRPRTINK.DLL
2017-07-03 18:44 - 2017-07-03 21:21 - 000000000 ___DC C:\WINDOWS\Panther
2017-07-03 18:40 - 2017-07-03 18:44 - 000000036 _____ C:\WINDOWS\progress.ini
2017-07-03 18:23 - 2017-07-03 21:21 - 000000000 ____D C:\Windows10Upgrade
2017-07-03 18:23 - 2017-07-03 21:20 - 000000000 ___HD C:\$GetCurrent
2017-07-03 18:23 - 2017-07-03 18:23 - 000000809 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-Update-Assistent.lnk
2017-07-03 18:23 - 2017-07-03 18:23 - 000000797 _____ C:\Users\nicol\Desktop\Windows 10-Update-Assistent.lnk
2017-07-03 18:15 - 2017-07-03 18:15 - 000000000 ____D C:\Users\nicol\AppData\Roaming\GoPro
2017-07-03 18:13 - 2017-07-03 18:13 - 004216840 _____ (Microsoft Corporation) C:\Users\nicol\Downloads\vcredist_x86.exe
2017-07-03 18:00 - 2017-07-03 18:00 - 000000000 ____D C:\WINDOWS\UpdateAssistant

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-08-01 21:58 - 2017-06-03 17:51 - 002313510 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-01 21:58 - 2017-03-20 06:41 - 001055522 _____ C:\WINDOWS\system32\perfh007.dat
2017-08-01 21:58 - 2017-03-20 06:41 - 000232730 _____ C:\WINDOWS\system32\perfc007.dat
2017-08-01 21:53 - 2017-06-03 18:19 - 000000000 ____D C:\Users\nicol\AppData\LocalLow\Mozilla
2017-08-01 21:52 - 2017-06-03 20:32 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-08-01 21:52 - 2017-03-18 13:40 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-08-01 21:51 - 2017-06-04 15:49 - 000000008 __RSH C:\ProgramData\ntuser.pol
2017-08-01 18:25 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-01 18:25 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-01 07:05 - 2017-06-03 19:24 - 000000000 ____D C:\Users\nicol\AppData\Roaming\UseNeXT
2017-07-31 19:19 - 2017-06-04 13:42 - 000002172 _____ C:\Users\nicol\Desktop\Call of Duty(R) 4 - Bots.lnk
2017-07-31 18:33 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-07-31 17:39 - 2017-06-03 18:34 - 000000000 ____D C:\Users\nicol\AppData\Roaming\Foxit Software
2017-07-28 19:34 - 2017-06-03 17:54 - 000002387 _____ C:\Users\nicol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-07-28 19:34 - 2017-06-03 17:54 - 000000000 ___RD C:\Users\nicol\OneDrive
2017-07-27 20:38 - 2017-06-04 14:29 - 000000000 ____D C:\Program Files (x86)\Origin
2017-07-26 17:59 - 2017-06-04 14:28 - 000000000 ____D C:\Users\nicol\AppData\Local\ElevatedDiagnostics
2017-07-24 19:51 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-07-23 21:34 - 2017-06-03 18:36 - 000000000 ____D C:\ProgramData\Sonos,_Inc
2017-07-18 22:35 - 2017-06-03 19:37 - 000000000 ____D C:\Program Files (x86)\Steam
2017-07-18 19:20 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-07-15 11:35 - 2017-06-03 19:36 - 000000000 ____D C:\Users\nicol\AppData\Roaming\WhatsApp
2017-07-14 16:47 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-07-12 19:17 - 2017-06-03 17:51 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ___RD C:\Program Files\Windows Defender
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\migwiz
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-07-12 18:55 - 2017-06-03 19:36 - 000002242 _____ C:\Users\nicol\Desktop\WhatsApp.lnk
2017-07-12 18:55 - 2017-06-03 19:36 - 000000000 ____D C:\Users\nicol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2017-07-12 18:55 - 2017-06-03 19:36 - 000000000 ____D C:\Users\nicol\AppData\Local\WhatsApp
2017-07-12 18:55 - 2017-06-03 19:35 - 000000000 ____D C:\Users\nicol\AppData\Local\SquirrelTemp
2017-07-12 18:50 - 2017-06-19 15:05 - 000000000 ____D C:\Program Files\ReviverSoft
2017-07-12 18:46 - 2017-06-19 15:05 - 000001292 _____ C:\Users\nicol\Desktop\Windows 10 Manager.lnk
2017-07-12 18:46 - 2017-06-19 15:05 - 000001282 _____ C:\Users\nicol\Desktop\1-Click Cleaner.lnk
2017-07-12 18:46 - 2017-06-18 19:26 - 000001258 _____ C:\Users\nicol\Desktop\MP3 to iPod Audio Book Converter.lnk
2017-07-12 18:46 - 2017-06-18 19:14 - 000001190 _____ C:\Users\nicol\Desktop\Syncios.lnk
2017-07-12 18:46 - 2017-06-05 11:11 - 000001072 _____ C:\Users\nicol\Desktop\HeavyLoad.lnk
2017-07-12 18:46 - 2017-06-03 19:24 - 000001930 _____ C:\Users\nicol\Desktop\UseNeXT by Tangysoft.lnk
2017-07-12 18:46 - 2017-06-03 18:28 - 000001080 _____ C:\Users\nicol\Desktop\SpeedFan.lnk
2017-07-12 18:42 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-07-12 18:41 - 2017-06-03 18:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-07-12 18:39 - 2017-06-03 18:50 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-11 18:22 - 2017-06-04 16:01 - 000000000 ____D C:\Users\nicol\AppData\Local\Adobe
2017-07-11 18:16 - 2017-06-03 18:34 - 000000000 ____D C:\Users\Public\Foxit Software
2017-07-11 18:15 - 2017-06-04 14:29 - 000000000 ____D C:\ProgramData\Package Cache
2017-07-11 18:15 - 2017-06-03 18:34 - 000000000 ____D C:\Program Files (x86)\Foxit Software
2017-07-11 17:26 - 2017-06-03 17:51 - 000000000 ____D C:\Users\nicol\AppData\Local\Packages
2017-07-05 09:57 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\appcompat
2017-07-04 21:43 - 2017-06-03 18:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-04 21:43 - 2017-06-03 18:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-07-04 14:59 - 2017-06-11 12:38 - 000000000 ____D C:\Users\Public\CineForm
2017-07-04 14:58 - 2017-06-03 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2017-07-03 21:46 - 2017-06-11 12:37 - 000000000 ____D C:\Users\nicol\AppData\Local\GoPro
2017-07-03 21:21 - 2017-06-04 16:15 - 000000000 ____D C:\Users\nicol\AppData\Local\StartIsBack
2017-07-03 20:56 - 2017-03-18 23:03 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-07-03 20:51 - 2017-03-18 23:06 - 000000000 ____D C:\WINDOWS\Setup
2017-07-03 20:43 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-07-03 20:43 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\MUI
2017-07-03 20:43 - 2017-03-18 22:56 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-07-03 20:43 - 2017-03-18 22:56 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-07-03 20:43 - 2017-03-18 22:56 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-07-03 20:43 - 2017-03-18 22:56 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-07-03 20:43 - 2017-03-18 22:56 - 000005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-07-03 20:13 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows NT
2017-07-03 20:12 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-07-03 20:12 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\Registration
2017-07-03 20:12 - 2017-03-18 13:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-07-03 20:11 - 2015-07-10 13:04 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-07-03 20:10 - 2017-03-18 23:03 - 000000000 __RSD C:\WINDOWS\Media
2017-07-03 20:10 - 2017-03-18 23:03 - 000000000 __RHD C:\Users\Public\Libraries
2017-07-03 20:08 - 2017-06-19 15:05 - 000000000 ____D C:\Users\nicol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yamicsoft
2017-07-03 20:08 - 2017-06-18 19:26 - 000000000 ____D C:\Users\nicol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3 to iPod Audio Book Converter
2017-07-03 20:08 - 2017-06-18 11:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HolmeZ
2017-07-03 20:08 - 2017-06-11 13:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImpactWinter
2017-07-03 20:08 - 2017-06-11 12:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoPro
2017-07-03 20:08 - 2017-06-05 11:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HeavyLoad
2017-07-03 20:08 - 2017-06-04 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-07-03 20:08 - 2017-06-04 14:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
2017-07-03 20:08 - 2017-06-04 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blur(TM)
2017-07-03 20:08 - 2017-06-03 19:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2017-07-03 20:08 - 2017-06-03 19:43 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2017-07-03 20:08 - 2017-06-03 19:39 - 000000000 ____D C:\WINDOWS\SHELLNEW
2017-07-03 20:08 - 2017-06-03 19:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-07-03 20:08 - 2017-06-03 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-07-03 20:08 - 2017-06-03 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2017-07-03 20:08 - 2017-06-03 18:28 - 000000000 ____D C:\Users\nicol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-07-03 20:08 - 2017-06-03 18:28 - 000000000 ____D C:\Users\nicol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2017-07-03 20:08 - 2017-06-03 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-07-03 20:08 - 2017-06-03 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-07-03 20:08 - 2017-03-18 23:03 - 000000000 ____D C:\ProgramData\USOPrivate
2017-07-03 20:08 - 2017-03-18 23:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-03 20:05 - 2017-06-04 13:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2017-07-03 20:05 - 2017-06-03 19:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2017-07-03 20:05 - 2017-06-03 19:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2017-07-03 20:05 - 2017-06-03 18:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2017-07-03 20:05 - 2017-06-03 18:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2017-07-03 20:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-07-03 20:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\spool
2017-07-03 20:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-07-03 20:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\System
2017-07-03 20:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2017-07-03 20:05 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Common Files\System
2017-07-03 20:05 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-07-03 20:04 - 2017-06-03 18:31 - 000000000 ____D C:\Users\nicol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Syncios
2017-07-03 20:03 - 2017-03-18 13:40 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-07-03 20:01 - 2017-03-20 06:43 - 000000000 ____D C:\WINDOWS\HoloShell
2017-07-03 20:01 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\PrintDialog
2017-07-03 20:01 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\MiracastView

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-06-04 14:35 - 2017-06-04 14:35 - 000079466 _____ () C:\ProgramData\cl.1496579652.bdinstall.bin
2017-07-03 19:59 - 2017-07-03 19:59 - 000000000 ____H () C:\ProgramData\DP45977C.lfl

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\nicol\czlfnyii.exe


Einige Dateien in TEMP:
====================
2017-07-03 21:38 - 2017-07-03 21:57 - 000000000 ____D () C:\Users\nicol\AppData\Local\Temp\SynciosDeviceService.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-07-26 18:43

==================== Ende von FRST.txt ============================

addition 1/2

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-07-2017
durchgeführt von Nicol (01-08-2017 22:01:34)
Gestartet von C:\Users\nicol\Desktop
Windows 10 Pro Version 1703 (X64) (2017-07-03 19:20:59)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2090734139-1850318513-3907554720-500 - Administrator - Enabled)
DefaultAccount (S-1-5-21-2090734139-1850318513-3907554720-503 - Limited - Disabled)
Gast (S-1-5-21-2090734139-1850318513-3907554720-501 - Limited - Disabled)
Nicol (S-1-5-21-2090734139-1850318513-3907554720-1001 - Administrator - Enabled) => C:\Users\nicol

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Activision(R) (HKLM-x32\...\{589A63D3-89E1-4D9B-8DBC-6039BB27289E}) (Version: 1.00.0000 - Activision) Hidden
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (HKLM-x32\...\{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (HKLM-x32\...\{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios)
AMD Catalyst Install Manager (HKLM\...\{9268D25B-C6DE-1579-01AB-E61CC0C6C8A8}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.26.0 - AppEx Networks)
Apple Application Support (32-Bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Blur(TM) (HKLM-x32\...\InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}) (Version: 1.00.0000 - Activision)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite DCP-J4110DW (HKLM-x32\...\{DD98C438-D769-4677-AA87-3481FA32D20C}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch (HKLM-x32\...\{5D7767FA-7FE8-4627-9F09-AEF7A25F1E07}) (Version: 1.1 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch (HKLM-x32\...\InstallShield_{5D7767FA-7FE8-4627-9F09-AEF7A25F1E07}) (Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch (HKLM-x32\...\{E5141379-B2D9-4BBC-BB2A-5805541571DD}) (Version: 1.2 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch (HKLM-x32\...\InstallShield_{E5141379-B2D9-4BBC-BB2A-5805541571DD}) (Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch (HKLM-x32\...\{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}) (Version: 1.3 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch (HKLM-x32\...\InstallShield_{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}) (Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (HKLM-x32\...\{3BD633E0-4BF8-4499-9149-88F0767D449C}) (Version: 1.4 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (HKLM-x32\...\InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}) (Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch (HKLM-x32\...\InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}) (Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch (HKLM-x32\...\{8503C901-85D7-4262-88D2-8D8B2A7B08B8}) (Version: 1.5 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version: 1.7 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version:  - ) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.3 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.3 - Lenovo)
Foxit PhantomPDF Business (HKLM-x32\...\{05594894-9B62-4D66-BC12-4DA14CA22F28}) (Version: 7.3.6.321 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.3.0.14878 - Foxit Software Inc.)
GoPro Studio (HKLM-x32\...\{BE06FF1A-83A0-42F2-913E-6E405393145C}) (Version: 5.12.5383 - GoPro, Inc.) Hidden
HeavyLoad V3.3 (64 bit) (HKLM\...\HeavyLoad_is1) (Version: 3.3 - JAM Software)
HolmeZ (HKLM-x32\...\{886AF6B6-CEFA-4B18-946F-3389B3EAB53F}) (Version: 2.2.0 - HolmeZ SoftSolutions Pte. Ltd.)
ImpactWinter (HKLM-x32\...\ImpactWinter_is1) (Version:  - )
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.7800 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}) (Version: 1.12.824.1 - Vimicro)
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.223.143 - Lenovo)
MailStyler (HKLM-x32\...\{77C1C524-CCF5-49C8-8B30-516A46559092}) (Version: 1.3.3 - Delivery Tech Corp.)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3 - Mozilla)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.16.25850 - Electronic Arts, Inc.)
Outils de vérification linguistique 2016 de Microsoft Office*- Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Quik (HKLM\...\{DF7EE9CB-0369-44F3-9B91-BF05A2D4891D}) (Version: 0.1.5383 - GoPro, Inc.) Hidden
Quik (HKLM-x32\...\{b15a4fb5-7637-45ca-b230-33d94af786a7}) (Version: 2.3.0.5383 - GoPro, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Setup Launcher Unicode 2 (HKLM-x32\...\Setup Launcher Unicode 2) (Version: 2 - Delivery Tech Corp)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 35.3.39010 - Sonos, Inc.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
StartIsBack++ (HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\StartIsBack) (Version: 2.0.9 - startisback.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Strumenti di correzione di Microsoft Office 2016 - Italiano (HKLM\...\{90160000-001F-0410-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Syncios 6.1.4 (HKLM-x32\...\Syncios) (Version: 6.1.4 - Anvsoft)
Update for Skype for Business 2016 (KB3127980) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{63487652-EA1D-4817-B4EB-B3D29A441B8F}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB3127980) 64-Bit Edition (HKLM\...\{90160000-012B-0407-1000-0000000FF1CE}_Office16.PROPLUS_{63487652-EA1D-4817-B4EB-B3D29A441B8F}) (Version:  - Microsoft)
UpdateAssistant (HKLM-x32\...\{B302EECB-0DA5-46E6-8A58-127440F22CF1}) (Version: 1.7.0.0 - Microsoft Corporation) Hidden
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
VFW_Codec32 (HKLM-x32\...\{ECDB3455-70F4-4EE6-B89E-3B4C5E9FF592}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (HKLM\...\{AE4073DE-7596-4E3B-9DE3-18BE2C3EFAA6}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WhatsApp (HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\WhatsApp) (Version: 0.2.5093 - WhatsApp)
Windows 10 Manager (HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\Windows 10 Manager 2.1.0) (Version: 2.1.0 - Yamicsoft)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22211 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2090734139-1850318513-3907554720-1001_Classes\CLSID\{865e5e76-ad83-4dca-a109-50dc2113ce9b}\InprocServer32 -> C:\Users\nicol\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2090734139-1850318513-3907554720-1001_Classes\CLSID\{99E2B362-3E4E-4255-9B29-41A7F40777BA}\InprocServer32 -> C:\Users\nicol\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2090734139-1850318513-3907554720-1001_Classes\CLSID\{99E2B362-3E4E-4255-9B29-41A7F40777BB}\InprocServer32 -> C:\Users\nicol\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2090734139-1850318513-3907554720-1001_Classes\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c9}\InprocServer32 -> C:\Users\nicol\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2090734139-1850318513-3907554720-1001_Classes\CLSID\{AD1405D2-30CF-4877-8468-1EE1C52C759F}\InprocServer32 -> C:\Users\nicol\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2090734139-1850318513-3907554720-1001_Classes\CLSID\{c71c41f1-ddad-42dc-a8fc-f5bfc61df958}\InprocServer32 -> C:\Users\nicol\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2090734139-1850318513-3907554720-1001_Classes\CLSID\{E5C31EC8-C5E6-4E07-957E-944DB4AAD85E}\InprocServer32 -> C:\Users\nicol\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2016-03-09] (Foxit Software Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-03-31] (Foxit Software Inc.)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-10-29] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-03-31] (Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0610F87F-A550-450A-A035-5C456A9E7B6C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-05-19] (Piriform Ltd)
Task: {68FB7FD1-276B-4523-91AA-FD7DC3AD791D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {8C32E0CE-CA4D-49F5-8215-03E94C016E86} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {D60E0F0A-9505-4292-A327-665F31384C79} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {DB4D389B-3BFA-402E-91F2-8F6A535DAC32} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2017-06-26] (Microsoft Corporation)
Task: {E797B448-1CDD-4CB3-9646-D66654AF3A7E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2017-06-26] (Microsoft Corporation)
Task: {EC2425F0-9A52-4D41-8BFE-26F13DFF8319} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {FB962ED9-828F-485B-8A20-E89CD3EB2EEA} - System32\Tasks\xuasqgut => C:\Users\nicol\xuasqgut\czlfnyii.exe [2016-10-09] (AutoIt Team)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-10-29 09:41 - 2012-10-29 09:41 - 000073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-19 16:03 - 2013-08-19 16:03 - 000049368 _____ () C:\Program Files\Lenovo\Bluetooth Software\btwleapi.dll
2017-07-24 19:00 - 2017-06-27 12:06 - 002260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-06-03 19:48 - 2005-04-22 06:36 - 000143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-07-16 19:33 - 2017-07-16 19:33 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-16 19:33 - 2017-07-16 19:33 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-16 19:33 - 2017-07-16 19:33 - 043573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-16 19:33 - 2017-07-16 19:33 - 002435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll
2017-03-16 17:15 - 2017-03-16 17:15 - 000037808 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
2017-06-03 19:48 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\Software\Classes\exefile:  <==== ACHTUNG
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\Software\Classes\.exe:  =>  <==== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 13:04 - 2017-06-19 14:02 - 000000901 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 hxxp://www.driver-soft.com
127.0.0.1 www.driver-soft.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\nicol\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\6102910-red-wallpaper-windows-10.jpg
DNS Servers: 192.168.30.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall ist aktiviert.

Nicky_86 · 01.08.2017, 21:09

addition 2/2

Code:

ATTFilter

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "GoPro Tray App"
HKLM\...\StartupApproved\Run32: => "Syncios device service"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "331BigDog"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "332BigDog"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\StartupApproved\Run: => "AppEx Accelerator UI"
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\StartupApproved\Run: => "MailStylerWarmup"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{9CC6E13F-7266-4C9E-A4C7-2DAED3E48A4D}] => (Allow) LPort=168

==================== Wiederherstellungspunkte =========================

11-07-2017 18:15:25 Installed Foxit PhantomPDF Business
01-08-2017 18:50:09 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/01/2017 09:53:30 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: CC4BT BrtCC4BT: [2017/08/01 21:53:30.167]: [00003288]: Failed to launch Main Process.

Error: (08/01/2017 09:53:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe".
Die abhängige Assemblierung "Microsoft.VC80.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/01/2017 09:53:09 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Fehler bei der Installation des Kaufnachweises. 0xC004E016
Teil-Pkey=R6V36
ACID=?
Genauer Fehler[?]

Error: (08/01/2017 06:30:02 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Fehler bei der Installation des Kaufnachweises. 0xC004E016
Teil-Pkey=R6V36
ACID=?
Genauer Fehler[?]

Error: (08/01/2017 06:20:28 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: CC4BT BrtCC4BT: [2017/08/01 18:20:28.516]: [00004504]: Failed to launch Main Process.

Error: (08/01/2017 06:20:28 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe".
Die abhängige Assemblierung "Microsoft.VC80.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/01/2017 06:20:08 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Fehler bei der Installation des Kaufnachweises. 0xC004E016
Teil-Pkey=R6V36
ACID=?
Genauer Fehler[?]

Error: (07/26/2017 03:48:12 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: CC4BT BrtCC4BT: [2017/07/26 15:48:12.234]: [00011760]: Failed to launch Main Process.

Error: (07/26/2017 03:48:12 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe".
Die abhängige Assemblierung "Microsoft.VC80.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/24/2017 07:41:05 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Fehler bei der Installation des Kaufnachweises. 0xC004E016
Teil-Pkey=R6V36
ACID=?
Genauer Fehler[?]


Systemfehler:
=============
Error: (08/01/2017 09:53:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/01/2017 09:53:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (08/01/2017 09:52:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (08/01/2017 09:52:13 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (08/01/2017 09:52:13 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (08/01/2017 09:52:11 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (08/01/2017 09:51:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "GoPro Device Detection Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/01/2017 09:51:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "BrYNSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/01/2017 09:51:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SynTPEnh Caller Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.



CodeIntegrity:
===================================
  Date: 2017-08-01 21:56:43.102
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-01 21:56:43.083
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-01 21:53:07.454
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-01 21:53:07.451
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-01 20:46:28.740
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-01 20:46:28.737
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-01 19:27:11.890
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-01 19:27:11.632
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-01 19:24:59.011
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-08-01 19:24:58.764
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD A10-4600M APU with Radeon(tm) HD Graphics 
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 7602.6 MB
Verfügbarer physikalischer RAM: 5545.41 MB
Summe virtueller Speicher: 8818.6 MB
Verfügbarer virtueller Speicher: 6752.12 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:488.1 GB) (Free:408.56 GB) NTFS
Drive d: (Ablage) (Fixed) (Total:931.51 GB) (Free:726.71 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 489 GB) (Disk ID: C4B6C905)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=488.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=871 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7B7640AA)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

M-K-D-B · 02.08.2017, 09:54

Servus,

Bitte lasse die Datei aus der Code-Box bei Virustotal überprüfen.

Klicke auf Wählen Sie eine
Kopiere nun folgendes in die Suchleiste
Code:
ATTFilter
```
C:\Users\nicol\czlfnyii.exe
         
```
und klicke auf Öffnen.
Klicke auf Scannen!.
Warte bitte bis die Datei vollständig hochgeladen wurde. Solltest Du folgende Meldung bekommen

Zitat:

Diese Datei wurde bereits von VirusTotal analysiert...

klicke auf Neu analysieren.
Warte bis dir das Analysedatum angezeigt wird und der Scan abgeschlossen ist.
Kopiere den Link aus deiner Adresszeile und poste ihn hier.

Wiederhole den Vorgang mit der folgenden Datei und poste mir auch davon das Ergebnis als Link:

Code:

ATTFilter

C:\Users\nicol\xuasqgut\czlfnyii.exe

Nicky_86 · 02.08.2017, 18:07

Das funktioniert leider so nicht.

Wie gesagt den an dieser Stelle liegt diese Datei leider nicht.

Eine Suche nach dieser Datei ergibt nichts.

hxxp://www.bilder-upload.eu/show.php?file=197b82-1501694126.jpg

Bekomme die XX leider nicht weg beim Bild Link

M-K-D-B · 02.08.2017, 21:53

Servus,

diese .exe gehört zu dieser Software:

Zitat:

MailStyler (HKLM-x32\...\{77C1C524-CCF5-49C8-8B30-516A46559092}) (Version: 1.3.3 - Delivery Tech Corp.)

Kennst du sie?

Sie wurde am 20. Juli installiert.

Nicky_86 · 03.08.2017, 04:38

Ja im
Prinzip schon. Aber die Software hat jemand anderes installiert. Und hatte die von irgendwem für irgendwas. Also diese Software brauch ich nicht und sie könnte definitiv weg.

M-K-D-B · 03.08.2017, 12:46

Servus,

Zitat:

Aber die Software hat jemand anderes installiert. Und hatte die von irgendwem für irgendwas. Also diese Software brauch ich nicht und sie könnte definitiv weg.

Ok, dann machen wir jetzt folgendes:

Schritt 1

Deinstalliere über die Systemsteuerung (Bebilderte Anleitung):
- MailStyler
Starte den Rechner im Anschluss neu auf.

Schritt 3

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Bekommst du immer noch Meldungen von der Benutzerkontensteuerung bezüglich der Datei czlfnyii.exe?

Bitte poste mit deiner nächsten Antwort

die Beantwortung der gestellten Fragen,
die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).

Nicky_86 · 03.08.2017, 17:25

FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-07-2017
durchgeführt von Nicol (Administrator) auf DESKTOP-AESMRB4 (03-08-2017 18:16:59)
Gestartet von C:\Users\nicol\Desktop
Geladene Profile: Nicol (Verfügbare Profile: Nicol)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13650648 2013-08-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2017-06-03] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2017-06-03] (Lenovo(beijing) Limited)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [866224 2017-03-16] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2017-06-03] (Synaptics Incorporated)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [571928 2017-06-03] (Vimicro)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332STI.EXE [548864 2012-03-20] (Vimicro)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-10-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe [1910424 2017-06-06] ()
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3062560 2017-07-18] (Valve Corporation)
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe [1000288 2012-05-22] (AppEx Networks Corporation)
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9773272 2017-05-19] (Piriform Ltd)
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\Run: [MailStylerWarmup] => C:\Program Files (x86)\Delivery Tech Corp\MailStyler 1\MailStyler.exe /warmup
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [804352 2017-03-18] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2017-06-04]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.30.1
Tcpip\..\Interfaces\{4485d479-dc85-417b-827a-48be184f3958}: [DhcpNameServer] 192.168.30.1

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-11-15] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: csmnkq8q.default
FF ProfilePath: C:\Users\nicol\AppData\Roaming\Mozilla\Firefox\Profiles\csmnkq8q.default [2017-08-03]
FF Extension: (FEBE) - C:\Users\nicol\AppData\Roaming\Mozilla\Firefox\Profiles\csmnkq8q.default\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2017-06-03]
FF Extension: (Greasemonkey) - C:\Users\nicol\AppData\Roaming\Mozilla\Firefox\Profiles\csmnkq8q.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2017-06-04]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-06-04] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-06-04] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-04-06] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-04-06] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-04-06] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-04-06] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-11-15] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-11-15] (Microsoft Corporation)

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-10-29] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2251992 2017-07-03] (Broadcom Corporation.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [976600 2013-08-19] (Broadcom Corporation.)
S3 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2017-04-13] (Foxit Software Inc.)
S2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2017-03-16] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2169696 2017-07-11] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3149672 2017-07-11] (Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2017-06-03] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [82704 2017-06-03] (Advanced Micro Devices, Inc.)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111120 2017-06-03] (Advanced Micro Devices)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [173312 2017-07-03] (Broadcom Corporation.)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [7474864 2013-08-07] (Broadcom Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-27] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188352 2017-07-24] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-08-03] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-08-03] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-08-03] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-08-03] (Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek                                            )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410848 2017-06-03] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [648872 2017-06-03] (Vimicro Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-08-02 19:38 - 2017-08-02 19:39 - 000000000 ____D C:\Users\nicol\Downloads\mp_dust2_classic
2017-08-02 19:31 - 2017-08-02 19:31 - 034027011 _____ C:\Users\nicol\Downloads\mp_dust2_classic.rar
2017-08-01 21:59 - 2017-08-01 21:59 - 000001408 _____ C:\Users\nicol\Desktop\mbam.txt
2017-08-01 21:48 - 2017-08-01 21:48 - 008185288 _____ (Malwarebytes) C:\Users\nicol\Downloads\adwcleaner_7.0.1.0.exe
2017-08-01 20:49 - 2017-08-01 22:06 - 000033646 _____ C:\Users\nicol\Desktop\Addition.txt
2017-08-01 20:49 - 2017-08-01 20:54 - 000283112 _____ C:\Users\nicol\Desktop\TDSSKiller.3.1.0.15_01.08.2017_20.49.59_log.txt
2017-08-01 20:49 - 2017-08-01 20:49 - 004922400 _____ (AO Kaspersky Lab) C:\Users\nicol\Downloads\tdsskiller.exe
2017-08-01 20:49 - 2017-08-01 20:49 - 004922400 _____ (AO Kaspersky Lab) C:\Users\nicol\Desktop\tdsskiller.exe
2017-08-01 20:48 - 2017-08-03 18:17 - 000015688 _____ C:\Users\nicol\Desktop\FRST.txt
2017-08-01 20:48 - 2017-08-03 18:16 - 000000000 ____D C:\FRST
2017-08-01 20:48 - 2017-08-01 20:47 - 002381312 _____ (Farbar) C:\Users\nicol\Desktop\FRST64.exe
2017-08-01 20:47 - 2017-08-01 20:47 - 002381312 _____ (Farbar) C:\Users\nicol\Downloads\FRST64.exe
2017-07-31 17:39 - 2017-07-31 17:39 - 000034623 _____ C:\Users\nicol\Desktop\Anmeldung Gemeinde1.pdf
2017-07-31 17:36 - 2017-07-31 17:36 - 000040583 _____ C:\Users\nicol\Desktop\Anmeldung Gemeinde.pdf
2017-07-28 19:34 - 2017-07-28 19:34 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2090734139-1850318513-3907554720-1001
2017-07-28 19:34 - 2017-07-28 19:34 - 000000000 ___HD C:\OneDriveTemp
2017-07-26 18:35 - 2017-07-26 18:36 - 242020184 _____ (Lenovo Group Limited ) C:\Users\nicol\Downloads\0nwl01wb(1).exe
2017-07-26 17:31 - 2017-07-26 17:18 - 170242954 ____N C:\Users\nicol\Desktop\IMG_4516.MOV
2017-07-24 22:40 - 2017-08-01 21:52 - 000000971 _____ C:\Users\nicol\Desktop\Neues Textdokument.txt
2017-07-24 19:01 - 2017-08-03 18:15 - 000101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-07-24 19:01 - 2017-08-03 18:15 - 000093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-07-24 19:01 - 2017-08-03 18:15 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-07-24 19:01 - 2017-07-24 19:08 - 000188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-07-24 19:00 - 2017-08-03 18:15 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-24 19:00 - 2017-07-24 19:00 - 065033984 _____ (Malwarebytes ) C:\Users\nicol\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-07-24 19:00 - 2017-07-24 19:00 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-24 19:00 - 2017-07-24 19:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-24 19:00 - 2017-07-24 19:00 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-07-24 19:00 - 2017-07-24 19:00 - 000000000 ____D C:\Program Files\Malwarebytes
2017-07-24 19:00 - 2017-06-27 12:06 - 000077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-07-24 18:18 - 2017-08-01 21:52 - 000000000 ____D C:\AdwCleaner
2017-07-24 18:18 - 2017-07-24 18:18 - 008162248 _____ (Malwarebytes) C:\Users\nicol\Downloads\adwcleaner_7.0.0.0.exe
2017-07-24 18:17 - 2017-07-24 18:17 - 002611632 _____ C:\Users\nicol\Downloads\Adaware_Installer121856.exe
2017-07-24 18:17 - 2017-07-24 18:17 - 000000000 ____D C:\ProgramData\adaware
2017-07-24 17:43 - 2017-07-24 17:44 - 000000444 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2017-07-23 20:22 - 2017-07-23 20:22 - 000218129 _____ C:\Users\nicol\Downloads\h2testw_1.4.zip
2017-07-23 20:22 - 2017-07-23 20:22 - 000000000 ____D C:\Users\nicol\Downloads\h2testw_1.4
2017-07-20 22:30 - 2017-07-20 22:30 - 000070930 _____ C:\Users\nicol\Downloads\Tahin-Plätzchen.pdf
2017-07-20 22:29 - 2017-07-20 22:29 - 000072610 _____ C:\Users\nicol\Downloads\Ahle-Worschd-Kräppel.pdf
2017-07-20 22:27 - 2017-07-20 22:27 - 001235263 _____ C:\Users\nicol\Downloads\Smoothie_Flyer_wiss_Untersuchung_final.pdf
2017-07-20 17:27 - 2017-07-20 17:57 - 000000000 ____D C:\Users\nicol\OneDrive\Dokumente\MailStyler
2017-07-20 17:26 - 2017-07-20 17:26 - 000003682 _____ C:\WINDOWS\System32\Tasks\xuasqgut
2017-07-20 17:26 - 2017-07-20 17:26 - 000000000 __SHD C:\Users\nicol\xuasqgut
2017-07-20 17:26 - 2017-07-20 17:26 - 000000000 ____D C:\Users\nicol\AppData\Roaming\Obsidium
2017-07-20 17:26 - 2017-07-20 17:26 - 000000000 ____D C:\Users\nicol\AppData\Roaming\Delivery Tech Corp
2017-07-20 17:26 - 2017-03-18 23:00 - 000045216 ___SH (Microsoft Corporation) C:\Users\nicol\czlfnyii.exe
2017-07-20 17:25 - 2017-07-20 17:25 - 000000000 ____D C:\ProgramData\Delivery Tech Corp
2017-07-20 17:24 - 2017-08-03 18:13 - 000000000 ____D C:\Program Files (x86)\Delivery Tech Corp
2017-07-12 18:39 - 2017-07-12 18:39 - 002653569 _____ C:\Users\nicol\Desktop\Bilanz 5 Seiten.pdf
2017-07-12 18:39 - 2017-07-07 08:57 - 000626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-07-12 18:39 - 2017-07-07 08:39 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-07-12 18:39 - 2017-07-07 08:37 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-07-12 18:39 - 2017-07-07 08:31 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-07-12 18:39 - 2017-07-07 08:31 - 001518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-07-12 18:39 - 2017-07-07 08:30 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-07-12 18:39 - 2017-07-07 08:27 - 006759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-07-12 18:39 - 2017-07-07 08:26 - 001529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-07-12 18:39 - 2017-07-07 08:26 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-07-12 18:39 - 2017-07-07 08:23 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-07-12 18:39 - 2017-07-07 08:14 - 002956800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-07-12 18:39 - 2017-07-07 08:14 - 000790016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-07-12 18:39 - 2017-07-07 08:13 - 013839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-07-12 18:39 - 2017-07-07 08:12 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-07-12 18:39 - 2017-07-07 08:05 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-07-12 18:39 - 2017-07-07 08:04 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-07-12 18:39 - 2017-07-07 08:04 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-12 18:39 - 2017-07-07 08:02 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-07-12 18:39 - 2017-07-07 08:00 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-07-12 18:39 - 2017-07-07 08:00 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-07-12 18:39 - 2017-07-07 07:58 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-07-12 18:39 - 2017-07-07 07:58 - 002298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-07-12 18:39 - 2017-06-20 07:04 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-07-12 18:39 - 2017-06-20 07:04 - 000181656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-07-12 18:39 - 2017-06-20 07:03 - 005806048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-07-12 18:39 - 2017-06-20 07:02 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-12 18:39 - 2017-06-20 07:02 - 001121928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-07-12 18:39 - 2017-06-20 07:00 - 002597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-12 18:39 - 2017-06-20 06:40 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-07-12 18:39 - 2017-06-20 06:40 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-07-12 18:39 - 2017-06-20 06:39 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-12 18:39 - 2017-06-20 06:38 - 001451008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-07-12 18:39 - 2017-06-20 06:38 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-07-12 18:39 - 2017-06-20 06:38 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-07-12 18:39 - 2017-06-20 06:36 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-07-12 18:39 - 2017-06-20 06:35 - 002132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-12 18:39 - 2017-06-20 06:34 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-07-12 18:39 - 2017-06-20 06:34 - 002211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-07-12 18:39 - 2017-06-20 06:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-07-12 18:38 - 2017-07-07 16:00 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2017-07-12 18:38 - 2017-07-07 09:27 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-07-12 18:38 - 2017-07-07 09:26 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-07-12 18:38 - 2017-07-07 09:25 - 000899824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-07-12 18:38 - 2017-07-07 09:24 - 000117664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-07-12 18:38 - 2017-07-07 09:23 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-07-12 18:38 - 2017-07-07 09:22 - 008318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-12 18:38 - 2017-07-07 09:22 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-07-12 18:38 - 2017-07-07 09:21 - 032688336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2017-07-12 18:38 - 2017-07-07 09:21 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-12 18:38 - 2017-07-07 09:20 - 002021680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-07-12 18:38 - 2017-07-07 09:20 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-07-12 18:38 - 2017-07-07 09:20 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-07-12 18:38 - 2017-07-07 09:20 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-07-12 18:38 - 2017-07-07 09:14 - 007325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-07-12 18:38 - 2017-07-07 09:14 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-07-12 18:38 - 2017-07-07 09:14 - 001760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-07-12 18:38 - 2017-07-07 09:13 - 000554392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-07-12 18:38 - 2017-07-07 09:13 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-07-12 18:38 - 2017-07-07 09:12 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-07-12 18:38 - 2017-07-07 09:12 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-07-12 18:38 - 2017-07-07 09:11 - 007904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-07-12 18:38 - 2017-07-07 09:11 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-07-12 18:38 - 2017-07-07 09:10 - 001670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-07-12 18:38 - 2017-07-07 09:10 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-07-12 18:38 - 2017-07-07 09:10 - 000254168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-07-12 18:38 - 2017-07-07 09:09 - 000041376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininitext.dll
2017-07-12 18:38 - 2017-07-07 09:07 - 001106848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-07-12 18:38 - 2017-07-07 09:07 - 000058488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-07-12 18:38 - 2017-07-07 08:57 - 000125344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2017-07-12 18:38 - 2017-07-07 08:40 - 023677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-07-12 18:38 - 2017-07-07 08:39 - 000096128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-07-12 18:38 - 2017-07-07 08:37 - 031652264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2017-07-12 18:38 - 2017-07-07 08:37 - 001339352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-07-12 18:38 - 2017-07-07 08:31 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-07-12 18:38 - 2017-07-07 08:30 - 000949920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2017-07-12 18:38 - 2017-07-07 08:30 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-07-12 18:38 - 2017-07-07 08:29 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-07-12 18:38 - 2017-07-07 08:29 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2017-07-12 18:38 - 2017-07-07 08:27 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-07-12 18:38 - 2017-07-07 08:27 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2017-07-12 18:38 - 2017-07-07 08:27 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-07-12 18:38 - 2017-07-07 08:26 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-07-12 18:38 - 2017-07-07 08:26 - 017364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-07-12 18:38 - 2017-07-07 08:26 - 001195240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-07-12 18:38 - 2017-07-07 08:25 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininitext.dll
2017-07-12 18:38 - 2017-07-07 08:24 - 001517472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-07-12 18:38 - 2017-07-07 08:23 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-07-12 18:38 - 2017-07-07 08:23 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-07-12 18:38 - 2017-07-07 08:22 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-07-12 18:38 - 2017-07-07 08:22 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2017-07-12 18:38 - 2017-07-07 08:20 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-12 18:38 - 2017-07-07 08:20 - 008331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-07-12 18:38 - 2017-07-07 08:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2017-07-12 18:38 - 2017-07-07 08:19 - 007149056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-07-12 18:38 - 2017-07-07 08:19 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-07-12 18:38 - 2017-07-07 08:19 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-07-12 18:38 - 2017-07-07 08:18 - 007336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-12 18:38 - 2017-07-07 08:18 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2017-07-12 18:38 - 2017-07-07 08:18 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-07-12 18:38 - 2017-07-07 08:18 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2017-07-12 18:38 - 2017-07-07 08:17 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-07-12 18:38 - 2017-07-07 08:17 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-07-12 18:38 - 2017-07-07 08:17 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-12 18:38 - 2017-07-07 08:17 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-07-12 18:38 - 2017-07-07 08:16 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-12 18:38 - 2017-07-07 08:16 - 000545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-07-12 18:38 - 2017-07-07 08:15 - 008238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-07-12 18:38 - 2017-07-07 08:15 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-07-12 18:38 - 2017-07-07 08:14 - 008211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-07-12 18:38 - 2017-07-07 08:14 - 003784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-07-12 18:38 - 2017-07-07 08:14 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-07-12 18:38 - 2017-07-07 08:14 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-07-12 18:38 - 2017-07-07 08:13 - 005892096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-07-12 18:38 - 2017-07-07 08:12 - 004730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-12 18:38 - 2017-07-07 08:12 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-12 18:38 - 2017-07-07 08:12 - 002499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-07-12 18:38 - 2017-07-07 08:12 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-07-12 18:38 - 2017-07-07 08:12 - 001142272 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-07-12 18:38 - 2017-07-07 08:12 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-07-12 18:38 - 2017-07-07 08:11 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-07-12 18:38 - 2017-07-07 08:11 - 001888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-07-12 18:38 - 2017-07-07 08:11 - 001812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-07-12 18:38 - 2017-07-07 08:10 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-07-12 18:38 - 2017-07-07 08:10 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-07-12 18:38 - 2017-07-07 08:10 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll
2017-07-12 18:38 - 2017-07-07 08:09 - 020504576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-07-12 18:38 - 2017-07-07 08:09 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-07-12 18:38 - 2017-07-07 08:08 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-07-12 18:38 - 2017-07-07 08:07 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-07-12 18:38 - 2017-07-07 08:07 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2017-07-12 18:38 - 2017-07-07 08:06 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-07-12 18:38 - 2017-07-07 08:06 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2017-07-12 18:38 - 2017-07-07 08:06 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2017-07-12 18:38 - 2017-07-07 08:05 - 019335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-12 18:38 - 2017-07-07 08:05 - 011870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-12 18:38 - 2017-07-07 08:05 - 005719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-07-12 18:38 - 2017-07-07 08:05 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-07-12 18:38 - 2017-07-07 08:05 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-07-12 18:38 - 2017-07-07 08:04 - 005961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-12 18:38 - 2017-07-07 08:04 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-07-12 18:38 - 2017-07-07 08:04 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-07-12 18:38 - 2017-07-07 08:04 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2017-07-12 18:38 - 2017-07-07 08:03 - 006123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-07-12 18:38 - 2017-07-07 08:03 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-07-12 18:38 - 2017-07-07 08:03 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-07-12 18:38 - 2017-07-07 08:02 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-07-12 18:38 - 2017-07-07 08:01 - 006287360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-07-12 18:38 - 2017-07-07 08:01 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-12 18:38 - 2017-07-07 08:00 - 007596544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-07-12 18:38 - 2017-07-07 08:00 - 002588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-07-12 18:38 - 2017-07-07 08:00 - 001626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-07-12 18:38 - 2017-07-07 08:00 - 001565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-07-12 18:38 - 2017-07-07 07:59 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-07-12 18:38 - 2017-07-07 07:59 - 003656704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-12 18:38 - 2017-07-07 07:59 - 001494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-07-12 18:38 - 2017-07-07 07:59 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-07-12 18:38 - 2017-07-07 07:59 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-07-12 18:38 - 2017-07-07 07:58 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-07-12 18:38 - 2017-07-07 07:58 - 001237504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-07-12 18:38 - 2017-07-07 07:55 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2017-07-12 18:38 - 2017-07-07 07:55 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-07-12 18:38 - 2017-07-07 07:53 - 001301504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-07-12 18:38 - 2017-07-07 07:53 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-07-12 18:38 - 2017-07-02 00:52 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-07-12 18:38 - 2017-06-20 08:17 - 000034720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-07-12 18:38 - 2017-06-20 08:16 - 000335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-07-12 18:38 - 2017-06-20 08:15 - 000233376 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-07-12 18:38 - 2017-06-20 08:11 - 001395152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-07-12 18:38 - 2017-06-20 08:11 - 000411992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2017-07-12 18:38 - 2017-06-20 08:10 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-07-12 18:38 - 2017-06-20 08:10 - 001930320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-07-12 18:38 - 2017-06-20 08:08 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-07-12 18:38 - 2017-06-20 08:06 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-07-12 18:38 - 2017-06-20 08:05 - 001057832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-07-12 18:38 - 2017-06-20 08:04 - 004847424 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-07-12 18:38 - 2017-06-20 08:03 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-07-12 18:38 - 2017-06-20 08:03 - 000102312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialUIBroker.exe
2017-07-12 18:38 - 2017-06-20 08:02 - 002645688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-07-12 18:38 - 2017-06-20 08:02 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-07-12 18:38 - 2017-06-20 08:00 - 000142752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-07-12 18:38 - 2017-06-20 07:59 - 006554928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-07-12 18:38 - 2017-06-20 07:59 - 001220072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-07-12 18:38 - 2017-06-20 07:59 - 000467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-07-12 18:38 - 2017-06-20 07:58 - 000833160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-07-12 18:38 - 2017-06-20 07:57 - 002681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-07-12 18:38 - 2017-06-20 07:57 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-07-12 18:38 - 2017-06-20 07:34 - 000192416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-07-12 18:38 - 2017-06-20 07:15 - 001620368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-07-12 18:38 - 2017-06-20 07:15 - 000455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2017-07-12 18:38 - 2017-06-20 07:14 - 001150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-07-12 18:38 - 2017-06-20 07:13 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-07-12 18:38 - 2017-06-20 07:13 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2017-07-12 18:38 - 2017-06-20 07:12 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-07-12 18:38 - 2017-06-20 07:12 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-07-12 18:38 - 2017-06-20 07:12 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2017-07-12 18:38 - 2017-06-20 07:11 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-07-12 18:38 - 2017-06-20 07:11 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-07-12 18:38 - 2017-06-20 07:10 - 000722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-07-12 18:38 - 2017-06-20 07:10 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-07-12 18:38 - 2017-06-20 07:10 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2017-07-12 18:38 - 2017-06-20 07:10 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-07-12 18:38 - 2017-06-20 07:09 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2017-07-12 18:38 - 2017-06-20 07:09 - 000406032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-07-12 18:38 - 2017-06-20 07:09 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2017-07-12 18:38 - 2017-06-20 07:09 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2017-07-12 18:38 - 2017-06-20 07:09 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-07-12 18:38 - 2017-06-20 07:09 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-07-12 18:38 - 2017-06-20 07:09 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-07-12 18:38 - 2017-06-20 07:08 - 004469840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-07-12 18:38 - 2017-06-20 07:08 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-07-12 18:38 - 2017-06-20 07:08 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-07-12 18:38 - 2017-06-20 07:08 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2017-07-12 18:38 - 2017-06-20 07:08 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-07-12 18:38 - 2017-06-20 07:08 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-07-12 18:38 - 2017-06-20 07:08 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-07-12 18:38 - 2017-06-20 07:07 - 002475136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-07-12 18:38 - 2017-06-20 07:07 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-07-12 18:38 - 2017-06-20 07:07 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2017-07-12 18:38 - 2017-06-20 07:07 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2017-07-12 18:38 - 2017-06-20 07:07 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-07-12 18:38 - 2017-06-20 07:07 - 000510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-07-12 18:38 - 2017-06-20 07:07 - 000346016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-07-12 18:38 - 2017-06-20 07:07 - 000138656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-07-12 18:38 - 2017-06-20 07:06 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-07-12 18:38 - 2017-06-20 07:06 - 000847872 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-07-12 18:38 - 2017-06-20 07:06 - 000754592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-07-12 18:38 - 2017-06-20 07:06 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-12 18:38 - 2017-06-20 07:06 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-07-12 18:38 - 2017-06-20 07:06 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-07-12 18:38 - 2017-06-20 07:06 - 000278944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-07-12 18:38 - 2017-06-20 07:05 - 004447744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-07-12 18:38 - 2017-06-20 07:05 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-07-12 18:38 - 2017-06-20 07:05 - 000585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-07-12 18:38 - 2017-06-20 07:05 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-07-12 18:38 - 2017-06-20 07:05 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-07-12 18:38 - 2017-06-20 07:05 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-07-12 18:38 - 2017-06-20 07:05 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-07-12 18:38 - 2017-06-20 07:05 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-07-12 18:38 - 2017-06-20 07:04 - 001818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-07-12 18:38 - 2017-06-20 07:04 - 001425920 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-07-12 18:38 - 2017-06-20 07:04 - 001178528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-07-12 18:38 - 2017-06-20 07:04 - 001177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-07-12 18:38 - 2017-06-20 07:04 - 001077496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2017-07-12 18:38 - 2017-06-20 07:04 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2017-07-12 18:38 - 2017-06-20 07:04 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-07-12 18:38 - 2017-06-20 07:04 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-07-12 18:38 - 2017-06-20 07:04 - 000049656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msasn1.dll
2017-07-12 18:38 - 2017-06-20 07:03 - 002077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-07-12 18:38 - 2017-06-20 07:03 - 000864240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-07-12 18:38 - 2017-06-20 07:03 - 000443728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2017-07-12 18:38 - 2017-06-20 07:02 - 000354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-07-12 18:38 - 2017-06-20 07:01 - 004536320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-07-12 18:38 - 2017-06-20 07:01 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-07-12 18:38 - 2017-06-20 07:01 - 003803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-07-12 18:38 - 2017-06-20 07:01 - 001076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-07-12 18:38 - 2017-06-20 07:01 - 000176032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-07-12 18:38 - 2017-06-20 07:00 - 002171392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-07-12 18:38 - 2017-06-20 06:59 - 002938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-07-12 18:38 - 2017-06-20 06:59 - 001674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-07-12 18:38 - 2017-06-20 06:56 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-07-12 18:38 - 2017-06-20 06:54 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-07-12 18:38 - 2017-06-20 06:49 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2017-07-12 18:38 - 2017-06-20 06:49 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-07-12 18:38 - 2017-06-20 06:46 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-12 18:38 - 2017-06-20 06:45 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll
2017-07-12 18:38 - 2017-06-20 06:45 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-07-12 18:38 - 2017-06-20 06:43 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-07-12 18:38 - 2017-06-20 06:43 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2017-07-12 18:38 - 2017-06-20 06:43 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2017-07-12 18:38 - 2017-06-20 06:43 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-07-12 18:38 - 2017-06-20 06:43 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-07-12 18:38 - 2017-06-20 06:43 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-07-12 18:38 - 2017-06-20 06:43 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2017-07-12 18:38 - 2017-06-20 06:42 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2017-07-12 18:38 - 2017-06-20 06:42 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2017-07-12 18:38 - 2017-06-20 06:42 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-07-12 18:38 - 2017-06-20 06:42 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-07-12 18:38 - 2017-06-20 06:42 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-07-12 18:38 - 2017-06-20 06:42 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-07-12 18:38 - 2017-06-20 06:41 - 000734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-07-12 18:38 - 2017-06-20 06:41 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2017-07-12 18:38 - 2017-06-20 06:41 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-07-12 18:38 - 2017-06-20 06:41 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-07-12 18:38 - 2017-06-20 06:41 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-07-12 18:38 - 2017-06-20 06:40 - 000342016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-07-12 18:38 - 2017-06-20 06:40 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-07-12 18:38 - 2017-06-20 06:40 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-07-12 18:38 - 2017-06-20 06:40 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-07-12 18:38 - 2017-06-20 06:39 - 002814464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2017-07-12 18:38 - 2017-06-20 06:39 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-07-12 18:38 - 2017-06-20 06:39 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2017-07-12 18:38 - 2017-06-20 06:39 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2017-07-12 18:38 - 2017-06-20 06:39 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-07-12 18:38 - 2017-06-20 06:38 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-07-12 18:38 - 2017-06-20 06:38 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-12 18:38 - 2017-06-20 06:38 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2017-07-12 18:38 - 2017-06-20 06:37 - 002008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-07-12 18:38 - 2017-06-20 06:35 - 002679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-07-12 18:38 - 2017-06-20 06:35 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-07-12 18:38 - 2017-06-20 06:34 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-07-12 18:38 - 2017-06-20 06:34 - 001492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-07-12 18:38 - 2017-06-20 06:34 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-07-12 18:38 - 2017-06-20 06:31 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-07-12 18:38 - 2017-06-20 06:30 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdmaud.drv
2017-07-12 18:38 - 2017-06-20 06:30 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-07-12 18:38 - 2017-06-20 06:28 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-07-12 18:37 - 2017-07-07 09:27 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-07-12 18:37 - 2017-07-07 09:27 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-07-12 18:37 - 2017-07-07 09:27 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-07-12 18:37 - 2017-07-07 09:27 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-07-12 18:37 - 2017-07-07 09:22 - 000119384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-07-12 18:37 - 2017-07-07 09:17 - 001017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-07-12 18:37 - 2017-07-07 09:15 - 002444696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-07-12 18:37 - 2017-07-07 09:14 - 001171032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2017-07-12 18:37 - 2017-07-07 09:13 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-07-12 18:37 - 2017-07-07 09:13 - 000147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2017-07-12 18:37 - 2017-07-07 09:12 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-07-12 18:37 - 2017-07-07 09:10 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-07-12 18:37 - 2017-07-07 09:10 - 001337848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-07-12 18:37 - 2017-07-07 09:10 - 000372128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 002229152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 001854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 001693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 001458584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 001100704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 000992672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 000848280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 000846752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-07-12 18:37 - 2017-07-07 09:08 - 000844704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 000699808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 000672672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 000506776 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-07-12 18:37 - 2017-07-07 09:08 - 000399264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-07-12 18:37 - 2017-07-07 08:27 - 001640448 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-07-12 18:37 - 2017-07-07 08:27 - 001050624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-07-12 18:37 - 2017-07-07 08:27 - 000859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-07-12 18:37 - 2017-07-07 08:27 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2017-07-12 18:37 - 2017-07-07 08:27 - 000443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-07-12 18:37 - 2017-07-07 08:25 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-07-12 18:37 - 2017-07-07 08:24 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-07-12 18:37 - 2017-07-07 08:23 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-07-12 18:37 - 2017-07-07 08:23 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll
2017-07-12 18:37 - 2017-07-07 08:22 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-07-12 18:37 - 2017-07-07 08:21 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2017-07-12 18:37 - 2017-07-07 08:21 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-07-12 18:37 - 2017-07-07 08:19 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-07-12 18:37 - 2017-07-07 08:19 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2017-07-12 18:37 - 2017-07-07 08:18 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-07-12 18:37 - 2017-07-07 08:17 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-07-12 18:37 - 2017-07-07 08:17 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-07-12 18:37 - 2017-07-07 08:17 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-07-12 18:37 - 2017-07-07 08:16 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-07-12 18:37 - 2017-07-07 08:14 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-07-12 18:37 - 2017-07-07 08:14 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-07-12 18:37 - 2017-07-07 08:13 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-07-12 18:37 - 2017-07-07 08:12 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-07-12 18:37 - 2017-07-07 08:12 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-07-12 18:37 - 2017-07-07 08:12 - 001420800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-07-12 18:37 - 2017-07-07 08:12 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-07-12 18:37 - 2017-07-07 08:11 - 003139584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-07-12 18:37 - 2017-07-07 08:11 - 002649600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-07-12 18:37 - 2017-07-07 08:11 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-07-12 18:37 - 2017-07-07 08:11 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-07-12 18:37 - 2017-07-07 08:11 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-07-12 18:37 - 2017-07-07 08:10 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-12 18:37 - 2017-07-07 08:10 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-07-12 18:37 - 2017-07-07 08:07 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-07-12 18:37 - 2017-07-07 08:07 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2017-07-12 18:37 - 2017-07-07 08:05 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-07-12 18:37 - 2017-07-07 08:04 - 001703424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-07-12 18:37 - 2017-07-07 08:04 - 001403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-07-12 18:37 - 2017-06-20 08:18 - 001564576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-07-12 18:37 - 2017-06-20 08:18 - 000096672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-07-12 18:37 - 2017-06-20 08:17 - 000629152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-07-12 18:37 - 2017-06-20 08:17 - 000544160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-07-12 18:37 - 2017-06-20 08:17 - 000334240 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-07-12 18:37 - 2017-06-20 08:17 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-07-12 18:37 - 2017-06-20 08:16 - 001214880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-07-12 18:37 - 2017-06-20 08:04 - 000472728 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-07-12 18:37 - 2017-06-20 08:03 - 000179608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-07-12 18:37 - 2017-06-20 08:02 - 000426912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-07-12 18:37 - 2017-06-20 08:00 - 000558920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-07-12 18:37 - 2017-06-20 08:00 - 000255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-07-12 18:37 - 2017-06-20 07:59 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-07-12 18:37 - 2017-06-20 07:59 - 000583304 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-07-12 18:37 - 2017-06-20 07:58 - 000406072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-07-12 18:37 - 2017-06-20 07:58 - 000203168 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-07-12 18:37 - 2017-06-20 07:16 - 000970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2017-07-12 18:37 - 2017-06-20 07:16 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-07-12 18:37 - 2017-06-20 07:14 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-07-12 18:37 - 2017-06-20 07:13 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-12 18:37 - 2017-06-20 07:13 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2017-07-12 18:37 - 2017-06-20 07:13 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
2017-07-12 18:37 - 2017-06-20 07:12 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-07-12 18:37 - 2017-06-20 07:12 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-07-12 18:37 - 2017-06-20 07:10 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-07-12 18:37 - 2017-06-20 07:10 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-07-12 18:37 - 2017-06-20 07:09 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2017-07-12 18:37 - 2017-06-20 07:09 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-07-12 18:37 - 2017-06-20 07:09 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-07-12 18:37 - 2017-06-20 07:09 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2017-07-12 18:37 - 2017-06-20 07:09 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-07-12 18:37 - 2017-06-20 07:09 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2017-07-12 18:37 - 2017-06-20 07:08 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2017-07-12 18:37 - 2017-06-20 07:08 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-07-12 18:37 - 2017-06-20 07:07 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-07-12 18:37 - 2017-06-20 07:07 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-07-12 18:37 - 2017-06-20 07:07 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-07-12 18:37 - 2017-06-20 07:07 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-07-12 18:37 - 2017-06-20 07:06 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-07-12 18:37 - 2017-06-20 07:06 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-07-12 18:37 - 2017-06-20 07:06 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-07-12 18:37 - 2017-06-20 07:06 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-07-12 18:37 - 2017-06-20 07:05 - 002873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2017-07-12 18:37 - 2017-06-20 07:05 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-07-12 18:37 - 2017-06-20 07:05 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-07-12 18:37 - 2017-06-20 07:05 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2017-07-12 18:37 - 2017-06-20 07:05 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-07-12 18:37 - 2017-06-20 07:04 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-07-12 18:37 - 2017-06-20 07:03 - 001396224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-07-12 18:37 - 2017-06-20 07:02 - 003204096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-07-12 18:37 - 2017-06-20 07:02 - 002804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-07-12 18:37 - 2017-06-20 07:02 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-07-12 18:37 - 2017-06-20 07:02 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-07-12 18:37 - 2017-06-20 07:02 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2017-07-12 18:37 - 2017-06-20 07:01 - 003332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-07-12 18:37 - 2017-06-20 07:01 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-07-12 18:37 - 2017-06-20 07:01 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-07-12 18:37 - 2017-06-20 07:01 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-07-12 18:37 - 2017-06-20 07:00 - 003057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-07-12 18:37 - 2017-06-20 06:59 - 001357824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-07-12 18:37 - 2017-06-20 06:58 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-07-12 18:37 - 2017-06-20 06:57 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2017-07-12 18:37 - 2017-06-20 06:57 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2017-07-12 18:37 - 2017-06-20 06:56 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-07-12 18:37 - 2017-06-20 06:56 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdmaud.drv
2017-07-12 18:09 - 2017-07-12 18:09 - 001077755 _____ C:\Users\nicol\Downloads\scanner@fuhrmann-steuerberatung.de_20170712_07.rar
2017-07-12 18:06 - 2017-07-12 18:06 - 001539146 _____ C:\Users\nicol\Downloads\scanner@fuhrmann-steuerberatung.de_20170712_07.tif
2017-07-11 18:25 - 2017-07-11 18:25 - 000000000 ____D C:\Users\nicol\AppData\Local\Foxit PhantomPDF
2017-07-11 18:16 - 2017-07-11 18:16 - 000001162 _____ C:\Users\Public\Desktop\Foxit PhantomPDF.lnk
2017-07-11 18:16 - 2017-07-11 18:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2017-07-11 17:44 - 2017-07-12 18:09 - 000748096 _____ C:\Users\nicol\Desktop\Bilanz_GuV.pptx
2017-07-11 17:38 - 2017-07-11 17:38 - 000045502 _____ C:\Users\nicol\Desktop\Bilanz lang.pdf
2017-07-11 17:26 - 2017-07-12 18:01 - 000360786 _____ C:\Users\nicol\Desktop\Präsentation Liquidität.pptx
2017-07-11 17:25 - 2017-07-11 17:25 - 000381033 _____ C:\Users\nicol\Downloads\Präsentation11.pptx
2017-07-04 14:59 - 2017-07-04 14:59 - 000000000 ____D C:\ProgramData\Microsoft OneDrive

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-08-03 18:15 - 2017-07-03 20:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-03 18:15 - 2017-06-03 18:19 - 000000000 ____D C:\Users\nicol\AppData\LocalLow\Mozilla
2017-08-03 18:14 - 2017-07-03 20:03 - 000000000 ____D C:\Users\nicol
2017-08-03 18:14 - 2017-06-03 20:32 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-08-03 18:14 - 2017-06-03 19:24 - 000000000 ____D C:\Users\nicol\AppData\Roaming\UseNeXT
2017-08-03 18:14 - 2017-03-18 13:40 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-08-03 18:06 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-03 18:03 - 2017-07-03 19:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-02 19:00 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-01 21:58 - 2017-06-03 17:51 - 002313510 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-01 21:58 - 2017-03-20 06:41 - 001055522 _____ C:\WINDOWS\system32\perfh007.dat
2017-08-01 21:58 - 2017-03-20 06:41 - 000232730 _____ C:\WINDOWS\system32\perfc007.dat
2017-08-01 21:51 - 2017-06-04 15:49 - 000000008 __RSH C:\ProgramData\ntuser.pol
2017-07-31 19:19 - 2017-06-04 13:42 - 000002172 _____ C:\Users\nicol\Desktop\Call of Duty(R) 4 - Bots.lnk
2017-07-31 18:33 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-07-31 17:39 - 2017-06-03 18:34 - 000000000 ____D C:\Users\nicol\AppData\Roaming\Foxit Software
2017-07-28 19:34 - 2017-06-03 17:54 - 000002387 _____ C:\Users\nicol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-07-28 19:34 - 2017-06-03 17:54 - 000000000 ___RD C:\Users\nicol\OneDrive
2017-07-27 20:38 - 2017-06-04 14:29 - 000000000 ____D C:\Program Files (x86)\Origin
2017-07-26 17:59 - 2017-06-04 14:28 - 000000000 ____D C:\Users\nicol\AppData\Local\ElevatedDiagnostics
2017-07-24 19:51 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-07-24 18:36 - 2017-07-03 19:58 - 000394400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-23 21:34 - 2017-06-03 18:36 - 000000000 ____D C:\ProgramData\Sonos,_Inc
2017-07-18 22:35 - 2017-06-03 19:37 - 000000000 ____D C:\Program Files (x86)\Steam
2017-07-18 19:20 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-07-15 11:35 - 2017-06-03 19:36 - 000000000 ____D C:\Users\nicol\AppData\Roaming\WhatsApp
2017-07-14 16:47 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-07-12 19:17 - 2017-06-03 17:51 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ___RD C:\Program Files\Windows Defender
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\migwiz
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-12 19:14 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-07-12 18:55 - 2017-06-03 19:36 - 000002242 _____ C:\Users\nicol\Desktop\WhatsApp.lnk
2017-07-12 18:55 - 2017-06-03 19:36 - 000000000 ____D C:\Users\nicol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2017-07-12 18:55 - 2017-06-03 19:36 - 000000000 ____D C:\Users\nicol\AppData\Local\WhatsApp
2017-07-12 18:55 - 2017-06-03 19:35 - 000000000 ____D C:\Users\nicol\AppData\Local\SquirrelTemp
2017-07-12 18:50 - 2017-06-19 15:05 - 000000000 ____D C:\Program Files\ReviverSoft
2017-07-12 18:46 - 2017-07-03 21:55 - 000001347 _____ C:\Users\nicol\Desktop\GoPro - Verknüpfung.lnk
2017-07-12 18:46 - 2017-06-19 15:05 - 000001292 _____ C:\Users\nicol\Desktop\Windows 10 Manager.lnk
2017-07-12 18:46 - 2017-06-19 15:05 - 000001282 _____ C:\Users\nicol\Desktop\1-Click Cleaner.lnk
2017-07-12 18:46 - 2017-06-18 19:26 - 000001258 _____ C:\Users\nicol\Desktop\MP3 to iPod Audio Book Converter.lnk
2017-07-12 18:46 - 2017-06-18 19:14 - 000001190 _____ C:\Users\nicol\Desktop\Syncios.lnk
2017-07-12 18:46 - 2017-06-05 11:11 - 000001072 _____ C:\Users\nicol\Desktop\HeavyLoad.lnk
2017-07-12 18:46 - 2017-06-03 19:24 - 000001930 _____ C:\Users\nicol\Desktop\UseNeXT by Tangysoft.lnk
2017-07-12 18:46 - 2017-06-03 18:28 - 000001080 _____ C:\Users\nicol\Desktop\SpeedFan.lnk
2017-07-12 18:42 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-07-12 18:41 - 2017-06-03 18:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-07-12 18:39 - 2017-06-03 18:50 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-11 18:22 - 2017-06-04 16:01 - 000000000 ____D C:\Users\nicol\AppData\Local\Adobe
2017-07-11 18:16 - 2017-06-03 18:34 - 000000000 ____D C:\Users\Public\Foxit Software
2017-07-11 18:15 - 2017-06-04 14:29 - 000000000 ____D C:\ProgramData\Package Cache
2017-07-11 18:15 - 2017-06-03 18:34 - 000000000 ____D C:\Program Files (x86)\Foxit Software
2017-07-11 17:26 - 2017-06-03 17:51 - 000000000 ____D C:\Users\nicol\AppData\Local\Packages
2017-07-05 09:57 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\appcompat
2017-07-04 21:43 - 2017-06-03 18:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-04 21:43 - 2017-06-03 18:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-07-04 14:59 - 2017-06-11 12:38 - 000000000 ____D C:\Users\Public\CineForm
2017-07-04 14:58 - 2017-06-03 18:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sda

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-06-04 14:35 - 2017-06-04 14:35 - 000079466 _____ () C:\ProgramData\cl.1496579652.bdinstall.bin
2017-07-03 19:59 - 2017-07-03 19:59 - 000000000 ____H () C:\ProgramData\DP45977C.lfl

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\nicol\czlfnyii.exe


Einige Dateien in TEMP:
====================
2017-07-03 21:38 - 2017-07-03 21:57 - 000000000 ____D () C:\Users\nicol\AppData\Local\Temp\SynciosDeviceService.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-07-26 18:43

==================== Ende von FRST.txt ============================

Addition 1/2

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-07-2017
durchgeführt von Nicol (03-08-2017 18:18:12)
Gestartet von C:\Users\nicol\Desktop
Windows 10 Pro Version 1703 (X64) (2017-07-03 19:20:59)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2090734139-1850318513-3907554720-500 - Administrator - Enabled)
DefaultAccount (S-1-5-21-2090734139-1850318513-3907554720-503 - Limited - Disabled)
Gast (S-1-5-21-2090734139-1850318513-3907554720-501 - Limited - Disabled)
Nicol (S-1-5-21-2090734139-1850318513-3907554720-1001 - Administrator - Enabled) => C:\Users\nicol

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Activision(R) (HKLM-x32\...\{589A63D3-89E1-4D9B-8DBC-6039BB27289E}) (Version: 1.00.0000 - Activision) Hidden
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (HKLM-x32\...\{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (HKLM-x32\...\{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios)
AMD Catalyst Install Manager (HKLM\...\{9268D25B-C6DE-1579-01AB-E61CC0C6C8A8}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.26.0 - AppEx Networks)
Apple Application Support (32-Bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Blur(TM) (HKLM-x32\...\InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}) (Version: 1.00.0000 - Activision)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite DCP-J4110DW (HKLM-x32\...\{DD98C438-D769-4677-AA87-3481FA32D20C}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch (HKLM-x32\...\{5D7767FA-7FE8-4627-9F09-AEF7A25F1E07}) (Version: 1.1 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch (HKLM-x32\...\InstallShield_{5D7767FA-7FE8-4627-9F09-AEF7A25F1E07}) (Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch (HKLM-x32\...\{E5141379-B2D9-4BBC-BB2A-5805541571DD}) (Version: 1.2 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch (HKLM-x32\...\InstallShield_{E5141379-B2D9-4BBC-BB2A-5805541571DD}) (Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch (HKLM-x32\...\{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}) (Version: 1.3 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch (HKLM-x32\...\InstallShield_{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}) (Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (HKLM-x32\...\{3BD633E0-4BF8-4499-9149-88F0767D449C}) (Version: 1.4 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (HKLM-x32\...\InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}) (Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch (HKLM-x32\...\InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}) (Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch (HKLM-x32\...\{8503C901-85D7-4262-88D2-8D8B2A7B08B8}) (Version: 1.5 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version: 1.7 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version:  - ) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.3 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.3 - Lenovo)
Foxit PhantomPDF Business (HKLM-x32\...\{05594894-9B62-4D66-BC12-4DA14CA22F28}) (Version: 7.3.6.321 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.3.0.14878 - Foxit Software Inc.)
GoPro Studio (HKLM-x32\...\{BE06FF1A-83A0-42F2-913E-6E405393145C}) (Version: 5.12.5383 - GoPro, Inc.) Hidden
HeavyLoad V3.3 (64 bit) (HKLM\...\HeavyLoad_is1) (Version: 3.3 - JAM Software)
HolmeZ (HKLM-x32\...\{886AF6B6-CEFA-4B18-946F-3389B3EAB53F}) (Version: 2.2.0 - HolmeZ SoftSolutions Pte. Ltd.)
ImpactWinter (HKLM-x32\...\ImpactWinter_is1) (Version:  - )
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.7800 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}) (Version: 1.12.824.1 - Vimicro)
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.223.143 - Lenovo)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3 - Mozilla)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.16.25850 - Electronic Arts, Inc.)
Outils de vérification linguistique 2016 de Microsoft Office*- Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Quik (HKLM\...\{DF7EE9CB-0369-44F3-9B91-BF05A2D4891D}) (Version: 0.1.5383 - GoPro, Inc.) Hidden
Quik (HKLM-x32\...\{b15a4fb5-7637-45ca-b230-33d94af786a7}) (Version: 2.3.0.5383 - GoPro, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Setup Launcher Unicode 2 (HKLM-x32\...\Setup Launcher Unicode 2) (Version: 2 - Delivery Tech Corp)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 35.3.39010 - Sonos, Inc.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
StartIsBack++ (HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\StartIsBack) (Version: 2.0.9 - startisback.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Strumenti di correzione di Microsoft Office 2016 - Italiano (HKLM\...\{90160000-001F-0410-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Syncios 6.1.4 (HKLM-x32\...\Syncios) (Version: 6.1.4 - Anvsoft)
Update for Skype for Business 2016 (KB3127980) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{63487652-EA1D-4817-B4EB-B3D29A441B8F}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB3127980) 64-Bit Edition (HKLM\...\{90160000-012B-0407-1000-0000000FF1CE}_Office16.PROPLUS_{63487652-EA1D-4817-B4EB-B3D29A441B8F}) (Version:  - Microsoft)
UpdateAssistant (HKLM-x32\...\{B302EECB-0DA5-46E6-8A58-127440F22CF1}) (Version: 1.7.0.0 - Microsoft Corporation) Hidden
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
VFW_Codec32 (HKLM-x32\...\{ECDB3455-70F4-4EE6-B89E-3B4C5E9FF592}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (HKLM\...\{AE4073DE-7596-4E3B-9DE3-18BE2C3EFAA6}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WhatsApp (HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\WhatsApp) (Version: 0.2.5093 - WhatsApp)
Windows 10 Manager (HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\Windows 10 Manager 2.1.0) (Version: 2.1.0 - Yamicsoft)
Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22211 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2090734139-1850318513-3907554720-1001_Classes\CLSID\{865e5e76-ad83-4dca-a109-50dc2113ce9b}\InprocServer32 -> C:\Users\nicol\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2090734139-1850318513-3907554720-1001_Classes\CLSID\{99E2B362-3E4E-4255-9B29-41A7F40777BA}\InprocServer32 -> C:\Users\nicol\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2090734139-1850318513-3907554720-1001_Classes\CLSID\{99E2B362-3E4E-4255-9B29-41A7F40777BB}\InprocServer32 -> C:\Users\nicol\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2090734139-1850318513-3907554720-1001_Classes\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c9}\InprocServer32 -> C:\Users\nicol\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2090734139-1850318513-3907554720-1001_Classes\CLSID\{AD1405D2-30CF-4877-8468-1EE1C52C759F}\InprocServer32 -> C:\Users\nicol\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2090734139-1850318513-3907554720-1001_Classes\CLSID\{c71c41f1-ddad-42dc-a8fc-f5bfc61df958}\InprocServer32 -> C:\Users\nicol\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
CustomCLSID: HKU\S-1-5-21-2090734139-1850318513-3907554720-1001_Classes\CLSID\{E5C31EC8-C5E6-4E07-957E-944DB4AAD85E}\InprocServer32 -> C:\Users\nicol\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2016-03-09] (Foxit Software Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-03-31] (Foxit Software Inc.)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-10-29] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-03-31] (Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0610F87F-A550-450A-A035-5C456A9E7B6C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-05-19] (Piriform Ltd)
Task: {68FB7FD1-276B-4523-91AA-FD7DC3AD791D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {8C32E0CE-CA4D-49F5-8215-03E94C016E86} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {D60E0F0A-9505-4292-A327-665F31384C79} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {DB4D389B-3BFA-402E-91F2-8F6A535DAC32} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2017-06-26] (Microsoft Corporation)
Task: {E797B448-1CDD-4CB3-9646-D66654AF3A7E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [2017-06-26] (Microsoft Corporation)
Task: {EC2425F0-9A52-4D41-8BFE-26F13DFF8319} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {FB962ED9-828F-485B-8A20-E89CD3EB2EEA} - System32\Tasks\xuasqgut => C:\Users\nicol\xuasqgut\czlfnyii.exe [2016-10-09] (AutoIt Team)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-10-29 09:41 - 2012-10-29 09:41 - 000073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-08-19 16:03 - 2013-08-19 16:03 - 000049368 _____ () C:\Program Files\Lenovo\Bluetooth Software\btwleapi.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-06-03 19:48 - 2005-04-22 06:36 - 000143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2017-07-24 19:00 - 2017-06-27 12:06 - 002260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-07-16 19:33 - 2017-07-16 19:33 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-16 19:33 - 2017-07-16 19:33 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-16 19:33 - 2017-07-16 19:33 - 043573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-16 19:33 - 2017-07-16 19:33 - 002435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll
2017-06-03 19:48 - 2009-02-27 16:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\Software\Classes\exefile:  <==== ACHTUNG
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\Software\Classes\.exe:  =>  <==== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 13:04 - 2017-06-19 14:02 - 000000901 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 hxxp://www.driver-soft.com
127.0.0.1 www.driver-soft.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\nicol\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\6102910-red-wallpaper-windows-10.jpg
DNS Servers: 192.168.30.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall ist aktiviert.

Addition

Code:

ATTFilter

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "GoPro Tray App"
HKLM\...\StartupApproved\Run32: => "Syncios device service"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "331BigDog"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "332BigDog"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\StartupApproved\Run: => "AppEx Accelerator UI"
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2090734139-1850318513-3907554720-1001\...\StartupApproved\Run: => "MailStylerWarmup"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{9CC6E13F-7266-4C9E-A4C7-2DAED3E48A4D}] => (Allow) LPort=1688
FirewallRules: [TCP Query User{ABB88168-B4E1-4F20-81AC-AB90FCB36A2D}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{F5B4A611-7760-47AD-AC15-6E742ADADF6B}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe

==================== Wiederherstellungspunkte =========================

11-07-2017 18:15:25 Installed Foxit PhantomPDF Business
01-08-2017 18:50:09 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/03/2017 06:15:30 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: CC4BT BrtCC4BT: [2017/08/03 18:15:30.419]: [00008752]: Failed to launch Main Process.

Error: (08/03/2017 06:15:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe".
Die abhängige Assemblierung "Microsoft.VC80.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/03/2017 06:15:11 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Fehler bei der Installation des Kaufnachweises. 0xC004E016
Teil-Pkey=R6V36
ACID=?
Genauer Fehler[?]

Error: (08/02/2017 09:23:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1406

Error: (08/02/2017 09:23:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1406

Error: (08/02/2017 09:23:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/01/2017 10:30:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1360

Error: (08/01/2017 10:30:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1360

Error: (08/01/2017 10:30:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/01/2017 10:03:05 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Fehler bei der Installation des Kaufnachweises. 0xC004E016
Teil-Pkey=R6V36
ACID=?
Genauer Fehler[?]


Systemfehler:
=============
Error: (08/03/2017 06:15:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/03/2017 06:15:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (08/03/2017 06:15:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (08/03/2017 06:03:05 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (08/02/2017 06:57:24 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (08/01/2017 09:53:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (08/01/2017 09:53:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (08/01/2017 09:52:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (08/01/2017 09:52:13 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (08/01/2017 09:52:13 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\bcmihvsrv64.dll


CodeIntegrity:
===================================
  Date: 2017-08-03 18:15:10.262
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-03 18:15:10.259
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-03 18:13:46.598
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-03 18:13:46.595
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-02 19:32:36.567
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-02 19:32:36.514
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-02 19:00:21.670
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-02 19:00:21.666
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-01 22:20:46.307
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-08-01 21:56:43.102
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD A10-4600M APU with Radeon(tm) HD Graphics 
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 7602.6 MB
Verfügbarer physikalischer RAM: 5467.3 MB
Summe virtueller Speicher: 8818.6 MB
Verfügbarer virtueller Speicher: 6751.41 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:488.1 GB) (Free:408.39 GB) NTFS
Drive d: (Ablage) (Fixed) (Total:931.51 GB) (Free:701.3 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 489 GB) (Disk ID: C4B6C905)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=488.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=871 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7B7640AA)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Fehler besteht leider weiterhin.
Im ca 10 min takt spribgt die Benutzerkontensteuerung an und verlangt ein ja oder nein.

czlfnyii.exe entfernen

Plagegeister aller Art und deren Bekämpfung: czlfnyii.exe entfernen